Api Login state machine
The login process is a state machine. There are 3 states
- “init” — initial state when /api/login is called
- “password” — intermediate state for password based authentication
- “keyboard-interactive”– intermediate state that prompts for answers to security questions
- “success” — user has successfully logged in
The log in process looks something like this
/api/login
| ———— send {username:”myuser”} ——————————————————–>| (stage “init”)
| <———–result {stage:”password”}————————————————————| (stage “password”) [OPTIONAL]
| ———–send {password:”ssh-password”} ————————————————->|
| <———–result {stage:”keyboard-interactive:,prompt:”Prompt to show user”} ———–| (stage “keyboard-interactive”)
/api/login/keyboard-interactive
| ———–send {answer:”answer to prompt”} ————————————————->|
| <———–result {stage:”keyboard-interactive:,prompt:”Prompt to show user”} ———–| (stage “keyboard-interactive”)
/api/login/keyboard-interactive
…
| ———–send {answer:”answer to prompt”}————————————————->|
| <———– result:{stage:”success”} ———————————————————– | (stage “success”)
User has logged in