@startuml

/'Living Model of JSON Web Token (JWT)'/

title "Living Model of JSON Web Token (JWT)"

boundary User_Page as userpage
participant Frontend_Server as frontend
participant Backend_Server as backend

database user_table
entity pki_key_pair

autonumber

note over pki_key_pair #03c2fc
 <b>Public Key Infrastructure</b>
    public-key, secret_key, key_pair
    use libsodium or ECDSA or RSA 
    libsodium recommended
    (prepare keys first)
end note


userpage->frontend: input user id & password
frontend->backend: provide info when db created\njwt-get:{"UserId":"aa", "Passwd":"bb"}

backend->user_table: get user id & password
note over backend #fcdb03
check user_id & passwd matches
end note

backend->pki_key_pair: get public_key
note over backend #fcdb03
encrypt user_id and expiration time
with public_key into JWT 
end note

backend->frontend: OK with JWT\n{"JwtToken": "zz" }


note over frontend #fcdb03
JWT being kept in Session until 
backend expiration period(24hours) 
end note


note over frontend #bafc03
[BEGINNIG OF Normal API REQUEST]
end note
/'6'/
userpage->frontend: Normal Request


note over frontend #fcdb03
1. Add HTML Request header 
	req.Header.Add("P2u-Token", "zz")
2. send request with "P2u-Token" includes
end note

frontend->backend: normal request


note over backend #fcdb03
 get P2u-Token from HTML header first
end note

backend-->pki_key_pair: get secret_key

note over backend #fcdb03
 1. decrypt JWT with secret_key to
      get user_id and expiration time
 2. check if JWT expired
end note

backend-->frontend: return error msg with 505 status\nif decryption fails or JWT expired

note over backend #fcdb03
Proceed Normal Process
end note

/'10'/

backend-->frontend: return normal Result

note over frontend #bafc03
[END OF Normal API REQUEST]
end note

frontend-->userpage: rendered views

@enduml