1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| title Flow for User Registration and User Login
autonumber
== User Registration ==
Client -> Server : Post <color red>api/auth/<b>signup</b></color>\n{username,email,role,passowrd}
activate Server
Server --> Server : Check existing\nSave <color green>User</color> to database
Server -> Client : return <color green>Message</color> ("Registered successfully!")
deactivate Server
autonumber 1
== User Login ==
Client -> Server : Post <color blue>api/auth/<b>signin</b></color>\n{username,passowrd}
activate Server
Server --> Server : Authenticate {username, password}\nCreate <color green>JWT</color> with a secret
Server -> Client : return <color green>JwtResponse</color>\n{token, type, user info, authorities}
deactivate Server
== Access Resource ==
Client -> Server : Request data with <color green>JWT</color> on <b>Authorization Header</b>
activate Server
Server --> Server : Check <color green>JWT</color> Signature\nGet user info & authenticate \nAuthorize using user's Authorities
Server -> Client : return <color green>Response</color> based on <b>Authorities</b>
deactivate Server
|