# Passwords

Email and password login is a traditional authentication method where users provide a registered email address and a secure password to access an application.

It offers a straightforward setup for both developers and users, with the flexibility to incorporate password policies, multi-factor authentication, and password reset workflows. 

{% hint style="info" %}
While familiar to most users, this method requires robust security measures to protect against common threats like password breaches and phishing attacks.
{% endhint %}

You can see the implementation below

<https://github.com/madewithnovel/novel/blob/main/app/auth/password.ts>

<https://github.com/madewithnovel/novel/blob/main/app/api/internal/v1/auth-strategy/index.ts>

You can create a different Password flow by following this guide

{% embed url="<https://docs.novel.dev/guides/knowledge-base/novel-server/integrating-an-oauth-provider>" %}

## Confugration

You will need to set up the `after_login` setting if you have changed the default page structure in Novel Web.

If you changed `/web/app/(app)/dashboard` to `/web/app/(app)/apps` for example, you will need to change the configuration in `/config/auth.js` .

<pre class="language-typescript" data-title="" data-line-numbers><code class="lang-typescript">/**
 * Override the redirects here with the custom pages that you have so you can reference
 * them easily in your server code.
 */
routes: {
	login: '/login',
	mfa: '/login/mfa',
	forget: '/login/forget',
	link: '/login/link',
	verify: '/mail/verify',
	signup: '/signup',
	<a data-footnote-ref href="#user-content-fn-1">after_login: '/apps',</a>
	logout: '/logout',
},
</code></pre>

## API

{% openapi src="/files/hpwpvNShDhKbLsaTo1Zx" path="/auth/{strategy}" method="post" %}
[openapi.json](https://1230772123-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgjPdizpdFKu8XPFFoBRj%2Fuploads%2FBSDtmhW0VYiMTiBBhApj%2Fopenapi.json?alt=media\&token=6bf741e5-9e70-4443-9b94-5c062e5c697c)
{% endopenapi %}

{% openapi src="/files/hpwpvNShDhKbLsaTo1Zx" path="/auth/{strategy}/callback" method="get" %}
[openapi.json](https://1230772123-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgjPdizpdFKu8XPFFoBRj%2Fuploads%2FBSDtmhW0VYiMTiBBhApj%2Fopenapi.json?alt=media\&token=6bf741e5-9e70-4443-9b94-5c062e5c697c)
{% endopenapi %}

## Changelog

* 2024-12-20 - Initial Documentation

[^1]: Changed from /dashboard


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.novel.dev/novel-server/authentication/passwords.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.