Created by User f4e05, last modified by Norbert Bérci (Unlicensed) on Dec 01, 2022

Technical Analysis

After SM-7444 - SaFi-2022-21 SaFi Mobile Lack of Logout Functionality Done we’ve decided that the Login / Logout flows need to be implemented.

The current states and transitions are at https://safibank.atlassian.net/wiki/spaces/ITArch/pages/71959202/Offboard+user+-+deny+login#State-Diagram. We need to add a single new state, e.g. “LOGGED_OUT“ that is used when the user logs out and the continue to use the “IN_PROGRESS“ when the user is logged in.

On the BE (iam-manager) two new endpoints need to be created: /login and /logout that handles the main transitions for the new state and all other states should be extended with the error handling (as per the diagram above).

The IAM auth library does not need to be modified because it only allows keys in the IN_PROGRESS state to be used successfully for signature verification.

Note:

  • the login flow may include DFP check (if needed)

  • session management may be implemented on the BE side that automatically logs out the customer

  • BE may reply with an error stating that the user is logged out (if the signature is valid) to aid the FE to handle this case

Attachments:

key states with logout.drawio (application/vnd.jgraph.mxfile)
key states with logout.drawio.png (image/png)