Receive clear, localized error feedback on login failure

When authentication fails, the user must receive actionable, localized feedback rather than a generic error. The Auth Service maps Supabase AuthException types to specific error categories: invalid credentials, unverified email, too many requests (rate limiting), network failure, and account disabled. Each error type renders a distinct in-form message guiding the user — for example, invalid credentials shows 'Incorrect email or password' with a link to password reset, while rate limiting shows a cooldown message. Error messages meet WCAG 2.2 AA contrast requirements and are announced by screen readers via semantic status roles. This directly addresses the pain point of older or less digitally fluent peer mentors who become confused by vague technical errors.

HIGH story-email-password-login-organization-administrator-002 2 pts

Story Points

High

Priority

Email & Password Login

Feature

User Story

As a user

I want to see a clear and specific error message when my login attempt fails

So that So that I understand what went wrong and know exactly what action to take to resolve the issue

Acceptance Criteria

Given a user enters an incorrect password, when they submit the form, then an inline error message 'Incorrect email or password. Forgot your password?' is shown with a tappable reset link
Given a user attempts login with an unverified email, when authentication is rejected, then the error message states that email verification is required and offers to resend the verification email
Given a network failure during login, when the Supabase call times out, then a user-friendly offline message is shown with a retry option
Given Supabase returns a rate limit error, when too many failed attempts have been made, then the error message informs the user to wait before trying again
Given an error message is displayed, when a screen reader is active, then the error is announced immediately using an ARIA live region or equivalent semantic role
Given any error state, when the user corrects their input and resubmits, then the previous error message is cleared before the new attempt

Business Value

Clear error feedback reduces support escalations by enabling users to self-serve their way through common authentication problems. This is especially important for the peer mentor segment, which includes users with lower digital literacy, older age groups, and users relying on screen readers. Vague errors cause users to abandon the app or contact coordinators, creating support burden. Localized, specific errors also ensure WCAG 2.2 AA compliance, which is a stated must-have across all three participating organizations.

Components

Login Screen ui
Auth Service service
Supabase Auth infrastructure

Email & Password Login

Related Feature

Organization Administrator

User Role