Unified Login Implementation
Overview
Implemented a unified login flow that checks if a user exists before presenting authentication options, as requested.
Changes Made
Frontend
Created UnifiedLogin Component (
frontend/src/components/auth/UnifiedLogin.jsx)- Email-first approach where users enter their email address
- Checks if user exists via
/api/auth/check-userendpoint - Presents appropriate authentication methods based on user configuration
- Shows registration prompt if user doesn’t exist
- Supports multiple authentication methods (password, passkey, etc.)
Updated Routes (
frontend/src/auth/AuthenticationWrapper.jsx)- Changed
/loginroute to use UnifiedLogin component instead of Login component - Maintains backward compatibility with other auth routes
- Changed
Backend
- Added Check User Endpoint (
app/routes/auth_routes.py)- New endpoint:
POST /api/auth/check-user - Accepts email address in request body
- Returns whether user exists and available authentication methods
- Currently checks local User database and PasskeyCredential table
- New endpoint:
API Endpoint Details
POST /api/auth/check-user
Request:
{
"email": "user@example.com"
}
Response (user exists):
{
"exists": true,
"authMethods": ["password", "passkey"]
}
Response (user doesn’t exist):
{
"exists": false,
"authMethods": []
}
User Flow
- User visits
/login - User enters email address
- System checks if user exists
- If user exists:
- With passkey only: Directly initiates passkey authentication
- With multiple methods: Shows method selection screen
- With password only: Shows password entry screen
- If user doesn’t exist:
- Shows friendly message with option to create account
- Provides link to registration page
Testing
Use the test script to verify the implementation:
./scripts/troubleshooting/test_unified_login.sh
Or manually test:
- Visit https://localhost:8443/login
- Try with existing and non-existing email addresses
- Verify appropriate flows are presented