gistfile1.txt
· 1.6 KiB · Text
Raw
@startuml
skin rose
actor User
participant RestAPI
participant RegisterAPI
database Redis
database DB
== Login ==
User -> RestAPI: Login(Email, Passwort)
RestAPI --> RestAPI: Login(Email, Password)
RestAPI --> RestAPI: Generate TempToken
RestAPI -> Redis: SET TempToken(CustomerInfo) TTL=120s
RestAPI -> User: TempToken
== OTP Recovery ==
User -> RegisterAPI: OTP_Recovery(TempToken)
RegisterAPI -> Redis: GET TempToken
RegisterAPI --> RegisterAPI: Generate Captcha
RegisterAPI -> User: Captcha-Bild
== Captcha ==
User -> RegisterAPI: Solve_Captcha(TempToken, Captcha-Code)
RegisterAPI --> RegisterAPI: Validate Captcha
RegisterAPI -> User: RecoveryContacts[]
User -> RegisterAPI: Recover(TempToken, RecoveryContacts[0])
== Send RecoveryToken ==
RegisterAPI --> RegisterAPI: Generate RecoveryToken
RegisterAPI -> DB: SET CustomerInfo(RecoveryToken)
RegisterAPI -> User: Send_SMS(RecoveryToken)
== Initialize new OTP ==
User -> RegisterAPI: Initialize_OTP(TempToken, RecoveryToken)
RegisterAPI -> Redis: SET CustomerInfo(OTP-Secret) TTL=?
RegisterAPI -> Redis: GET TempToken(CustomerInfo)
RegisterAPI -> DB: GET CustomerInfo(RecoveryToken)
RegisterAPI --> RegisterAPI: Validate RecoveryToken
RegisterAPI --> RegisterAPI: Generate OTP-Secret
RegisterAPI -> User: OTP-Secret
User --> User: Scan QR-Code/OTP-Secret
User --> User: Generate_OTP(OTP-Secret)
User -> RegisterAPI: Validate_OTP(TempToken, OTP-Code)
RegisterAPI -> Redis: GET TempToken(CustomerInfo)
RegisterAPI -> Redis: GET CustomerInfo(OTP-Secret)
RegisterAPI --> RegisterAPI: Validate_OTP(OTP-Secret, OTP-Code)
RegisterAPI -> DB: UpdateOTP(CustomerInfo, OTP-Secret)
RegisterAPI -> User: OK
@enduml
| 1 | @startuml |
| 2 | |
| 3 | skin rose |
| 4 | |
| 5 | actor User |
| 6 | participant RestAPI |
| 7 | participant RegisterAPI |
| 8 | database Redis |
| 9 | database DB |
| 10 | |
| 11 | == Login == |
| 12 | |
| 13 | User -> RestAPI: Login(Email, Passwort) |
| 14 | RestAPI --> RestAPI: Login(Email, Password) |
| 15 | RestAPI --> RestAPI: Generate TempToken |
| 16 | RestAPI -> Redis: SET TempToken(CustomerInfo) TTL=120s |
| 17 | RestAPI -> User: TempToken |
| 18 | |
| 19 | == OTP Recovery == |
| 20 | |
| 21 | User -> RegisterAPI: OTP_Recovery(TempToken) |
| 22 | RegisterAPI -> Redis: GET TempToken |
| 23 | RegisterAPI --> RegisterAPI: Generate Captcha |
| 24 | RegisterAPI -> User: Captcha-Bild |
| 25 | |
| 26 | == Captcha == |
| 27 | |
| 28 | User -> RegisterAPI: Solve_Captcha(TempToken, Captcha-Code) |
| 29 | RegisterAPI --> RegisterAPI: Validate Captcha |
| 30 | |
| 31 | RegisterAPI -> User: RecoveryContacts[] |
| 32 | User -> RegisterAPI: Recover(TempToken, RecoveryContacts[0]) |
| 33 | |
| 34 | == Send RecoveryToken == |
| 35 | |
| 36 | RegisterAPI --> RegisterAPI: Generate RecoveryToken |
| 37 | RegisterAPI -> DB: SET CustomerInfo(RecoveryToken) |
| 38 | RegisterAPI -> User: Send_SMS(RecoveryToken) |
| 39 | |
| 40 | == Initialize new OTP == |
| 41 | |
| 42 | User -> RegisterAPI: Initialize_OTP(TempToken, RecoveryToken) |
| 43 | RegisterAPI -> Redis: SET CustomerInfo(OTP-Secret) TTL=? |
| 44 | RegisterAPI -> Redis: GET TempToken(CustomerInfo) |
| 45 | RegisterAPI -> DB: GET CustomerInfo(RecoveryToken) |
| 46 | RegisterAPI --> RegisterAPI: Validate RecoveryToken |
| 47 | RegisterAPI --> RegisterAPI: Generate OTP-Secret |
| 48 | RegisterAPI -> User: OTP-Secret |
| 49 | User --> User: Scan QR-Code/OTP-Secret |
| 50 | User --> User: Generate_OTP(OTP-Secret) |
| 51 | User -> RegisterAPI: Validate_OTP(TempToken, OTP-Code) |
| 52 | RegisterAPI -> Redis: GET TempToken(CustomerInfo) |
| 53 | RegisterAPI -> Redis: GET CustomerInfo(OTP-Secret) |
| 54 | RegisterAPI --> RegisterAPI: Validate_OTP(OTP-Secret, OTP-Code) |
| 55 | RegisterAPI -> DB: UpdateOTP(CustomerInfo, OTP-Secret) |
| 56 | RegisterAPI -> User: OK |
| 57 | |
| 58 | |
| 59 | @enduml |