29 lines
1.1 KiB
Markdown
29 lines
1.1 KiB
Markdown
|
# Login with Social Providers
|
||
|
|
|
||
|
|
**ID:** EU-005
|
||
|
|
**Priority:** Medium
|
||
|
|
**Status:** Planned
|
||
|
|
|
||
|
|
## User Story
|
||
|
|
As an end user, I want to log in using my existing Google, GitHub, or Microsoft account so that I don't have to remember another password.
|
||
|
|
|
||
|
|
## Acceptance Criteria
|
||
|
|
- [ ] User can sign in with Google
|
||
|
|
- [ ] User can sign in with GitHub
|
||
|
|
- [ ] User can sign in with Microsoft
|
||
|
|
- [ ] First-time social login creates a new account automatically
|
||
|
|
- [ ] Social login can be linked to existing account
|
||
|
|
- [ ] User can unlink social providers from settings
|
||
|
|
- [ ] Profile data (name, email, avatar) is imported from provider
|
||
|
|
- [ ] User can still set a password for email/password login
|
||
|
|
|
||
|
|
## Technical Notes
|
||
|
|
- Package.json keywords mention OAuth - infrastructure may be partially planned
|
||
|
|
- Implement OAuth 2.0 / OpenID Connect flows
|
||
|
|
- Store provider tokens securely for API access if needed
|
||
|
|
- Handle email conflicts (social email matches existing account)
|
||
|
|
- Consider using passport.js or similar for provider abstraction
|
||
|
|
|
||
|
|
## Related TODOs
|
||
|
|
- New feature - OAuth mentioned in package.json keywords but not implemented
|