27 lines
1019 B
Plaintext
27 lines
1019 B
Plaintext
@startuml
|
|
title Authentication Flow
|
|
|
|
actor User
|
|
participant Browser
|
|
participant "Frontend (SvelteKit)" as Frontend
|
|
participant "Backend (Spring Boot)" as Backend
|
|
participant PostgreSQL as DB
|
|
|
|
User -> Browser: Enter email + password
|
|
Browser -> Frontend: POST /login (form action)
|
|
Frontend -> Frontend: Base64 encode "email:password"
|
|
Frontend -> Backend: GET /api/users/me\nAuthorization: Basic <token>
|
|
Backend -> Backend: Spring Security parses Basic Auth
|
|
Backend -> DB: SELECT user WHERE email=?
|
|
DB --> Backend: AppUser + groups + permissions
|
|
Backend -> Backend: BCrypt.matches(password, hash)
|
|
Backend --> Frontend: 200 OK — UserDTO
|
|
Frontend -> Browser: Set-Cookie: auth_token=<base64>\n(httpOnly, SameSite=strict, maxAge=86400)
|
|
Browser -> Frontend: GET / (next request)
|
|
Frontend -> Frontend: hooks.server.ts reads auth_token cookie
|
|
Frontend -> Backend: GET /api/users/me\nAuthorization: Basic <token>
|
|
Backend --> Frontend: 200 OK — user in event.locals
|
|
Frontend --> Browser: Render page with user context
|
|
|
|
@enduml
|