diff options
| author | ertopogo <erwin.t.pombett@gmail.com> | 2026-02-22 19:51:17 +0100 |
|---|---|---|
| committer | ertopogo <erwin.t.pombett@gmail.com> | 2026-02-22 19:51:17 +0100 |
| commit | c0dac6503789e8c3f2c111cef0d4d0ebeb624ea9 (patch) | |
| tree | abf9c716e9f47a2bf77098cfaacf21fad961ee14 /micro/flux/lsb_auth_seq.mmd | |
| parent | 4e0d25b944fd9632e2555c4f6ae01b4728262dfb (diff) | |
Application:ajout des flux de sequence
Diffstat (limited to 'micro/flux/lsb_auth_seq.mmd')
| -rw-r--r-- | micro/flux/lsb_auth_seq.mmd | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/micro/flux/lsb_auth_seq.mmd b/micro/flux/lsb_auth_seq.mmd new file mode 100644 index 0000000..6d29a20 --- /dev/null +++ b/micro/flux/lsb_auth_seq.mmd @@ -0,0 +1,81 @@ +%% Source projet : E:\Dev\Web-Works\Lucien-sens-bon
+%% Auth : native MedusaJS (JWT + Cookie session) - PAS de Keycloak/OIDC
+%% Deux flux : client e-commerce (JWT Bearer) + admin dashboard (Cookie session)
+%%{init: {'theme': 'base', 'sequence': {'mirrorActors': false}}}%%
+sequenceDiagram
+ autonumber
+
+ box rgb(30, 58, 95) Cote Client
+ actor Client as Client navigateur
+ end
+
+ box rgb(30, 74, 46) huitral .22
+ participant SF as Storefront Next.js<br/>lsb.arauco.online<br/>:8000
+ participant API as Medusa API<br/>api-lsb.arauco.online<br/>:9000
+ participant Redis as Redis<br/>:6379
+ end
+
+ box rgb(74, 30, 58) npagnun .35
+ participant PG as PostgreSQL<br/>:5432
+ end
+
+ box rgb(30, 58, 95) Caddy araucaria .50
+ participant Caddy as Caddy<br/>TLS termination
+ end
+
+ Note over Client, Caddy: Flux 1 - AuthN Client E-commerce (JWT Bearer)
+
+ Client ->>+ Caddy: GET https://lsb.arauco.online
+ Caddy ->>+ SF: HTTP :8000
+ SF -->>- Caddy: Page login/register
+ Caddy -->>- Client: HTML + JS (Medusa SDK)
+
+ Client ->>+ Caddy: POST https://api-lsb.arauco.online/store/auth<br/>{email, password}
+ Caddy ->>+ API: HTTP :9000
+ API ->> PG: SELECT customer WHERE email = ?
+ PG -->> API: Customer record
+ API ->> API: Verify password (bcrypt)
+ API -->>- Caddy: 200 {access_token: "JWT"}
+ Caddy -->>- Client: JWT access_token
+
+ Client ->> Client: localStorage.setItem("lsb_customer_token", JWT)
+ Client ->> Client: medusaClient.setToken(JWT)
+
+ Note over Client, Caddy: Appels API authentifies
+
+ Client ->>+ Caddy: GET /store/products<br/>Authorization: Bearer JWT
+ Caddy ->>+ API: HTTP :9000<br/>CORS check (STORE_CORS)
+ API ->> API: Verify JWT (JWT_SECRET)
+ API ->> PG: Query produits
+ PG -->> API: Resultats
+ API -->>- Caddy: 200 JSON
+ Caddy -->>- Client: Donnees produits
+
+ Note over Client, Caddy: Flux 2 - AuthN Admin Dashboard (Cookie Session)
+
+ Client ->>+ Caddy: GET https://api-lsb.arauco.online/app
+ Caddy ->>+ API: HTTP :9000
+ API -->>- Caddy: Dashboard Admin UI
+ Caddy -->>- Client: HTML Admin Medusa
+
+ Client ->>+ Caddy: POST https://api-lsb.arauco.online/admin/auth<br/>{email, password}
+ Caddy ->>+ API: HTTP :9000
+ API ->> PG: SELECT admin WHERE email = ?
+ PG -->> API: Admin record
+ API ->> API: Verify password
+ API ->> API: Sign cookie (COOKIE_SECRET)
+ API ->> API: Generate JWT (JWT_SECRET)
+ API -->>- Caddy: 200 + Set-Cookie: session<br/>CORS check (ADMIN_CORS)
+ Caddy -->>- Client: Cookie session signe
+
+ Note over Client, Caddy: Appels admin authentifies
+
+ Client ->>+ Caddy: GET /admin/products<br/>Cookie: session=...
+ Caddy ->>+ API: HTTP :9000<br/>CORS check (ADMIN_CORS)
+ API ->> API: Verify cookie (COOKIE_SECRET)
+ API ->> PG: Query admin data
+ PG -->> API: Resultats
+ API -->>- Caddy: 200 JSON
+ Caddy -->>- Client: Donnees admin
+
+ Note over Client, PG: AuthZ - Pas de roles granulaires<br/>Client = acces store API<br/>Admin = acces admin API (tout ou rien)
|