veza/docs-assets/mermaid/sequence-auth.mmd

sequenceDiagram
    participant U as User
    participant F as Frontend
    participant A as API Gateway
    participant B as Backend API
    participant DB as PostgreSQL
    participant R as Redis
    participant O as OAuth Provider

    Note over U,O: Authentication Flow

    U->>F: Access application
    F->>A: Request login page
    A->>F: Return login form
    
    alt OAuth Login
        U->>F: Click "Login with Google"
        F->>O: Redirect to OAuth
        O->>U: Show consent screen
        U->>O: Grant permission
        O->>F: Return authorization code
        F->>B: Exchange code for token
        B->>O: Validate code
        O->>B: Return access token
        B->>DB: Store user session
        B->>R: Cache user data
        B->>F: Return JWT token
    else Email/Password Login
        U->>F: Enter credentials
        F->>B: POST /api/auth/login
        B->>DB: Validate credentials
        DB->>B: Return user data
        B->>R: Cache session
        B->>F: Return JWT token
    else Magic Link Login
        U->>F: Enter email
        F->>B: POST /api/auth/magic-link
        B->>DB: Generate magic token
        B->>O: Send magic link email
        O->>U: Email with magic link
        U->>B: Click magic link
        B->>DB: Validate magic token
        B->>R: Cache session
        B->>F: Return JWT token
    end

    F->>R: Store JWT in localStorage
    F->>A: Include JWT in requests
    A->>B: Forward authenticated request
    B->>R: Validate JWT
    R->>B: Return user context
    B->>F: Return protected data
BASE: completing the initial repo state 2025-12-03 21:56:50 +00:00			`sequenceDiagram`
			`participant U as User`
			`participant F as Frontend`
			`participant A as API Gateway`
			`participant B as Backend API`
			`participant DB as PostgreSQL`
			`participant R as Redis`
			`participant O as OAuth Provider`

			`Note over U,O: Authentication Flow`

			`U->>F: Access application`
			`F->>A: Request login page`
			`A->>F: Return login form`

			`alt OAuth Login`
			`U->>F: Click "Login with Google"`
			`F->>O: Redirect to OAuth`
			`O->>U: Show consent screen`
			`U->>O: Grant permission`
			`O->>F: Return authorization code`
			`F->>B: Exchange code for token`
			`B->>O: Validate code`
			`O->>B: Return access token`
			`B->>DB: Store user session`
			`B->>R: Cache user data`
			`B->>F: Return JWT token`
			`else Email/Password Login`
			`U->>F: Enter credentials`
			`F->>B: POST /api/auth/login`
			`B->>DB: Validate credentials`
			`DB->>B: Return user data`
			`B->>R: Cache session`
			`B->>F: Return JWT token`
			`else Magic Link Login`
			`U->>F: Enter email`
			`F->>B: POST /api/auth/magic-link`
			`B->>DB: Generate magic token`
			`B->>O: Send magic link email`
			`O->>U: Email with magic link`
			`U->>B: Click magic link`
			`B->>DB: Validate magic token`
			`B->>R: Cache session`
			`B->>F: Return JWT token`
			`end`

			`F->>R: Store JWT in localStorage`
			`F->>A: Include JWT in requests`
			`A->>B: Forward authenticated request`
			`B->>R: Validate JWT`
			`R->>B: Return user context`
			`B->>F: Return protected data`