customer-portal-requirements.txt
Upload • text/plain • 5/7/2026, 1:23:03 PM
Project: Customer self-service portal As a registered customer, I want to log in with my email and password so that I can view my account dashboard. Acceptance criteria: - Customers can log in with valid credentials. - Invalid credentials show a clear error message and do not sign the user in. - Locked accounts must not be allowed to log in. - Customers can filter their order history by date range and status. - Exporting order history creates a downloadable CSV file. - Admin users can impersonate a customer only when they have the Support Manager role. - All sensitive actions must be audited. Business rules: - Passwords must never be displayed. - Date filters cannot exceed a 24 month range. - CSV exports must include order ID, order date, order status, total, and payment status. - A user with more than five failed login attempts is locked for 30 minutes.