Login & Authentication
Login & Authentication
Section titled “Login & Authentication”MICHAMP uses a secure JWT (JSON Web Token) based authentication system combined with session management to protect your account.
Logging In
Section titled “Logging In”Basic Login
Section titled “Basic Login”- Navigate to dashboard.michamp.com
- Enter your username (not email)
- Enter your password
- Optionally check “Stay logged in” for extended session
- Click “Sign In”
Login Options
Section titled “Login Options”Stay Logged In Checkbox
This option extends your session timeout:
| Option | Session Duration | Best For |
|---|---|---|
| Unchecked | 15 minutes | Shared computers, public WiFi |
| ✅ Checked | 60 minutes | Personal devices, trusted networks |
Cookie Consent
Section titled “Cookie Consent”On your first login (or after clearing cookies), you’ll see a Cookie Policy modal explaining session management.
Your Choices
Section titled “Your Choices”Option 1: Accept Session Cookies (Recommended)
- ✅ Standard session timeouts (15 or 60 minutes)
- ✅ Stay logged in across browser tabs
- ✅ Session persists through page refreshes
- ✅ Best user experience
Option 2: Deny Session Cookies (Limited)
- ⚠️ 5-minute session timeout
- ⚠️ Logged out when closing tab
- ⚠️ Logged out on page refresh
- ⚠️ Must log in for each new tab
What Cookies We Use
Section titled “What Cookies We Use”MICHAMP uses cookies exclusively for session management:
michamp_dash_session - Stores session state and timeoutmichamp_dash_last_activity - Tracks last activity for timeoutmichamp_dash_cookie_consent_[userid] - Remembers your choiceWe do NOT use:
- ❌ Tracking cookies
- ❌ Analytics cookies
- ❌ Advertising cookies
- ❌ Third-party cookies
Authentication Flow
Section titled “Authentication Flow”1. Login Request
Section titled “1. Login Request”When you submit your credentials:
POST /api/login{ "username": "your-username", "password": "your-password"}2. Server Validation
Section titled “2. Server Validation”The server:
- Verifies your username exists
- Checks your password (hashed comparison)
- Confirms email is verified
- Generates a JWT token
3. Response
Section titled “3. Response”On success, you receive:
{ "success": true, "data": { "user": { /* your user details */ }, "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "serviceplan": { /* your plan details */ } }}4. Session Creation
Section titled “4. Session Creation”After cookie consent:
- Session data stored in localStorage
- JWT token saved for API requests
- Session timeout configured based on your choices
Session Management
Section titled “Session Management”Session Timeouts
Section titled “Session Timeouts”Your session timeout depends on two factors:
Cookie Acceptance + Stay Logged In
| Cookies | Stay Logged In | Timeout | Persistence |
|---|---|---|---|
| ✅ Accepted | ✅ Checked | 60 minutes | Full |
| ✅ Accepted | Unchecked | 15 minutes | Full |
| ❌ Denied | Any | 5 minutes | None |
Activity Tracking
Section titled “Activity Tracking”Your session timer resets on these activities:
- Clicking anywhere on the page
- Keyboard input
- Mouse movement
- Scrolling
- Touch events (mobile)
Session Expiration
Section titled “Session Expiration”When your session expires:
- You’ll be automatically logged out
- Redirected to the login page
- A message explains the session ended
- Your data remains secure
Security Features
Section titled “Security Features”Password Security
Section titled “Password Security”During Login:
- Passwords transmitted over HTTPS only
- Never stored in plain text
- Compared using bcrypt hashing
- Failed attempts are logged
Password Requirements:
- Minimum 8 characters
- Case-sensitive
- Special characters allowed
JWT Tokens
Section titled “JWT Tokens”Token Properties:
- Expires after session timeout
- Signed with secret key (server-side)
- Contains user ID and permissions
- Validated on every API request
Token Storage:
// Stored in localStorage (when cookies accepted)localStorage.getItem('michamp_token')Session Validation
Section titled “Session Validation”The system checks your session every 5 seconds:
// Checks if session is still validif (!session.is_expired()) { // Continue session} else { // Auto-logout}Troubleshooting Login Issues
Section titled “Troubleshooting Login Issues””Invalid username or password”
Section titled “”Invalid username or password””Causes:
- Incorrect username (case-sensitive)
- Wrong password
- Caps Lock enabled
- Extra spaces in username/password
Solutions:
- Double-check your username spelling
- Verify Caps Lock is off
- Try copying/pasting to avoid typos
- Use Forgot Password if needed
”Email not verified”
Section titled “”Email not verified””Cause: You haven’t clicked the verification link from your registration email.
Solution:
- Check your email inbox (and spam folder)
- Find the MICHAMP verification email
- Click the verification link
- Try logging in again
Session Expires Too Quickly
Section titled “Session Expires Too Quickly”Cause: Cookies denied or “Stay logged in” not checked.
Solutions:
- Clear your cookies and log in again
- Accept cookies when prompted
- Check “Stay logged in” box
- Ensure browser allows localStorage
Can’t Stay Logged In Across Tabs
Section titled “Can’t Stay Logged In Across Tabs”Cause: Cookies denied or browser settings blocking localStorage.
Solutions:
- Accept session cookies when logging in
- Check browser privacy settings:
- Allow localStorage for michamp.com
- Don’t block first-party cookies
- Try incognito/private mode to test
- Update browser to latest version
Browser/Device Specific Issues
Section titled “Browser/Device Specific Issues”Safari Private Mode:
- localStorage may be restricted
- Accept cookies or use normal mode
Firefox Enhanced Privacy:
- May block localStorage
- Add michamp.com to exceptions
Mobile Browsers:
- Sessions work normally
- Touch events tracked for activity
- Background tabs may timeout faster
Forgot Password
Section titled “Forgot Password”If you can’t remember your password:
- Click “Forgot password?” on login page
- Enter your email address
- Check your email for reset link
- Click the link (valid for 1 hour)
- Enter new password
- Confirm new password
- Log in with new password
See Password Reset Guide for details.
Security Best Practices
Section titled “Security Best Practices”✅ Do’s
Section titled “✅ Do’s”- ✅ Use a unique, strong password
- ✅ Enable “Stay logged in” only on personal devices
- ✅ Accept cookies for full functionality
- ✅ Log out when using shared computers
- ✅ Keep your browser updated
- ✅ Use HTTPS always (automatic)
❌ Don’ts
Section titled “❌ Don’ts”- ❌ Share your password with anyone
- ❌ Use the same password as other services
- ❌ Stay logged in on public computers
- ❌ Share your JWT token
- ❌ Save passwords in insecure locations
Multi-Device Access
Section titled “Multi-Device Access”Same Account, Multiple Devices
Section titled “Same Account, Multiple Devices”You can log in on multiple devices simultaneously:
- Each device gets its own session
- Sessions are independent
- Logging out on one doesn’t affect others
- Each session has its own timeout
Session Synchronization
Section titled “Session Synchronization”Sessions do NOT synchronize:
- Changes on Device A don’t update Device B automatically
- Refresh the page to see latest data
- Each device maintains its own authentication state
Advanced Topics
Section titled “Advanced Topics”API Authentication
Section titled “API Authentication”When using the MICHAMP API:
curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \ https://api.michamp.com/v1/walletsSee API Authentication for details.
Browser Extension Authentication
Section titled “Browser Extension Authentication”The browser extension uses API keys instead of JWT:
headers: { 'X-API-Key': 'your-api-key-here'}See Extension Setup for details.
Next Steps
Section titled “Next Steps”→ Session Management - Detailed session info
→ Profile Settings - Manage your account
→ Security Best Practices - Stay secure