Skip to content

Commit

Permalink
add system design
Browse files Browse the repository at this point in the history
  • Loading branch information
@DBunthai
DBunthai committed Feb 9, 2024
1 parent 07c5ddf commit 03cc296
Show file tree
Hide file tree
Showing 11 changed files with 388 additions and 5 deletions.
70 changes: 65 additions & 5 deletions backend/pms/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@
docker-compose up -d --build
```

---
<br>

#### 2. Create DB

```shell
CREATE DATABASE "pms-db";
```

---
<br>

#### 3. Member Details

Expand All @@ -35,13 +35,13 @@ CREATE DATABASE "pms-db";
> password: 123
```

---
<br>

#### 4. Open API Documentation

```http://localhost:8080/swagger-ui/index.html```

---
<br>

#### 5. Create Access Token

Expand All @@ -64,9 +64,12 @@ response:
"refreshToken": "eyJhbGciOiJIUzUxMiJ9.eyJyb2xlcyI6W3sicm9sZSI6IkFkbWluIn1dLCJleHAiOjE3MDcwNzY3NjEsImlhdCI6MTcwNzA3NTU2MSwiZW1haWwiOiJhQGEuY29tIn0.HmEI79h6_IZBsZDv73kMd6XTcfz5PJBq2WrZPXNXBt1vco-osuq5PiEzDPIAn_KYTVvlb8CSlEybyJMqss8tKQ"
}
```
<br>

---

<br>

## II. File Service

<br>
Expand All @@ -88,7 +91,7 @@ Response
}
```

---
<br>

#### 2. Display or Download API

Expand All @@ -97,8 +100,12 @@ Request:
curl --location 'http://localhost:8080/api/v1/files/16a1ddc7-b440-4dc7-8b4b-aba60a567d4a/download'
```

<br>

---

<br>


## III. Email Service

Expand Down Expand Up @@ -147,3 +154,56 @@ curl --location 'http://localhost:8080/api/v1/emails/send' \
"recipient": "[email protected]"
}'
```

<br>

----

<br>

## IV. System Design

### 1. Token Issuance

<br>

![Token Issuance](out/design/1_issue_token/1_issue_token.png)

<br>

### 2. Token Verification
![Token Verification](out/design/2_verify_token/2_verify_token.png)

<br>

### 3. Token Renewal

![Token Renewal](out/design/3_renew_token/3_renew_token.png)

<br>

### 4. File Service

![File Service](out/design/4_file_service/4_file_service.png)


<br>

### 5. SMTP Service
![alt text](out/design/5_smtp/5_smtp.png)

<br>

Testing

```plantuml.server
@startuml
test -> hello: hi
@enduml
```

```plantuml
@startuml
test -> hello: hi
@enduml
```
44 changes: 44 additions & 0 deletions backend/pms/design/1_issue_token.plantuml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
@startuml

participant Frontend as front
participant Backend as back
participant "JWT Filter" as filter
participant AuthSerivce as auth

|||
autonumber "<b>0."
front -> back: request to create a token
note left
POST: **//.../auth/token//**
{
"email": "[email protected]"
"password": "***"
}
end note
back -> filter: request token
filter -> filter: skip JWT token verification
filter -> auth: request token
auth -> auth: authenticate email & password \n if fail send message "Invalid Credential"
auth -> auth:
note right
create and sign a JWT access and refresh token
with secret key.
claims:
- email
- role
- issued date
- expired date
end note

auth --> front: issue a token response:
note right of front
{
"accessToken":"ASDFkoeqncE/wej.sdfweWE/dfwe.WEFwfoweij"
"refreshToken":"ASDFkoeqncE/wej.sdfweWE/dfwe.WEFwfoweij"
}
end note

|||


@enduml
56 changes: 56 additions & 0 deletions backend/pms/design/2_verify_token.plantuml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
@startuml

participant Frontend as front
participant Backend as back
participant "JWT Filter" as filter
participant AuthSerivce as auth
participant ProfileController as controller

skinparam participant {
padding 50
}

|||
autonumber "<b>0."
front -> back: request to get authenticated resource
note right front
GET: **//.../profile//**
Header:
Authorization: Bearer ASDFkoeq...
end note
|||
back -> filter: request resource
|||
filter -> filter: verify Bearer JWT token
|||
filter -> auth: request resource
auth -> auth: verify JWT token with secret \n if fail send message "Invalid Token"
|||
auth -> auth: validate JWT token if expired \n if fail send message "Expired Token"
|||
auth -> auth:
note right
extract info from JWT Token
claims:
- email
- role
end note
auth -> filter: return JWT Info
|||
filter -> filter: authenticated email and role into SecurityContextHolder
filter -> controller: forward requst to access resoure
controller -> controller: get resource

controller --> front: response profile:
note right of front
{
"name":"Mr.a"
"email": "[email protected]"
...
}
end note

|||


@enduml
60 changes: 60 additions & 0 deletions backend/pms/design/3_renew_token.plantuml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
@startuml

participant Frontend as front
participant Backend as back
participant "JWT Filter" as filter
participant AuthSerivce as auth
skinparam participant {
padding 20
}

|||
autonumber "<b>0."
note over front
POST: **//.../auth/token/refresh//**
Header:
Authorization: Bearer ASDFkoeq...
end note
front -> back: request to renew token
back -> filter: request to filter
|||
filter -> filter: verify Bearer JWT token
|||
filter -> auth: request to auth
auth -> auth: verify JWT refresh token with secret \n if fail send message "Invalid Token"
|||
auth -> auth: validate JWT refresh token if expired \n if fail send message "Expired Token"
|||
auth -> auth:
note right
extract info from JWT refresh token
claims:
- email
- role
end note
|||
auth -> auth: validate and authenticate user
|||
auth -> auth:
note right
create and sign a JWT access and refresh token
with secret key.
claims:
- email
- role
- issued date
- expired date
end note

auth --> front: issue a token response:
note right of front
{
"accessToken":"ASDFkoeqncE/wej.sdfweWE/dfwe.WEFwfoweij"
"refreshToken":"ASDFkoeqncE/wej.sdfweWE/dfwe.WEFwfoweij"
}
end note

|||


@enduml
Loading

0 comments on commit 03cc296

Please sign in to comment.