🔐 Solver Authentication Overview

The Solver Authentication Module manages secure access for field workers (solvers) who are responsible for inspecting, monitoring, and verifying civic tasks assigned by administrators.

Unlike citizens, solvers cannot self-register. All solver accounts are created and managed by administrators to ensure controlled access and accountability.

This module provides authentication mechanisms that allow solvers to log in, manage sessions, and secure their accounts.

🎯 Key Objectives

Ensure only authorized field workers can access solver APIs.
Prevent public registration or unauthorized access.
Allow secure login using admin-provided credentials.
Enforce password change after first login.
Maintain session security using access and refresh tokens.

🔑 Authentication Model

Solver accounts are created by Admin only.
Each solver receives:
a registered email or username
a temporary password generated by the system.
Solvers must change their password after first login.
Authentication uses JWT-based access and refresh tokens.

🧩 Supported Actions

Login using credentials provided by admin
Refresh expired access tokens
Logout securely from the system
Change password to secure account

🔐 Security Rules

❌ No public registration
❌ No email verification flow
❌ No Google / social login
✅ Role-restricted access (solver-only APIs)
✅ Token-based session handling
✅ Mandatory password update on first login

📦 Available Endpoints

Feature	Method	Endpoint
Solver Login	`POST`	`/api/solver/auth/login`
Refresh Token	`POST`	`/api/solver/auth/refresh`
Logout	`POST`	`/api/solver/auth/logout`
Change Password	`POST`	`/api/solver/auth/change-password`

👥 Who Uses This?

Solvers (Field Workers)
Use this module to securely access assigned tasks and submit inspection or resolution updates.
Admins
Create and manage solver accounts but do not authenticate through this module.

ℹ️ The Solver Authentication Module ensures controlled, secure, and accountable access for field-level civic operations.