Log in with email and password

• Given a registered user on the login screen, when they enter a valid email and password and tap Sign In, then they are authenticated and navigated to their role-specific home screen
• Given the login screen is displayed, when the user has not interacted with any field, then the Sign In button is enabled but form validation triggers on tap
• Given a user submits the form, when the Supabase Auth call is in progress, then a loading indicator is displayed and the Sign In button is disabled to prevent duplicate submissions
• Given successful authentication, when the session is established, then a secure JWT token is stored via Flutter Secure Storage and the session persists across app restarts
• Given the login screen, when the user activates a field with a screen reader (VoiceOver or JAWS), then all fields have descriptive labels and status announcements are read aloud
• Given WCAG 2.2 AA requirements, when the login form is rendered, then all text, input borders, and interactive elements meet minimum contrast ratios

Email and password login is the foundational authentication mechanism that guarantees no user is locked out due to third-party identity provider unavailability. It is the only login path that works without BankID or Vipps, making it essential for onboarding new administrators, supporting test and QA users, and providing continuity during BankID or Vipps outages. Without this story, the application has no reliable fallback authentication, which would block staff access during incidents and exclude users not yet enrolled in Norwegian e-ID services.

• Login Screen ui
• Auth Service service
• Auth Repository data
• Supabase Auth infrastructure