Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔐 Authentication #14

Merged
merged 19 commits into from
Mar 17, 2023
Merged

🔐 Authentication #14

merged 19 commits into from
Mar 17, 2023

Conversation

floscher
Copy link
Contributor

@floscher floscher commented Jan 27, 2023
edited
Loading 

sequenceDiagram
participant BS as Browser storage
actor User
participant BW as Browser window
participant App as App server
participant OAuth as OAuth server

autonumber

rect rgb(255,240,240)
  note right of BS: Login page of SPA
  User->>BW: Go to app.com/login
  BW->>+App: GET /login
  App->>-BW: HTML login page
  activate BW
  BW->>+BS: Generate random state and save for later
  note over BS: sessionStorage:<br>state,<br>redirectPath
  BW->>+App: POST /api/auth/providers
  App->>-BW: JSON providers list
  BW->>-User: Show Links to OAuth providers
  User->>BW: Click login link
end

rect rgb(240,255,240)
  note right of User: Login page of the OAuth provider
  BW->>+OAuth: GET /login
  OAuth->>-BW: HTML login form
  activate BW
  BW->>User: Show login form
  User->>BW: Enter login credentials
  BW->>+OAuth: POST login credentials
  deactivate BW
  OAuth->>-BW: Redirect to app.com/auth
end
  
rect rgb(240,240,255)
  note right of BS: Get JWT token
  BW->>+App: GET /auth
  App->>-BW: HTML login page
  activate BW
  BW->>BS: Check if state matches
  BS->>BW: On match: continue<br>Else: Show error with link to app.com/login
  deactivate BS
  BW->>User: Show login options screen
  User->>BW: Click login button
  BW->>+App: Request token
  App->>+OAuth: Request token
  OAuth->>-App: JWT token
  alt if no account
    App->>App: Create user account
  end
  App->>-BW: JWT token
  BW->>+BS: Save JWT token to localStorage
  note over BS: localStorage:<br>token
end

rect rgb(255,255,230)
  note right of BS: Make authenticated API request
  BW->>BS: Get JWT token
  BS->>BW: Token
  BW->>+App: GET /api/post/create<br>(JWT token in Authorization header)
  App->>App: Check JWT token and refresh if needed
  alt not authenticated
    App->>BW: HTTP redirect to app.com/login<br>goto ②
  else no permission
    App->>BW: Return error
  else else
    App->>-BW: Return response
  end
end

deactivate BW
deactivate BS
Loading

@floscher floscher force-pushed the feature/authentication branch from da55561 to 0f8f683 Compare January 27, 2023 15:58
@floscher floscher force-pushed the feature/authentication branch from 0f8f683 to 4dcb6c4 Compare March 6, 2023 08:48
@floscher floscher added this to the Ready to deploy milestone Mar 10, 2023
This was linked to issues Mar 10, 2023
User Managment #4
Closed
Login #6
Closed
Finalize Authentication #15
Closed
@floscher floscher mentioned this pull request Mar 15, 2023
Closed
@floscher floscher marked this pull request as ready for review March 15, 2023 11:32
@floscher floscher self-assigned this Mar 15, 2023
@floscher floscher merged commit ce4576d into main Mar 17, 2023
@floscher floscher deleted the feature/authentication branch March 18, 2023 13:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@floscher floscher

Labels
None yet
Projects
None yet
Milestone
First releasable version
Development

Successfully merging this pull request may close these issues.

Finalize Authentication Login User Managment
2 participants
@floscher @codelirik