UI App Application Access & Authorization Flow
sequenceDiagram
autonumber
actor User
User ->> UI : Visits Login Page
UI -->> User: Displays Branded Login Form
User ->> UI : Fills in credentials and submits
UI ->> Api: /auth/
Api ->> Api: Checks user, status & role
Api ->> Api: Creates Token
Api -->> UI: JWT TokenUI App Application Access & Authorization Flow
sequenceDiagram
autonumber
actor User
participant UI App
participant Local Storage
participant API
User ->> UI App: Visit Page
UI App ->> Local Storage: Check Token
alt Missing Token
Local Storage -->> UI App : Empty
UI App -->>User: Redirect to /login/
else Token Present
UI App ->> UI App : Check Token Availability
alt Token Expired
UI App -->>User: Redirect to /login/
else Token Valid
UI App ->> API: Get /profiles/me
alt Profile Received
UI App -->>User: Display Page (Auth Guards are in place)
else 403
UI App -->>User: Redirect to /login/
end
end
endToken: +gUI Appd Id +string Email +string Type/Role # Underwriter, Underwriter Plus, Producer, Producer Plus, SuperAdmin +gUI Appd UnderwriterOrganisationId +gUI Appd ProducerOrganisationId +gUI Appd ProducerOfficeId +date ExpiresOn +enum mfaState
mfaState = NOT_REQUIRED | CONFIGURATION_REQUIRED |
classDiagram
class UnderwriterOrganisations {
+gUI Appd Id
+string Name
+string Domain
}
class ProducerOrganisations {
+gUI Appd Id
+string Name
+gUI Appd UnderwriterOrganisationId
}
class ProducerOffices {
+gUI Appd Id
+string Name
+gUI Appd ProducerOrganisationId
}
class Users {
+gUI Appd Id
+string Email
+string Salt
+string HashedPassword
+string Type/Role # Underwriter, Underwriter Plus, Producer, Producer Plus, SuperAdmin
+gUI Appd UnderwriterOrganisationId
+gUI Appd ProducerOrganisationId
+gUI Appd ProducerOfficeId
+string DuoToken
}
UnderwriterOrganisations "1" --> "n" ProducerOrganisations: Has
ProducerOrganisations "1" --> "n" ProducerOffices: Has
Users "1" --> "1" UnderwriterOrganisations: Part of
Users "1" --> "0..1" ProducerOrganisations: Part of
Users "1" --> "0..1" ProducerOffices: Part of