Customer Onboarding Process
Author(s)
- Abhishak Kumar Roy
Last Updated Date
2025-07-14
SRS References
Version History
| Version | Date | Changes | Author |
|---|---|---|---|
| 1.0 | 2025-07-14 | Initial draft | Abhishak Kumar Roy |
Feature Overview
Objective: To enable a smooth and flexible sign-up process for users accessing the MyBestDealNow platform via web or mobile — through either Google authentication or a simple form with optional OTP verification.
Scope: This feature covers:
- Website or app entry point
- Signup via Google OAuth
- Signup via form (email, password, etc.)
- Optional OTP verification via email/phone
- Post-signup redirection to portal dashboard
Dependencies:
- IAM Service & Customer Service
- Google OAuth APIs
- Email/SMS Gateway (Twilio, WhatsApp)
- OTP Microservice
Requirements
- Users can access the platform from mobile or web.
- Users can sign up using either Google or a form.
- Form must capture name, email, phone, and password.
- Platform must support optional OTP verification (email or phone).
- Successful signup leads users to their personalized dashboard.
Design Specifications
UI/UX Design
Data Models (C#)
public class CustomerSignUpInfo
{
public Guid CustomerId { get; set; } = Guid.NewGuid();
[Required]
public string Name { get; set; }
[Required]
[EmailAddress]
public string Email { get; set; }
public string Phone { get; set; }
[Required]
public string PasswordHash { get; set; }
public AuthProvider AuthProvider { get; set; } = AuthProvider.Form;
public bool IsOtpVerified { get; set; } = false;
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
public DateTime? LastLoginAt { get; set; }
}
public enum AuthProvider
{
Form = 0,
Google = 1,
Facebook = 2,
Apple = 3
}
public class OtpVerification
{
public Guid Id { get; set; } = Guid.NewGuid();
[Required]
public Guid CustomerId { get; set; }
[Required]
public string OtpCode { get; set; }
public OtpChannel Channel { get; set; }
public bool IsVerified { get; set; } = false;
public DateTime ExpiryTime { get; set; }
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
}
public enum OtpChannel
{
Email = 0,
Phone = 1
}
API Interfaces
| Endpoint | Method | Parameters | Response | Status Codes |
|---|---|---|---|---|
/api/v1/auth/google | POST | GoogleToken | Auth token, redirect | 200, 400, 500 |
/api/v1/auth/signup | POST | Name, Email, Phone, Password | User ID, status | 201, 400, 500 |
/api/v1/auth/verify | POST | UserId, OTP, Channel | Success/Fail message | 200, 401, 500 |
Third-Party Integrations
- Google OAuth (for social login)
- Twilio (SMS-based OTP)
- Email Service
Workflow
-
User visits website or installs the app.
-
Chooses:
-
Google Sign-In → completes OAuth → auto-login to dashboard
-
Form-based Signup:
- Enters name, email, phone, password
- (If enabled) receives OTP via email or phone
- Verifies OTP
-
-
On successful sign-up/login, the user is redirected to the portal dashboard.
Development Tasks & Estimates
| No | Task Name | Estimate (Hours) | Dependencies | Notes |
|---|---|---|---|---|
| 1 | Google OAuth Integration | 6 hrs | Google API | |
| 2 | Form Signup Implementation | 8 hrs | IAM Service | |
| 3 | OTP Verification Module | 10 hrs | Email/SMS Gateway | Optional config flag |
| 4 | Dashboard Redirection | 3 hrs | Frontend Router | |
| 5 | Total | 27 hrs |
Testing & Quality Assurance
Unit Tests
- Form validation logic
- OTP code generation & verification
- Password hashing
Integration Tests
- Google sign-in callback
- Full user creation flow with form and OTP
Acceptance Criteria
- User can register and login via Google or form
- OTP verification is triggered only if enabled
- User is redirected to dashboard on success
- Invalid OTP fails gracefully
Testing Tools
- Postman
- Jest / xUnit
- Selenium / Cypress
- BrowserStack (for cross-platform validation)
Deployment Considerations
Configuration Changes
- Environment variables for OAuth client keys
- Toggle for OTP requirement
- API keys for SMS/email providers
Rollout Plan
- Phase 1: Google OAuth only
- Phase 2: Enable form signup + OTP in production
Risks & Mitigations
| Risk | Impact | Likelihood | Mitigation Strategy |
|---|---|---|---|
| OTP not delivered timely | Medium | Medium | Retry mechanism, fallback to email |
| Duplicate user signups | Medium | High | Email uniqueness enforcement |
| Google OAuth token mismatch | High | Low | Pre-production testing + fallback login |
Review & Approval
- Reviewer: Abhishak Kumar Roy
- Approval Date: 2025-07-14
Notes This onboarding workflow is designed for rapid user registration with flexibility to toggle security measures like OTP as the platform scales. The flow will evolve with avatar onboarding and auction suggestions in the post-login phase.