%% Source projet : E:\Dev\Web-Works\Lucien-sens-bon
%% Auth : native MedusaJS (JWT + Cookie session) - PAS de Keycloak/OIDC
%%{init: {'theme': 'base', 'flowchart': {'nodeSpacing': 40, 'rankSpacing': 50}}}%%
flowchart TB
    subgraph huitral_docker ["huitral 192.168.99.22 - Docker Compose"]
        direction TB

        subgraph lsb_backend ["backend - MedusaJS"]
            direction TB
            medusa["medusajs/medusa<br/>Port: 9000<br/>API REST + Admin /app"]
            admin_ui["Dashboard Admin<br/>/app (Medusa Admin)"]
        end

        subgraph lsb_storefront ["storefront - Next.js"]
            direction TB
            nextjs["node:18-alpine<br/>Port: 8000<br/>Pages: catalogue, panier,<br/>checkout, login, register"]
            sdk["Medusa JS SDK<br/>medusaClient"]
        end

        subgraph lsb_redis ["Redis"]
            redis["redis:alpine<br/>:6379<br/>Cache + Event bus"]
        end
    end

    subgraph pg_ext ["PostgreSQL - npagnun .35"]
        pg["PostgreSQL<br/>:5432<br/>DB: medusa_lsb"]
    end

    subgraph auth_client ["AuthN Client (storefront)"]
        direction TB
        step_c1["1. POST /store/auth<br/>email + password"]
        step_c2["2. Response<br/>access_token: JWT"]
        step_c3["3. localStorage<br/>lsb_customer_token"]
        step_c4["4. Appels API<br/>Authorization: Bearer JWT"]
        step_c1 --> step_c2 --> step_c3 --> step_c4
    end

    subgraph auth_admin ["AuthN Admin (dashboard)"]
        direction TB
        step_a1["1. POST /admin/auth<br/>email + password"]
        step_a2["2. Cookie session signe<br/>COOKIE_SECRET"]
        step_a3["3. JWT admin<br/>JWT_SECRET"]
        step_a4["4. Acces /app<br/>Cookie + CORS verifie"]
        step_a1 --> step_a2 --> step_a3 --> step_a4
    end

    subgraph cors_conf ["CORS"]
        direction LR
        admin_cors["ADMIN_CORS<br/>api-lsb.arauco.online<br/>lsb.arauco.online<br/>domaines LAN"]
        store_cors["STORE_CORS<br/>lsb.arauco.online<br/>domaines LAN"]
    end

    subgraph caddy_ext ["Caddy - araucaria .50"]
        direction TB
        caddy_lsb["lsb.arauco.online<br/>HTTPS -> :8000"]
        caddy_api["api-lsb.arauco.online<br/>HTTPS -> :9000"]
        caddy_lan_lsb["lsb.huitral.ruka.lan<br/>HTTP -> :8000"]
        caddy_lan_api["api-lsb.huitral.ruka.lan<br/>HTTP -> :9000"]
    end

    subgraph users ["Utilisateurs"]
        direction TB
        customer["Client e-commerce<br/>JWT Bearer"]
        admin["Administrateur<br/>Cookie session"]
    end

    caddy_lsb -->|"HTTP"| nextjs
    caddy_api -->|"HTTP"| medusa
    caddy_lan_lsb -->|"HTTP"| nextjs
    caddy_lan_api -->|"HTTP"| medusa

    sdk -->|"API REST"| medusa
    medusa --> redis
    medusa -->|"JDBC"| pg

    customer --> caddy_lsb
    admin --> caddy_api

    auth_client -.->|"Flux"| sdk
    auth_admin -.->|"Flux"| admin_ui

    classDef svcStyle fill:#1e4a2e,stroke:#4a9a6a,color:#a8e0c0
    classDef storStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8
    classDef netStyle fill:#1e3a5f,stroke:#4a90d9,color:#a8d0f0
    classDef secStyle fill:#4a3a1e,stroke:#d9a84a,color:#f0d8a8
    classDef userStyle fill:#3a1e5f,stroke:#8a6ad9,color:#c8b0f0
    classDef configStyle fill:#2a3a4a,stroke:#6a8aaa,color:#b0d0e8
    classDef flowStyle fill:#3a2a1e,stroke:#aa7a4a,color:#e8c8a0

    class medusa,admin_ui,nextjs,sdk svcStyle
    class redis svcStyle
    class pg storStyle
    class caddy_lsb,caddy_api,caddy_lan_lsb,caddy_lan_api netStyle
    class admin_cors,store_cors configStyle
    class step_c1,step_c2,step_c3,step_c4 flowStyle
    class step_a1,step_a2,step_a3,step_a4 flowStyle
    class customer,admin userStyle