familienarchiv

marcel/familienarchiv

Fork 0

Commit Graph

Author	SHA1	Message	Date
Marcel	3438260090	docs: rewrite seq-auth-flow.puml for the Spring Session model (ADR-020) All checks were successful CI / Unit & Component Tests (pull_request) Successful in 3m4s Details CI / OCR Service Tests (pull_request) Successful in 20s Details CI / Backend Unit Tests (pull_request) Successful in 3m6s Details CI / fail2ban Regex (pull_request) Successful in 40s Details CI / Semgrep Security Scan (pull_request) Successful in 17s Details CI / Compose Bucket Idempotency (pull_request) Successful in 1m0s Details Removes the cookie-promotion step (auth_token → Authorization: Basic) and splits the diagram into three labelled phases: Login, Authenticated request, Logout. Adds the spring_session DB round-trip on every authenticated request and the alt branch for an expired session returning 401 → /login?reason=expired. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 20:59:44 +02:00
Marcel	03d478840b	docs(arch): show Caddy + X-Forwarded-Proto in auth-flow diagram Adds the Caddy hop to seq-auth-flow.puml and surfaces the two production-relevant header behaviours: - Caddy terminates TLS and forwards X-Forwarded-Proto: https - Spring Boot trusts this header (server.forward-headers-strategy: native, ForwardedRequestCustomizer at the Jetty layer), so request.getScheme() returns "https" - The Set-Cookie response carries the Secure flag because the observed scheme is https — without forward-headers-strategy this would silently drop to plain http and the cookie would lose Secure Closes the doc-currency gap flagged in the Markus review on PR #499: "Auth flow change → docs/architecture/c4/seq-auth-flow.puml". Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-11 13:17:12 +02:00
Marcel	62bef1d267	docs(c4): add L3 frontend 3c/3d and sequence diagrams	2026-05-06 22:52:21 +02:00

Author

SHA1

Message

Date

Marcel

3438260090

docs: rewrite seq-auth-flow.puml for the Spring Session model (ADR-020)

CI / Unit & Component Tests (pull_request) Successful in 3m4s

Details

CI / OCR Service Tests (pull_request) Successful in 20s

Details

CI / Backend Unit Tests (pull_request) Successful in 3m6s

Details

CI / fail2ban Regex (pull_request) Successful in 40s

Details

CI / Semgrep Security Scan (pull_request) Successful in 17s

Details

CI / Compose Bucket Idempotency (pull_request) Successful in 1m0s

Details

Removes the cookie-promotion step (auth_token → Authorization: Basic) and
splits the diagram into three labelled phases: Login, Authenticated
request, Logout. Adds the spring_session DB round-trip on every
authenticated request and the alt branch for an expired session
returning 401 → /login?reason=expired.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-17 20:59:44 +02:00

Marcel

03d478840b

docs(arch): show Caddy + X-Forwarded-Proto in auth-flow diagram

Adds the Caddy hop to seq-auth-flow.puml and surfaces the two
production-relevant header behaviours:

  - Caddy terminates TLS and forwards X-Forwarded-Proto: https
  - Spring Boot trusts this header (server.forward-headers-strategy:
    native, ForwardedRequestCustomizer at the Jetty layer), so
    request.getScheme() returns "https"
  - The Set-Cookie response carries the Secure flag because the
    observed scheme is https — without forward-headers-strategy this
    would silently drop to plain http and the cookie would lose Secure

Closes the doc-currency gap flagged in the Markus review on PR #499:
"Auth flow change → docs/architecture/c4/seq-auth-flow.puml".

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-11 13:17:12 +02:00

Marcel

62bef1d267

docs(c4): add L3 frontend 3c/3d and sequence diagrams

2026-05-06 22:52:21 +02:00

3 Commits