sequenceDiagram
    participant U as User
    participant F as Frontend
    participant A as API Gateway
    participant B as Backend API
    participant DB as PostgreSQL
    participant R as Redis
    participant O as OAuth Provider

    Note over U,O: Authentication Flow

    U->>F: Access application
    F->>A: Request login page
    A->>F: Return login form
    
    alt OAuth Login
        U->>F: Click "Login with Google"
        F->>O: Redirect to OAuth
        O->>U: Show consent screen
        U->>O: Grant permission
        O->>F: Return authorization code
        F->>B: Exchange code for token
        B->>O: Validate code
        O->>B: Return access token
        B->>DB: Store user session
        B->>R: Cache user data
        B->>F: Return JWT token
    else Email/Password Login
        U->>F: Enter credentials
        F->>B: POST /api/auth/login
        B->>DB: Validate credentials
        DB->>B: Return user data
        B->>R: Cache session
        B->>F: Return JWT token
    else Magic Link Login
        U->>F: Enter email
        F->>B: POST /api/auth/magic-link
        B->>DB: Generate magic token
        B->>O: Send magic link email
        O->>U: Email with magic link
        U->>B: Click magic link
        B->>DB: Validate magic token
        B->>R: Cache session
        B->>F: Return JWT token
    end

    F->>R: Store JWT in localStorage
    F->>A: Include JWT in requests
    A->>B: Forward authenticated request
    B->>R: Validate JWT
    R->>B: Return user context
    B->>F: Return protected data