1. Functional Flows
   1. User enters the login page by entering the URL "<company>.scalekit.com/login
      1. Validate if there is any existing login token
         1. No
            1. Verify the URL "<company>.scalekit.com/login"
            2. Validate the Company Logo
            3. Validate the page as per the figma design "Company-name, logo, color etc)"
         2. Yes
            1. User is directed to the app page
   2. Validate user enters the URL of the application but no token exists or expired
      1. User is directed to login page of the scale kit tenant ie <company>.scalekit.com/login
   3. User on ScaleKit login Page
      1. Verify the login method
         1. Google
         2. User Email and Password
2. Login Method
   1. Google
      1. Verify the user is directed to the login page of google
      2. If session exists
         1. User will be asked to allow and other process
      3. If no google exists
         1. User is asked to login in the google login page
      4. On successful authentication
         1. User is directed to app
      5. Verify user google account is same as the company account
      6. Verify if other account, user is not allowed and proper error is thrown
      7. Verify if user account is active state
   2. Password
      1. Verify the email id format should be @<company name>
      2. If user enters other account, it should throw 401
      3. Verify the password entered are hidden
      4. Verify when password is sent , its encypted
      5. Verify the capta is always shown in email pass login
      6. Verify on functionality of capta
         1. Substract, addtion etc
            1. Verify the correct result
            2. Verify if wrong result
      7. Verify if wrong capta is sent , no login api call is made by FE
      8. Verify the response from the API if all above is correct
         1. 200 when login
         2. 400 when wrong creds
      9. On 400, it should not allow to login and shows the correct error on FE
      10. Verify if the login is success but the user is deactivated
      11. Verify for any state issue in the FE part
3. Main Topic 3
4. Requirement
   1. * Given the following functional requirements, draft the test cases. Assign an priority of each of the test case with the right justification. * Login * A login page where users from a particular organization can login * Its a multi-tenanted system and the url of the login page is like - <company>.scalekit.com/login * The page will have the tenant specific details (Company-name, logo, color etc) * Two types of login methods are available * Login with email and password * Login with Google * Password based login will have a captcha field associated with it. It will have a number challenge where the user has to add/subtract the numbers in the captcha image and write the result in the field * Successful login will take the user inside the app * Logout * Logging out will take the user out of the app and land them to the login page * A session timeout will also do the same * If multiple tabs of the app are opened in different tabs, logging out from one tabs should log out from all others
5. Logout
   1. On button click
      1. Verify logout api call is made for the user
         1. Verify the user is re directed to the same login page of the smae company
         2. Verify in Db if the token is set to expired
         3. Verify if the same user tries from a different tab , he is show the login page
      2. Verify the API has the user id and token that needs to be logout
   2. On token expiration
      1. No activity expiration
      2. Time out expiry