{ "feature": "signup", "version": "1.0.0", "description": "Register a new user account with email and password", "category": "auth", "tags": [ "registration", "onboarding", "account-creation", "identity", "saas" ], "fields": [ { "name": "first_name", "type": "text", "required": true, "label": "First Name", "placeholder": "John", "validation": [ { "type": "required", "message": "First name is required" }, { "type": "minLength", "value": 1, "message": "First name is required" }, { "type": "maxLength", "value": 100, "message": "First name is too long" }, { "type": "pattern", "value": "^[\\p{L}\\s'-]+$", "message": "First name contains invalid characters" } ] }, { "name": "last_name", "type": "text", "required": true, "label": "Last Name", "placeholder": "Doe", "validation": [ { "type": "required", "message": "Last name is required" }, { "type": "minLength", "value": 1, "message": "Last name is required" }, { "type": "maxLength", "value": 100, "message": "Last name is too long" }, { "type": "pattern", "value": "^[\\p{L}\\s'-]+$", "message": "Last name contains invalid characters" } ] }, { "name": "email", "type": "email", "required": true, "label": "Email Address", "placeholder": "you@example.com", "validation": [ { "type": "required", "message": "Email is required" }, { "type": "email", "message": "Please enter a valid email address" }, { "type": "maxLength", "value": 255, "message": "Email is too long" }, { "type": "unique", "message": "An account with this email already exists" } ] }, { "name": "password", "type": "password", "required": true, "label": "Password", "sensitive": true, "validation": [ { "type": "required", "message": "Password is required" }, { "type": "minLength", "value": 8, "message": "Password must be at least 8 characters" }, { "type": "maxLength", "value": 64, "message": "Password must be less than 64 characters" }, { "type": "pattern", "value": "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d).+$", "message": "Password must contain uppercase, lowercase, and a number" } ] }, { "name": "confirm_password", "type": "password", "required": true, "label": "Confirm Password", "sensitive": true, "validation": [ { "type": "required", "message": "Please confirm your password" }, { "type": "match", "field": "password", "message": "Passwords do not match" } ] }, { "name": "terms_accepted", "type": "boolean", "required": true, "label": "I agree to the Terms of Service and Privacy Policy", "default": false, "validation": [ { "type": "required", "message": "You must accept the terms to create an account" } ] } ], "rules": { "security": { "password_hashing": { "algorithm": "bcrypt", "salt_rounds": 12 }, "rate_limit": { "window_seconds": 3600, "max_requests": 5, "scope": "per_ip" }, "email_enumeration_prevention": { "enabled": true }, "bot_protection": { "type": "none" } }, "account": { "default_role": "user", "email_verified_on_signup": false, "auto_login_after_signup": false }, "email": { "case_sensitive": false, "trim_whitespace": true } }, "outcomes": { "rate_limited": { "priority": 1, "error": "SIGNUP_RATE_LIMITED", "given": [ { "field": "request_count", "source": "computed", "operator": "gt", "value": 5, "description": "More than 5 signup attempts in 1 hour from this IP" } ], "result": "show \"Too many attempts. Please try again later.\"" }, "validation_failed": { "priority": 2, "error": "SIGNUP_VALIDATION_ERROR", "given": [ "any field fails its validation rules" ], "result": "show per-field error messages inline" }, "bot_detected": { "priority": 3, "error": "SIGNUP_RATE_LIMITED", "given": [ { "any": [ { "field": "honeypot", "source": "input", "operator": "exists", "description": "Hidden honeypot field was filled (bots only)" }, { "field": "captcha", "source": "input", "operator": "eq", "value": false, "description": "CAPTCHA verification failed" } ] } ], "then": [ { "action": "emit_event", "event": "signup.bot_detected", "payload": [ "ip_address", "timestamp", "detection_method" ] } ], "result": "show generic rate limit error (don't reveal bot detection triggered)" }, "email_already_registered": { "priority": 4, "error": "SIGNUP_EMAIL_TAKEN", "given": [ { "field": "email", "source": "db", "operator": "exists", "description": "Email already exists in database" } ], "then": [ { "action": "emit_event", "event": "signup.duplicate_email", "payload": [ "email", "timestamp", "ip_address" ] }, { "action": "notify", "channel": "email", "template": "existing_account_notification", "to": "existing_user", "description": "Alert the existing account holder" } ], "result": "show SAME success response as new signup (enumeration prevention)" }, "successful_signup": { "priority": 10, "transaction": true, "given": [ { "field": "first_name", "source": "input", "operator": "matches", "value": "^[\\p{L}\\s'-]+$", "description": "First name is valid (Unicode letters, hyphens, apostrophes)" }, { "field": "last_name", "source": "input", "operator": "matches", "value": "^[\\p{L}\\s'-]+$", "description": "Last name is valid" }, { "field": "email", "source": "input", "operator": "matches", "value": "^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$", "description": "Email is valid format" }, { "field": "email", "source": "db", "operator": "not_exists", "description": "Email is not already registered" }, { "field": "password", "source": "input", "operator": "matches", "value": "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d).{8,64}$", "description": "Password meets requirements (8-64 chars, upper+lower+digit)" }, { "field": "confirm_password", "source": "input", "operator": "eq", "value": "password", "description": "Confirm password matches password" }, { "field": "terms_accepted", "source": "input", "operator": "eq", "value": true, "description": "User accepted terms of service" } ], "then": [ { "action": "create_record", "type": "user", "target": "user", "description": "Create user with hashed password (bcrypt, 12 rounds), role 'user', email_verified false" }, { "action": "notify", "channel": "email", "template": "verification_email", "to": "user", "description": "Send email verification link" }, { "action": "emit_event", "event": "signup.success", "payload": [ "user_id", "email", "timestamp", "ip_address", "user_agent" ] } ], "result": "redirect to confirmation page with \"Account created! Please check your email to verify.\"" } }, "errors": [ { "code": "SIGNUP_VALIDATION_ERROR", "status": 422, "message": "Please check your input and try again", "retry": true }, { "code": "SIGNUP_EMAIL_TAKEN", "status": 409, "message": "Unable to create account. Please try a different email or sign in.", "retry": true }, { "code": "SIGNUP_RATE_LIMITED", "status": 429, "message": "Too many attempts. Please try again later.", "retry": false }, { "code": "SIGNUP_TERMS_NOT_ACCEPTED", "status": 422, "message": "You must accept the terms to create an account", "retry": true }, { "code": "SIGNUP_PASSWORD_WEAK", "status": 422, "message": "Password does not meet security requirements", "retry": true }, { "code": "SIGNUP_PASSWORD_MISMATCH", "status": 422, "message": "Passwords do not match", "retry": true } ], "events": [ { "name": "signup.success", "description": "New account created successfully", "payload": [ "user_id", "email", "timestamp", "ip_address", "user_agent" ] }, { "name": "signup.duplicate_email", "description": "Signup attempted with an existing email", "payload": [ "email", "timestamp", "ip_address" ] }, { "name": "signup.bot_detected", "description": "Bot protection triggered during signup", "payload": [ "ip_address", "timestamp", "detection_method" ] }, { "name": "signup.verification_sent", "description": "Verification email dispatched", "payload": [ "user_id", "email", "timestamp", "expires_at" ] } ], "related": [ { "feature": "login", "type": "required", "reason": "After signup, user needs to log in", "ui_link": "Already have an account? Sign in", "ui_link_position": "below_form" }, { "feature": "email-verification", "type": "required", "reason": "New accounts must verify their email" }, { "feature": "password-reset", "type": "recommended", "reason": "Users who just signed up may still need password reset" } ], "agi": { "goals": [ { "id": "reliable_signup", "description": "Register a new user account with email and password", "success_metrics": [ { "metric": "unauthorized_access_rate", "target": "0%", "measurement": "Failed authorization attempts that succeed" }, { "metric": "response_time_p95", "target": "< 500ms", "measurement": "95th percentile response time" } ], "constraints": [ { "type": "security", "description": "Follow OWASP security recommendations", "negotiable": false }, { "type": "security", "description": "Sensitive fields must be encrypted at rest and never logged in plaintext", "negotiable": false } ] } ], "autonomy": { "level": "supervised", "human_checkpoints": [ "before modifying sensitive data fields" ], "escalation_triggers": [ "error_rate > 5", "consecutive_failures > 3" ] }, "safety": { "action_permissions": [ { "action": "rate_limited", "permission": "autonomous" }, { "action": "validation_failed", "permission": "autonomous" }, { "action": "bot_detected", "permission": "autonomous" }, { "action": "email_already_registered", "permission": "autonomous" }, { "action": "successful_signup", "permission": "autonomous" } ] }, "tradeoffs": [ { "prefer": "security", "over": "performance", "reason": "authentication must prioritize preventing unauthorized access" } ], "verification": { "invariants": [ "sensitive fields are never logged in plaintext", "all data access is authenticated and authorized", "error messages never expose internal system details" ] }, "coordination": { "protocol": "request_response", "consumes": [ { "capability": "login", "from": "login", "fallback": "fail" }, { "capability": "email_verification", "from": "email-verification", "fallback": "fail" } ] } }, "ui_hints": { "layout": "single_column_centered", "max_width": "480px", "show_logo": true, "fields_order": [ "first_name", "last_name", "email", "password", "confirm_password", "terms_accepted" ], "field_grouping": [ { "group": "name", "fields": [ "first_name", "last_name" ], "layout": "side_by_side" } ], "actions": { "primary": { "label": "Create account", "type": "submit", "full_width": true } }, "links": [ { "label": "Already have an account? Sign in", "target": "login", "position": "below_form" }, { "label": "Terms of Service", "target": "terms", "position": "inline_with_checkbox", "external": true }, { "label": "Privacy Policy", "target": "privacy", "position": "inline_with_checkbox", "external": true } ], "accessibility": { "autofocus": "first_name", "autocomplete": { "first_name": "given-name", "last_name": "family-name", "email": "email", "password": "new-password", "confirm_password": "new-password" }, "aria_live_region": true }, "loading": { "disable_button": true, "show_spinner": true, "prevent_double_submit": true }, "password_strength": { "show_meter": true, "show_requirements": true } }, "extensions": { "nextjs": { "route": "/signup", "layout": "(auth)", "server_action": true, "middleware_redirect": "/dashboard" }, "express": { "route": "/api/auth/signup", "middleware": [ "rate-limit", "cors" ] }, "laravel": { "guard": "web", "middleware": [ "guest" ], "notification": "VerifyEmail" } } }