This website requires JavaScript.
Explore
Help
Register
Sign In
marcel
/
familienarchiv
Watch
1
Star
0
Fork
0
You've already forked familienarchiv
Code
Issues
115
Pull Requests
Actions
Packages
Projects
Releases
Wiki
Activity
Files
b5f8a4e1ac37ffcfbc56e002ec65184ccb180146
familienarchiv
/
docs
/
architecture
/
c4
/
l3-backend-3a-security.puml
Marcel
9387fcc17b
docs(c4): add L3 backend 3a security and 3b document management
2026-05-06 22:52:21 +02:00
1.5 KiB
Raw
Blame
History
Component Diagram: API Backend — Security & Authentication
Component Diagram: API Backend — Security & Authentication
API Backend (Spring Boot)
[system]
«component»
Security
Filter
Chain
[Spring
Security]
Enforces
authentication
on
all
requests.
Parses
Basic
Auth
header
and
constructs
an
Authentication
token;
delegates
credential
validation
to
DaoAuthenticationProvider
via
BCrypt.
Permits
password-reset,
invite,
and
register
endpoints
without
authentication.
«component»
PermissionAspect
[Spring
AOP]
Intercepts
methods
annotated
with
@RequirePermission.
Checks
user's
granted
authorities
against
the
required
permission.
Throws
401/403
if
denied.
«component»
SecurityConfig
[Spring
@Configuration]
Configures
filter
chain:
all
routes
require
authentication,
CSRF
disabled,
BCrypt
password
encoder,
DaoAuthenticationProvider
with
CustomUserDetailsService.
«component»
CustomUserDetailsService
[Spring
Security
UserDetailsService]
Loads
AppUser
by
email
from
DB.
Converts
group
permissions
to
Spring
GrantedAuthority
objects.
Logs
unknown
permissions.
«container»
Web
Frontend
[SvelteKit]
«container»
PostgreSQL
[PostgreSQL
16]
All
requests
[HTTP
/
Basic
Auth
header]
Authenticated
requests
reach
guarded
service
methods
Wires
as
UserDetailsService
Loads
user
by
email
[JDBC]
Reference in New Issue
View Git Blame
Copy Permalink
