TA

Tibiantica

web command deck

Sign in

Access flow

Sign in first, then branch into account creation only when needed.

1. Browser posts credentials to `POST /api/web-auth/login`.

2. API returns an access token and sets the refresh cookie.

3. Frontend keeps the access token in memory and uses it for protected API calls.

4. After reload, the auth provider calls `POST /api/web-auth/refresh` to silently rebuild the session.

5. If you need a new account, switch to the dedicated create-account view instead of mixing both forms together.

JWT sign-in

Access your account desk.

Use your account number and password to continue. If you do not have an account yet, switch to the create-account view.

Need a new account?

Forgot password

Enter the email tied to the account to receive a reset link.

Already have a reset link? Open reset screen.

Access tokens stay client-side in memory. Refresh tokens stay in an HTTP-only cookie and silently restore the session after reload.