From 27e9f08e863e9ca22c1244f3cb24150142571334 Mon Sep 17 00:00:00 2001
From: ertopogo <erwin.t.pombett@gmail.com>
Date: Sun, 22 Feb 2026 19:57:54 +0100
Subject: Application:correction de la visibilité des diagrames de séquence
 sous flux
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 micro/flux/lsb_auth_seq.mmd | 51 ++++++++++++++++++---------------------------
 1 file changed, 20 insertions(+), 31 deletions(-)

(limited to 'micro/flux/lsb_auth_seq.mmd')

diff --git a/micro/flux/lsb_auth_seq.mmd b/micro/flux/lsb_auth_seq.mmd
index 6d29a20..3d6c07c 100644
--- a/micro/flux/lsb_auth_seq.mmd
+++ b/micro/flux/lsb_auth_seq.mmd
@@ -1,81 +1,70 @@
 %% Source projet : E:\Dev\Web-Works\Lucien-sens-bon
 %% Auth : native MedusaJS (JWT + Cookie session) - PAS de Keycloak/OIDC
 %% Deux flux : client e-commerce (JWT Bearer) + admin dashboard (Cookie session)
-%%{init: {'theme': 'base', 'sequence': {'mirrorActors': false}}}%%
 sequenceDiagram
     autonumber
 
-    box rgb(30, 58, 95) Cote Client
-        actor Client as Client navigateur
-    end
+    actor Client as Client navigateur
 
-    box rgb(30, 74, 46) huitral .22
-        participant SF as Storefront Next.js<br/>lsb.arauco.online<br/>:8000
-        participant API as Medusa API<br/>api-lsb.arauco.online<br/>:9000
-        participant Redis as Redis<br/>:6379
-    end
+    participant Caddy as Caddy araucaria .50
+    participant SF as Storefront Next.js :8000
+    participant API as Medusa API :9000
+    participant Redis as Redis :6379
+    participant PG as PostgreSQL npagnun .35
 
-    box rgb(74, 30, 58) npagnun .35
-        participant PG as PostgreSQL<br/>:5432
-    end
-
-    box rgb(30, 58, 95) Caddy araucaria .50
-        participant Caddy as Caddy<br/>TLS termination
-    end
-
-    Note over Client, Caddy: Flux 1 - AuthN Client E-commerce (JWT Bearer)
+    Note over Client, PG: Flux 1 - AuthN Client E-commerce (JWT Bearer)
 
     Client ->>+ Caddy: GET https://lsb.arauco.online
     Caddy ->>+ SF: HTTP :8000
     SF -->>- Caddy: Page login/register
     Caddy -->>- Client: HTML + JS (Medusa SDK)
 
-    Client ->>+ Caddy: POST https://api-lsb.arauco.online/store/auth<br/>{email, password}
+    Client ->>+ Caddy: POST https://api-lsb.arauco.online/store/auth {email, password}
     Caddy ->>+ API: HTTP :9000
     API ->> PG: SELECT customer WHERE email = ?
     PG -->> API: Customer record
     API ->> API: Verify password (bcrypt)
-    API -->>- Caddy: 200 {access_token: "JWT"}
+    API -->>- Caddy: 200 {access_token: JWT}
     Caddy -->>- Client: JWT access_token
 
-    Client ->> Client: localStorage.setItem("lsb_customer_token", JWT)
+    Client ->> Client: localStorage.setItem(lsb_customer_token, JWT)
     Client ->> Client: medusaClient.setToken(JWT)
 
-    Note over Client, Caddy: Appels API authentifies
+    Note over Client, API: Appels API authentifies
 
-    Client ->>+ Caddy: GET /store/products<br/>Authorization: Bearer JWT
-    Caddy ->>+ API: HTTP :9000<br/>CORS check (STORE_CORS)
+    Client ->>+ Caddy: GET /store/products - Authorization: Bearer JWT
+    Caddy ->>+ API: HTTP :9000 - CORS check (STORE_CORS)
     API ->> API: Verify JWT (JWT_SECRET)
     API ->> PG: Query produits
     PG -->> API: Resultats
     API -->>- Caddy: 200 JSON
     Caddy -->>- Client: Donnees produits
 
-    Note over Client, Caddy: Flux 2 - AuthN Admin Dashboard (Cookie Session)
+    Note over Client, PG: Flux 2 - AuthN Admin Dashboard (Cookie Session)
 
     Client ->>+ Caddy: GET https://api-lsb.arauco.online/app
     Caddy ->>+ API: HTTP :9000
     API -->>- Caddy: Dashboard Admin UI
     Caddy -->>- Client: HTML Admin Medusa
 
-    Client ->>+ Caddy: POST https://api-lsb.arauco.online/admin/auth<br/>{email, password}
+    Client ->>+ Caddy: POST /admin/auth {email, password}
     Caddy ->>+ API: HTTP :9000
     API ->> PG: SELECT admin WHERE email = ?
     PG -->> API: Admin record
     API ->> API: Verify password
     API ->> API: Sign cookie (COOKIE_SECRET)
     API ->> API: Generate JWT (JWT_SECRET)
-    API -->>- Caddy: 200 + Set-Cookie: session<br/>CORS check (ADMIN_CORS)
+    API -->>- Caddy: 200 + Set-Cookie: session - CORS (ADMIN_CORS)
     Caddy -->>- Client: Cookie session signe
 
-    Note over Client, Caddy: Appels admin authentifies
+    Note over Client, API: Appels admin authentifies
 
-    Client ->>+ Caddy: GET /admin/products<br/>Cookie: session=...
-    Caddy ->>+ API: HTTP :9000<br/>CORS check (ADMIN_CORS)
+    Client ->>+ Caddy: GET /admin/products - Cookie: session=...
+    Caddy ->>+ API: HTTP :9000 - CORS check (ADMIN_CORS)
     API ->> API: Verify cookie (COOKIE_SECRET)
     API ->> PG: Query admin data
     PG -->> API: Resultats
     API -->>- Caddy: 200 JSON
     Caddy -->>- Client: Donnees admin
 
-    Note over Client, PG: AuthZ - Pas de roles granulaires<br/>Client = acces store API<br/>Admin = acces admin API (tout ou rien)
+    Note over Client, PG: AuthZ - Client = store API / Admin = admin API (tout ou rien)
-- 
cgit v1.2.3