A lot of different things go into a login process.
At first it sounds like a very simple idea. It’s a form with two fields, a username/email and a password. The user fills in the form and is logged in.
Once you then start to dive in deeper a lot of questions and design decisions start to crop up.
Do you use usernames or emails? You only need a unique value to identify the account. So is best to allow a username or just stick to an email address?
If a user enters the wrong username/email how can you show them? Do they have to wait until they submit the form to get an error message? Do they get a specific error message that the username is wrong? How do you let them know that the username is correct but the password was wrong? How can you show them that they are a single character out on their email address? That they entered “firstname.lastname@example.org” instead of “email@example.com”.
What if the user then forgets their password? If you use usernames, what if they forget that? What if they forget their email address? Do you send a password reset link in an email? Do you include a link to view their online email if they have an @gmail.com or @yahoo.com address? Do they have to answer a secret question? Do they get logged straight in after they change their password? Can the password be the same as their old one?
All of these questions have different answers depending on your users and your system. What is right for one system is wrong for another.
When you’re building a product even the smallest parts require careful planning and design.