Web Authentication
Web Authentication
Section titled “Web Authentication”The web platform provides a complete authentication system with individual and organization account types, password and OTP-based login, email verification, and an onboarding flow for new users. Session tokens are stored securely and managed by the server.
Key Capabilities
Section titled “Key Capabilities”Registration
Section titled “Registration”- Individual Registration — Name, email, password with validation
- Organization Registration — Extended form on a separate sign-in page
- Email OTP Verification — 6-digit OTP dialog after registration, auto-redirects to onboarding
Sign In
Section titled “Sign In”- Password Mode — Email + password with animated transitions
- OTP Mode — Toggle to “Login with OTP”, password field hidden, OTP sent to email
- Unverified Email Alert — Dialog offering to resend OTP when signing in with unverified email
- Server Actions — Server-side authentication handles secure cookie management
Onboarding
Section titled “Onboarding”- Account Type Selection — Individual vs. Organization
- Organization Details — Name, website, address, team size, industry, emails, phone, description
- Progress Bar — Visual profile completion indicator
- Admin Approval — New org accounts require admin approval before activation
Password Recovery
Section titled “Password Recovery”- Forgot Password — Email-based password reset
Session Management
Section titled “Session Management”- Secure Tokens — Access and refresh tokens stored in HTTP-only cookies
- Logout — Server securely deletes session and redirects to sign-in
User Flow
Section titled “User Flow”- Visit sign-in page → enter email + password (or switch to OTP)
- New user → Register → receive OTP → verify email → onboarding
- Onboarding → choose Individual/Organization → complete profile
- Org accounts → wait for admin approval
- Logged in → access dashboard, create posts, view profile
- Logout → cookie deleted, redirected to sign-in
How It Works
Section titled “How It Works”When you sign in or register, your credentials are sent securely to the EarthTeam servers. If you use a password, it is verified against your account. If you choose OTP login, a one-time code is emailed to you — enter it on the login screen and you’re signed in right away, no password needed.
New users go through a registration flow where they provide their name and email, then verify their email address by entering a 6-digit code sent to their inbox. Once verified, they are guided through an onboarding process where they choose between an individual or organization account and fill in their profile details. Organization accounts require admin approval before they become active.
Session tokens are stored as secure HTTP-only cookies, keeping your login active until you sign out. The logout process clears the session and returns you to the sign-in page.
Related Features
Section titled “Related Features”- Mobile Auth — Same auth on the mobile app
- Dashboard — Where authenticated users land
- Auth API — Backend auth endpoint details