When the Endless Aisle app starts, the associate must log in to access
this app. Authentication requires:
- The associate's employee number
- The associate’s code (POS code)
When the associate enters their credentials, Commerce Cloud must
validate the credentials.
- Commerce Cloud uses the store number from the app configuration to
locate the proper store ID in the custom object storeAssociates.
- Using the employeeID (a.k.a employee number) entered by the employee
at the login prompt, Commerce Cloud locates the specific associate in
the store employees. Commerce Cloud retrieves the hashed associate's
code and the salt for the specific employee.
- Commerce Cloud takes the POS code entered by the employee, adds the
salt to it, and hashes it using SHA512 hash (pos code + salt). Commerce
Cloud compares the hash it just calculated to the one stored on the
employee record. If they match, the credentials are good. If they don't
match, the credentials are bad.
On app startup and associate login, the Business Manager username and
password are put onto the session:
- Commerce Cloud uses the store number to retrieve the Business
Manager username and password from the storeCredentials custom
object.
- Commerce Cloud tries to log in that Business Manager user.
- If the login succeeds, the app continues.
- If the login doesn't succeed, an error is reported in the app, and
the credentialsExpired flag gets set on that storeCredentials custom
object.