Feature 002
|
|
| Feature ID |
FEA002 |
| Subsystem the feature is part of |
Epic 03: Prestashop as Service |
| Responsible person |
Hyvärinen Sami |
| Status |
proposal |
Description
Secure service access.
Preliminary user stories
US092: As a Service Provider, we need to enable HTTPS.
This user story focuses on the implementation of HTTPS to encrypt data transmitted between clients and servers, preventing eavesdropping. The key outcome of this feature is to enhance security, build user trust, and meet compliance requirements. Enforcing HTTPS also improves SEO rankings and compatibility with modern browser security standards.
US121: As a Developer, I want to create a password reset function, so that users can regain access if they forget their password.
This user story focuses on implementing a secure and user-friendly password reset mechanism. The key outcome of this feature is to allow users to recover their accounts efficiently while maintaining security best practices. The feature should include email verification, token expiration, and enforced strong passwords to prevent unauthorized access.
Test case ideas and acceptance criteria
US092
| Example test case |
Acceptance criteria |
| Test data encryption using for example wireshark |
Data is encrypted correctly and can't be accessed between the client and the servers |
| Test that the data is received correctly |
Encrypted data is correctly decrypted on the server side |
US121
| Example test case |
Acceptance criteria |
| Test the email verification and that the emails link works |
Email is linked correctly to the account and the password reset -link in the email works |
| Test that the old password gets deleted and can't be used anymore |
User is unable to use the old password after reseting it and they have to use their new one |