npm - mbkauthe - Versions diffs - 5.0.1 → 5.0.2 - Mend

mbkauthe 5.0.1 → 5.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/LICENSE +161 -335
package/docs/diagrams/auth-processes.mmd +37 -77
package/docs/images/auth-processes.svg +1 -1
package/package.json +1 -1
package/docs/diagrams/c.md +0 -122
package/docs/images/auth-process.svg +0 -102

package/docs/diagrams/auth-processes.mmd CHANGED Viewed

@@ -3,60 +3,45 @@ sequenceDiagram
     participant R as Protected Route
     participant VS as validateSession
-    participant JT as isJsonRequest
     participant VT as validateTokenAuthentication
     participant CS as validateCookieSession
-    participant DB as AuthRepository / DB
+    participant DB as DB
     participant RES as Response
-    R->>VS: validateSession(req, res, next, strictTokenValidation?)
+    R->>VS: validateSession(req)
     alt Authorization header exists
         alt strictTokenValidation is true
             VS-->>RES: 401 INVALID_AUTH_TOKEN
-            Note over VS,RES: Token auth is rejected for strict cookie-only middleware.
         else token auth allowed
             VS->>VT: validateTokenAuthentication(req)
-            alt Header is not "Bearer <token>"
-                VT-->>VS: null
+            alt Invalid format or missing Bearer
+                VT-->>VS: null / error
                 VS-->>RES: 401 INVALID_AUTH_TOKEN
-            else Token does not start with mbk_ or is too long
-                VT-->>VS: { error: "INVALID_TOKEN" }
-                VS-->>RES: 401 INVALID_AUTH_TOKEN
-            else Token format is accepted
-                VT->>VT: hashApiToken(token)
-                VT->>DB: getApiTokenByHash(tokenHash)
+            else Token accepted
+                VT->>DB: getApiTokenByHash(hash)
-                alt API token row not found
+                alt Token not found
                     DB-->>VT: null
-                    VT-->>VS: { error: "INVALID_TOKEN" }
+                    VT-->>VS: error
                     VS-->>RES: 401 INVALID_AUTH_TOKEN
-                else API token expired
-                    DB-->>VT: row with ExpiresAt <= now
-                    VT-->>VS: { error: "TOKEN_EXPIRED" }
+                else Token expired
+                    DB-->>VT: expired row
+                    VT-->>VS: TOKEN_EXPIRED
                     VS-->>RES: 401 API_TOKEN_EXPIRED
-                else API token found
-                    DB-->>VT: token row joined to user
-                    VT->>VT: Resolve token scope and allowedApps
-                    VT->>DB: updateApiTokenLastUsed(row.id) async
+                else Token found
+                    DB-->>VT: token row + user
                     VT-->>VS: tokenUser
-                    alt tokenUser.active is false
-                        VS-->>RES: 401 ACCOUNT_INACTIVE
-                    else Non-SuperAdmin has no allowed apps
-                        VS-->>RES: 401 APP_NOT_AUTHORIZED
-                    else Token allowedApps has wildcard but user apps do not include APP_NAME
-                        VS-->>RES: 401 APP_NOT_AUTHORIZED
-                    else Token allowedApps does not include APP_NAME
-                        VS-->>RES: 401 APP_NOT_AUTHORIZED
-                    else App access allowed
-                        VS->>VS: attachApiTokenUser(req, res, tokenUser)
-                        Note over VS: Sets req.auth, req.user, req.userRole,<br/>and request-local req.session.user.
+                    alt Account inactive or app not authorized
+                        VS-->>RES: 401 ACCOUNT_INACTIVE / APP_NOT_AUTHORIZED
+                    else Access allowed
+                        VS->>VS: attachApiTokenUser(req)
-                        alt tokenScope does not allow req.method
+                        alt Scope disallows method
                             VS-->>RES: 403 TOKEN_SCOPE_INSUFFICIENT
-                        else token scope allows method
+                        else Scope ok
                             VS-->>R: next()
                         end
                     end
@@ -64,50 +49,25 @@ sequenceDiagram
             end
         end
     else No Authorization header
-        VS->>JT: isJsonRequest(req)
-        JT-->>VS: prefersJson
-        VS->>CS: validateCookieSession(req, res, next, prefersJson)
-        alt req.session.user is missing
-            alt prefersJson
-                CS-->>RES: 401 SESSION_NOT_FOUND
-            else browser/page request
-                CS-->>RES: 302 /mbkauthe/login?redirect=...&reason=logged_out
-            end
-        else req.session.user exists
-            CS->>CS: Read req.session.user.sessionId
+        VS->>CS: validateCookieSession(req, prefersJson)
-            alt sessionId missing or not UUID
-                CS->>CS: destroy session and clear cookies
-                alt prefersJson
-                    CS-->>RES: 401 SESSION_EXPIRED
-                else browser/page request
-                    CS-->>RES: Render "Session Expired" error page
-                end
-            else sessionId is UUID
+        alt Session missing
+            CS-->>RES: 401 SESSION_NOT_FOUND / redirect
+        else Session exists
+            alt Invalid or missing sessionId UUID
+                CS->>CS: destroy session
+                CS-->>RES: 401 SESSION_EXPIRED / error page
+            else Valid UUID
                 CS->>DB: getSessionAuthData(sessionId)
-                alt DB session row not found
-                    CS->>CS: destroy session and clear cookies
-                    alt prefersJson
-                        CS-->>RES: 401 SESSION_INVALID
-                    else browser/page request
-                        CS-->>RES: Render "Session Expired" error page
-                    end
-                else DB session row found
-                    DB-->>CS: session row joined to user
-                    alt session expired
-                        CS->>CS: destroy session and clear cookies
-                        CS-->>RES: 401 SESSION_EXPIRED or rendered error page
-                    else user account inactive
-                        CS->>CS: destroy session and clear cookies
-                        CS-->>RES: 401 ACCOUNT_INACTIVE or rendered support page
-                    else user not allowed for APP_NAME
-                        CS->>CS: destroy session and clear cookies
-                        CS-->>RES: 401 APP_NOT_AUTHORIZED or rendered unauthorized page
-                    else session valid and app access allowed
-                        CS->>CS: req.userRole = sessionRow.Role
+                alt Row not found
+                    CS->>CS: destroy session
+                    CS-->>RES: 401 SESSION_INVALID / error page
+                else Row found
+                    alt Expired, inactive, or app not allowed
+                        CS->>CS: destroy session
+                        CS-->>RES: 401 / error page
+                    else Valid
                         CS-->>R: next()
                     end
                 end
@@ -115,6 +75,6 @@ sequenceDiagram
         end
     end
-    opt Token or session validation throws
+    opt Unhandled throw
         VS-->>RES: 500 INTERNAL_SERVER_ERROR
-    end
+    end

package/docs/images/auth-processes.svg CHANGED Viewed

	@@ -1 +1 @@
1	- <svg id="my-svg" width="100%" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="max-width: 1844.5px; background-color: white;" viewBox="-50 -10 1844.5 4414" role="graphics-document document" aria-roledescription="sequence"><g><rect x="1594.5" y="4328" fill="#eaeaea" stroke="#666" width="150" height="65" name="RES" rx="3" ry="3" class="actor actor-bottom"/><text x="1669.5" y="4360.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1669.5" dy="0">Response</tspan></text></g><g><rect x="1349" y="4328" fill="#eaeaea" stroke="#666" width="158" height="65" name="DB" rx="3" ry="3" class="actor actor-bottom"/><text x="1428" y="4360.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1428" dy="0">AuthRepository / DB</tspan></text></g><g><rect x="1073" y="4328" fill="#eaeaea" stroke="#666" width="168" height="65" name="CS" rx="3" ry="3" class="actor actor-bottom"/><text x="1157" y="4360.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1157" dy="0">validateCookieSession</tspan></text></g><g><rect x="816" y="4328" fill="#eaeaea" stroke="#666" width="207" height="65" name="VT" rx="3" ry="3" class="actor actor-bottom"/><text x="919.5" y="4360.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="919.5" dy="0">validateTokenAuthentication</tspan></text></g><g><rect x="616" y="4328" fill="#eaeaea" stroke="#666" width="150" height="65" name="JT" rx="3" ry="3" class="actor actor-bottom"/><text x="691" y="4360.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="691" dy="0">isJsonRequest</tspan></text></g><g><rect x="416" y="4328" fill="#eaeaea" stroke="#666" width="150" height="65" name="VS" rx="3" ry="3" class="actor actor-bottom"/><text x="491" y="4360.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="491" dy="0">validateSession</tspan></text></g><g><rect x="0" y="4328" fill="#eaeaea" stroke="#666" width="150" height="65" name="R" rx="3" ry="3" class="actor actor-bottom"/><text x="75" y="4360.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="75" dy="0">Protected Route</tspan></text></g><g><line id="actor6" x1="1669.5" y1="65" x2="1669.5" y2="4328" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="RES" data-et="life-line" data-id="RES"/><g id="root-6" data-et="participant" data-type="participant" data-id="RES"><rect x="1594.5" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="RES" rx="3" ry="3" class="actor actor-top"/><text x="1669.5" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1669.5" dy="0">Response</tspan></text></g></g><g><line id="actor5" x1="1428" y1="65" x2="1428" y2="4328" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="DB" data-et="life-line" data-id="DB"/><g id="root-5" data-et="participant" data-type="participant" data-id="DB"><rect x="1349" y="0" fill="#eaeaea" stroke="#666" width="158" height="65" name="DB" rx="3" ry="3" class="actor actor-top"/><text x="1428" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1428" dy="0">AuthRepository / DB</tspan></text></g></g><g><line id="actor4" x1="1157" y1="65" x2="1157" y2="4328" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="CS" data-et="life-line" data-id="CS"/><g id="root-4" data-et="participant" data-type="participant" data-id="CS"><rect x="1073" y="0" fill="#eaeaea" stroke="#666" width="168" height="65" name="CS" rx="3" ry="3" class="actor actor-top"/><text x="1157" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1157" dy="0">validateCookieSession</tspan></text></g></g><g><line id="actor3" x1="919.5" y1="65" x2="919.5" y2="4328" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="VT" data-et="life-line" data-id="VT"/><g id="root-3" data-et="participant" data-type="participant" data-id="VT"><rect x="816" y="0" fill="#eaeaea" stroke="#666" width="207" height="65" name="VT" rx="3" ry="3" class="actor actor-top"/><text x="919.5" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="919.5" dy="0">validateTokenAuthentication</tspan></text></g></g><g><line id="actor2" x1="691" y1="65" x2="691" y2="4328" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="JT" data-et="life-line" data-id="JT"/><g id="root-2" data-et="participant" data-type="participant" data-id="JT"><rect x="616" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="JT" rx="3" ry="3" class="actor actor-top"/><text x="691" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="691" dy="0">isJsonRequest</tspan></text></g></g><g><line id="actor1" x1="491" y1="65" x2="491" y2="4328" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="VS" data-et="life-line" data-id="VS"/><g id="root-1" data-et="participant" data-type="participant" data-id="VS"><rect x="416" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="VS" rx="3" ry="3" class="actor actor-top"/><text x="491" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="491" dy="0">validateSession</tspan></text></g></g><g><line id="actor0" x1="75" y1="65" x2="75" y2="4328" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="R" data-et="life-line" data-id="R"/><g id="root-0" data-et="participant" data-type="participant" data-id="R"><rect x="0" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="R" rx="3" ry="3" class="actor actor-top"/><text x="75" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="75" dy="0">Protected Route</tspan></text></g></g><style>#my-svg{font-family:"trebuchet ms",verdana,arial,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#my-svg .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#my-svg .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#my-svg .error-icon{fill:#552222;}#my-svg .error-text{fill:#552222;stroke:#552222;}#my-svg .edge-thickness-normal{stroke-width:1px;}#my-svg .edge-thickness-thick{stroke-width:3.5px;}#my-svg .edge-pattern-solid{stroke-dasharray:0;}#my-svg .edge-thickness-invisible{stroke-width:0;fill:none;}#my-svg .edge-pattern-dashed{stroke-dasharray:3;}#my-svg .edge-pattern-dotted{stroke-dasharray:2;}#my-svg .marker{fill:#333333;stroke:#333333;}#my-svg .marker.cross{stroke:#333333;}#my-svg svg{font-family:"trebuchet ms",verdana,arial,sans-serif;font-size:16px;}#my-svg p{margin:0;}#my-svg .actor{stroke:#9370DB;fill:#ECECFF;stroke-width:1;}#my-svg rect.actor.outer-path[data-look="neo"]{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg rect.note[data-look="neo"]{stroke:#aaaa33;fill:#fff5ad;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg text.actor>tspan{fill:black;stroke:none;}#my-svg .actor-line{stroke:#9370DB;}#my-svg .innerArc{stroke-width:1.5;stroke-dasharray:none;}#my-svg .messageLine0{stroke-width:1.5;stroke-dasharray:none;stroke:#333;}#my-svg .messageLine1{stroke-width:1.5;stroke-dasharray:2,2;stroke:#333;}#my-svg [id$="-arrowhead"] path{fill:#333;stroke:#333;}#my-svg .sequenceNumber{fill:white;}#my-svg [id$="-sequencenumber"]{fill:#333;}#my-svg [id$="-crosshead"] path{fill:#333;stroke:#333;}#my-svg .messageText{fill:#333;stroke:none;}#my-svg .labelBox{stroke:#9370DB;fill:#ECECFF;filter:none;}#my-svg .labelText,#my-svg .labelText>tspan{fill:black;stroke:none;}#my-svg .loopText,#my-svg .loopText>tspan{fill:black;stroke:none;}#my-svg .sectionTitle,#my-svg .sectionTitle>tspan{fill:black;stroke:none;}#my-svg .loopLine{stroke-width:2px;stroke-dasharray:2,2;stroke:#9370DB;fill:#9370DB;}#my-svg .note{stroke:#aaaa33;fill:#fff5ad;}#my-svg .noteText,#my-svg .noteText>tspan{fill:black;stroke:none;font-weight:normal;}#my-svg .activation0{fill:#f4f4f4;stroke:#666;}#my-svg .activation1{fill:#f4f4f4;stroke:#666;}#my-svg .activation2{fill:#f4f4f4;stroke:#666;}#my-svg .actorPopupMenu{position:absolute;}#my-svg .actorPopupMenuPanel{position:absolute;fill:#ECECFF;box-shadow:0px 8px 16px 0px rgba(0,0,0,0.2);filter:drop-shadow(3px 5px 2px rgb(0 0 0 / 0.4));}#my-svg .actor-man circle,#my-svg line{fill:#ECECFF;stroke-width:2px;}#my-svg g rect.rect{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));stroke:#9370DB;}#my-svg .node .neo-node{stroke:#9370DB;}#my-svg [data-look="neo"].node rect,#my-svg [data-look="neo"].cluster rect,#my-svg [data-look="neo"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].node path{stroke:#9370DB;stroke-width:1px;}#my-svg [data-look="neo"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].node .neo-line path{stroke:#9370DB;filter:none;}#my-svg [data-look="neo"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].node circle .state-start{fill:#000000;}#my-svg [data-look="neo"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg :root{--mermaid-font-family:"trebuchet ms",verdana,arial,sans-serif;}</style><g/><defs><symbol id="my-svg-computer" width="24" height="24"><path transform="scale(.5)" d="M2 2v13h20v-13h-20zm18 11h-16v-9h16v9zm-10.228 6l.466-1h3.524l.467 1h-4.457zm14.228 3h-24l2-6h2.104l-1.33 4h18.45l-1.297-4h2.073l2 6zm-5-10h-14v-7h14v7z"/></symbol></defs><defs><symbol id="my-svg-database" fill-rule="evenodd" clip-rule="evenodd"><path transform="scale(.5)" d="M12.258.001l.256.004.255.005.253.008.251.01.249.012.247.015.246.016.242.019.241.02.239.023.236.024.233.027.231.028.229.031.225.032.223.034.22.036.217.038.214.04.211.041.208.043.205.045.201.046.198.048.194.05.191.051.187.053.183.054.18.056.175.057.172.059.168.06.163.061.16.063.155.064.15.066.074.033.073.033.071.034.07.034.069.035.068.035.067.035.066.035.064.036.064.036.062.036.06.036.06.037.058.037.058.037.055.038.055.038.053.038.052.038.051.039.05.039.048.039.047.039.045.04.044.04.043.04.041.04.04.041.039.041.037.041.036.041.034.041.033.042.032.042.03.042.029.042.027.042.026.043.024.043.023.043.021.043.02.043.018.044.017.043.015.044.013.044.012.044.011.045.009.044.007.045.006.045.004.045.002.045.001.045v17l-.001.045-.002.045-.004.045-.006.045-.007.045-.009.044-.011.045-.012.044-.013.044-.015.044-.017.043-.018.044-.02.043-.021.043-.023.043-.024.043-.026.043-.027.042-.029.042-.03.042-.032.042-.033.042-.034.041-.036.041-.037.041-.039.041-.04.041-.041.04-.043.04-.044.04-.045.04-.047.039-.048.039-.05.039-.051.039-.052.038-.053.038-.055.038-.055.038-.058.037-.058.037-.06.037-.06.036-.062.036-.064.036-.064.036-.066.035-.067.035-.068.035-.069.035-.07.034-.071.034-.073.033-.074.033-.15.066-.155.064-.16.063-.163.061-.168.06-.172.059-.175.057-.18.056-.183.054-.187.053-.191.051-.194.05-.198.048-.201.046-.205.045-.208.043-.211.041-.214.04-.217.038-.22.036-.223.034-.225.032-.229.031-.231.028-.233.027-.236.024-.239.023-.241.02-.242.019-.246.016-.247.015-.249.012-.251.01-.253.008-.255.005-.256.004-.258.001-.258-.001-.256-.004-.255-.005-.253-.008-.251-.01-.249-.012-.247-.015-.245-.016-.243-.019-.241-.02-.238-.023-.236-.024-.234-.027-.231-.028-.228-.031-.226-.032-.223-.034-.22-.036-.217-.038-.214-.04-.211-.041-.208-.043-.204-.045-.201-.046-.198-.048-.195-.05-.19-.051-.187-.053-.184-.054-.179-.056-.176-.057-.172-.059-.167-.06-.164-.061-.159-.063-.155-.064-.151-.066-.074-.033-.072-.033-.072-.034-.07-.034-.069-.035-.068-.035-.067-.035-.066-.035-.064-.036-.063-.036-.062-.036-.061-.036-.06-.037-.058-.037-.057-.037-.056-.038-.055-.038-.053-.038-.052-.038-.051-.039-.049-.039-.049-.039-.046-.039-.046-.04-.044-.04-.043-.04-.041-.04-.04-.041-.039-.041-.037-.041-.036-.041-.034-.041-.033-.042-.032-.042-.03-.042-.029-.042-.027-.042-.026-.043-.024-.043-.023-.043-.021-.043-.02-.043-.018-.044-.017-.043-.015-.044-.013-.044-.012-.044-.011-.045-.009-.044-.007-.045-.006-.045-.004-.045-.002-.045-.001-.045v-17l.001-.045.002-.045.004-.045.006-.045.007-.045.009-.044.011-.045.012-.044.013-.044.015-.044.017-.043.018-.044.02-.043.021-.043.023-.043.024-.043.026-.043.027-.042.029-.042.03-.042.032-.042.033-.042.034-.041.036-.041.037-.041.039-.041.04-.041.041-.04.043-.04.044-.04.046-.04.046-.039.049-.039.049-.039.051-.039.052-.038.053-.038.055-.038.056-.038.057-.037.058-.037.06-.037.061-.036.062-.036.063-.036.064-.036.066-.035.067-.035.068-.035.069-.035.07-.034.072-.034.072-.033.074-.033.151-.066.155-.064.159-.063.164-.061.167-.06.172-.059.176-.057.179-.056.184-.054.187-.053.19-.051.195-.05.198-.048.201-.046.204-.045.208-.043.211-.041.214-.04.217-.038.22-.036.223-.034.226-.032.228-.031.231-.028.234-.027.236-.024.238-.023.241-.02.243-.019.245-.016.247-.015.249-.012.251-.01.253-.008.255-.005.256-.004.258-.001.258.001zm-9.258 20.499v.01l.001.021.003.021.004.022.005.021.006.022.007.022.009.023.01.022.011.023.012.023.013.023.015.023.016.024.017.023.018.024.019.024.021.024.022.025.023.024.024.025.052.049.056.05.061.051.066.051.07.051.075.051.079.052.084.052.088.052.092.052.097.052.102.051.105.052.11.052.114.051.119.051.123.051.127.05.131.05.135.05.139.048.144.049.147.047.152.047.155.047.16.045.163.045.167.043.171.043.176.041.178.041.183.039.187.039.19.037.194.035.197.035.202.033.204.031.209.03.212.029.216.027.219.025.222.024.226.021.23.02.233.018.236.016.24.015.243.012.246.01.249.008.253.005.256.004.259.001.26-.001.257-.004.254-.005.25-.008.247-.011.244-.012.241-.014.237-.016.233-.018.231-.021.226-.021.224-.024.22-.026.216-.027.212-.028.21-.031.205-.031.202-.034.198-.034.194-.036.191-.037.187-.039.183-.04.179-.04.175-.042.172-.043.168-.044.163-.045.16-.046.155-.046.152-.047.148-.048.143-.049.139-.049.136-.05.131-.05.126-.05.123-.051.118-.052.114-.051.11-.052.106-.052.101-.052.096-.052.092-.052.088-.053.083-.051.079-.052.074-.052.07-.051.065-.051.06-.051.056-.05.051-.05.023-.024.023-.025.021-.024.02-.024.019-.024.018-.024.017-.024.015-.023.014-.024.013-.023.012-.023.01-.023.01-.022.008-.022.006-.022.006-.022.004-.022.004-.021.001-.021.001-.021v-4.127l-.077.055-.08.053-.083.054-.085.053-.087.052-.09.052-.093.051-.095.05-.097.05-.1.049-.102.049-.105.048-.106.047-.109.047-.111.046-.114.045-.115.045-.118.044-.12.043-.122.042-.124.042-.126.041-.128.04-.13.04-.132.038-.134.038-.135.037-.138.037-.139.035-.142.035-.143.034-.144.033-.147.032-.148.031-.15.03-.151.03-.153.029-.154.027-.156.027-.158.026-.159.025-.161.024-.162.023-.163.022-.165.021-.166.02-.167.019-.169.018-.169.017-.171.016-.173.015-.173.014-.175.013-.175.012-.177.011-.178.01-.179.008-.179.008-.181.006-.182.005-.182.004-.184.003-.184.002h-.37l-.184-.002-.184-.003-.182-.004-.182-.005-.181-.006-.179-.008-.179-.008-.178-.01-.176-.011-.176-.012-.175-.013-.173-.014-.172-.015-.171-.016-.17-.017-.169-.018-.167-.019-.166-.02-.165-.021-.163-.022-.162-.023-.161-.024-.159-.025-.157-.026-.156-.027-.155-.027-.153-.029-.151-.03-.15-.03-.148-.031-.146-.032-.145-.033-.143-.034-.141-.035-.14-.035-.137-.037-.136-.037-.134-.038-.132-.038-.13-.04-.128-.04-.126-.041-.124-.042-.122-.042-.12-.044-.117-.043-.116-.045-.113-.045-.112-.046-.109-.047-.106-.047-.105-.048-.102-.049-.1-.049-.097-.05-.095-.05-.093-.052-.09-.051-.087-.052-.085-.053-.083-.054-.08-.054-.077-.054v4.127zm0-5.654v.011l.001.021.003.021.004.021.005.022.006.022.007.022.009.022.01.022.011.023.012.023.013.023.015.024.016.023.017.024.018.024.019.024.021.024.022.024.023.025.024.024.052.05.056.05.061.05.066.051.07.051.075.052.079.051.084.052.088.052.092.052.097.052.102.052.105.052.11.051.114.051.119.052.123.05.127.051.131.05.135.049.139.049.144.048.147.048.152.047.155.046.16.045.163.045.167.044.171.042.176.042.178.04.183.04.187.038.19.037.194.036.197.034.202.033.204.032.209.03.212.028.216.027.219.025.222.024.226.022.23.02.233.018.236.016.24.014.243.012.246.01.249.008.253.006.256.003.259.001.26-.001.257-.003.254-.006.25-.008.247-.01.244-.012.241-.015.237-.016.233-.018.231-.02.226-.022.224-.024.22-.025.216-.027.212-.029.21-.03.205-.032.202-.033.198-.035.194-.036.191-.037.187-.039.183-.039.179-.041.175-.042.172-.043.168-.044.163-.045.16-.045.155-.047.152-.047.148-.048.143-.048.139-.05.136-.049.131-.05.126-.051.123-.051.118-.051.114-.052.11-.052.106-.052.101-.052.096-.052.092-.052.088-.052.083-.052.079-.052.074-.051.07-.052.065-.051.06-.05.056-.051.051-.049.023-.025.023-.024.021-.025.02-.024.019-.024.018-.024.017-.024.015-.023.014-.023.013-.024.012-.022.01-.023.01-.023.008-.022.006-.022.006-.022.004-.021.004-.022.001-.021.001-.021v-4.139l-.077.054-.08.054-.083.054-.085.052-.087.053-.09.051-.093.051-.095.051-.097.05-.1.049-.102.049-.105.048-.106.047-.109.047-.111.046-.114.045-.115.044-.118.044-.12.044-.122.042-.124.042-.126.041-.128.04-.13.039-.132.039-.134.038-.135.037-.138.036-.139.036-.142.035-.143.033-.144.033-.147.033-.148.031-.15.03-.151.03-.153.028-.154.028-.156.027-.158.026-.159.025-.161.024-.162.023-.163.022-.165.021-.166.02-.167.019-.169.018-.169.017-.171.016-.173.015-.173.014-.175.013-.175.012-.177.011-.178.009-.179.009-.179.007-.181.007-.182.005-.182.004-.184.003-.184.002h-.37l-.184-.002-.184-.003-.182-.004-.182-.005-.181-.007-.179-.007-.179-.009-.178-.009-.176-.011-.176-.012-.175-.013-.173-.014-.172-.015-.171-.016-.17-.017-.169-.018-.167-.019-.166-.02-.165-.021-.163-.022-.162-.023-.161-.024-.159-.025-.157-.026-.156-.027-.155-.028-.153-.028-.151-.03-.15-.03-.148-.031-.146-.033-.145-.033-.143-.033-.141-.035-.14-.036-.137-.036-.136-.037-.134-.038-.132-.039-.13-.039-.128-.04-.126-.041-.124-.042-.122-.043-.12-.043-.117-.044-.116-.044-.113-.046-.112-.046-.109-.046-.106-.047-.105-.048-.102-.049-.1-.049-.097-.05-.095-.051-.093-.051-.09-.051-.087-.053-.085-.052-.083-.054-.08-.054-.077-.054v4.139zm0-5.666v.011l.001.02.003.022.004.021.005.022.006.021.007.022.009.023.01.022.011.023.012.023.013.023.015.023.016.024.017.024.018.023.019.024.021.025.022.024.023.024.024.025.052.05.056.05.061.05.066.051.07.051.075.052.079.051.084.052.088.052.092.052.097.052.102.052.105.051.11.052.114.051.119.051.123.051.127.05.131.05.135.05.139.049.144.048.147.048.152.047.155.046.16.045.163.045.167.043.171.043.176.042.178.04.183.04.187.038.19.037.194.036.197.034.202.033.204.032.209.03.212.028.216.027.219.025.222.024.226.021.23.02.233.018.236.017.24.014.243.012.246.01.249.008.253.006.256.003.259.001.26-.001.257-.003.254-.006.25-.008.247-.01.244-.013.241-.014.237-.016.233-.018.231-.02.226-.022.224-.024.22-.025.216-.027.212-.029.21-.03.205-.032.202-.033.198-.035.194-.036.191-.037.187-.039.183-.039.179-.041.175-.042.172-.043.168-.044.163-.045.16-.045.155-.047.152-.047.148-.048.143-.049.139-.049.136-.049.131-.051.126-.05.123-.051.118-.052.114-.051.11-.052.106-.052.101-.052.096-.052.092-.052.088-.052.083-.052.079-.052.074-.052.07-.051.065-.051.06-.051.056-.05.051-.049.023-.025.023-.025.021-.024.02-.024.019-.024.018-.024.017-.024.015-.023.014-.024.013-.023.012-.023.01-.022.01-.023.008-.022.006-.022.006-.022.004-.022.004-.021.001-.021.001-.021v-4.153l-.077.054-.08.054-.083.053-.085.053-.087.053-.09.051-.093.051-.095.051-.097.05-.1.049-.102.048-.105.048-.106.048-.109.046-.111.046-.114.046-.115.044-.118.044-.12.043-.122.043-.124.042-.126.041-.128.04-.13.039-.132.039-.134.038-.135.037-.138.036-.139.036-.142.034-.143.034-.144.033-.147.032-.148.032-.15.03-.151.03-.153.028-.154.028-.156.027-.158.026-.159.024-.161.024-.162.023-.163.023-.165.021-.166.02-.167.019-.169.018-.169.017-.171.016-.173.015-.173.014-.175.013-.175.012-.177.01-.178.01-.179.009-.179.007-.181.006-.182.006-.182.004-.184.003-.184.001-.185.001-.185-.001-.184-.001-.184-.003-.182-.004-.182-.006-.181-.006-.179-.007-.179-.009-.178-.01-.176-.01-.176-.012-.175-.013-.173-.014-.172-.015-.171-.016-.17-.017-.169-.018-.167-.019-.166-.02-.165-.021-.163-.023-.162-.023-.161-.024-.159-.024-.157-.026-.156-.027-.155-.028-.153-.028-.151-.03-.15-.03-.148-.032-.146-.032-.145-.033-.143-.034-.141-.034-.14-.036-.137-.036-.136-.037-.134-.038-.132-.039-.13-.039-.128-.041-.126-.041-.124-.041-.122-.043-.12-.043-.117-.044-.116-.044-.113-.046-.112-.046-.109-.046-.106-.048-.105-.048-.102-.048-.1-.05-.097-.049-.095-.051-.093-.051-.09-.052-.087-.052-.085-.053-.083-.053-.08-.054-.077-.054v4.153zm8.74-8.179l-.257.004-.254.005-.25.008-.247.011-.244.012-.241.014-.237.016-.233.018-.231.021-.226.022-.224.023-.22.026-.216.027-.212.028-.21.031-.205.032-.202.033-.198.034-.194.036-.191.038-.187.038-.183.04-.179.041-.175.042-.172.043-.168.043-.163.045-.16.046-.155.046-.152.048-.148.048-.143.048-.139.049-.136.05-.131.05-.126.051-.123.051-.118.051-.114.052-.11.052-.106.052-.101.052-.096.052-.092.052-.088.052-.083.052-.079.052-.074.051-.07.052-.065.051-.06.05-.056.05-.051.05-.023.025-.023.024-.021.024-.02.025-.019.024-.018.024-.017.023-.015.024-.014.023-.013.023-.012.023-.01.023-.01.022-.008.022-.006.023-.006.021-.004.022-.004.021-.001.021-.001.021.001.021.001.021.004.021.004.022.006.021.006.023.008.022.01.022.01.023.012.023.013.023.014.023.015.024.017.023.018.024.019.024.02.025.021.024.023.024.023.025.051.05.056.05.06.05.065.051.07.052.074.051.079.052.083.052.088.052.092.052.096.052.101.052.106.052.11.052.114.052.118.051.123.051.126.051.131.05.136.05.139.049.143.048.148.048.152.048.155.046.16.046.163.045.168.043.172.043.175.042.179.041.183.04.187.038.191.038.194.036.198.034.202.033.205.032.21.031.212.028.216.027.22.026.224.023.226.022.231.021.233.018.237.016.241.014.244.012.247.011.25.008.254.005.257.004.26.001.26-.001.257-.004.254-.005.25-.008.247-.011.244-.012.241-.014.237-.016.233-.018.231-.021.226-.022.224-.023.22-.026.216-.027.212-.028.21-.031.205-.032.202-.033.198-.034.194-.036.191-.038.187-.038.183-.04.179-.041.175-.042.172-.043.168-.043.163-.045.16-.046.155-.046.152-.048.148-.048.143-.048.139-.049.136-.05.131-.05.126-.051.123-.051.118-.051.114-.052.11-.052.106-.052.101-.052.096-.052.092-.052.088-.052.083-.052.079-.052.074-.051.07-.052.065-.051.06-.05.056-.05.051-.05.023-.025.023-.024.021-.024.02-.025.019-.024.018-.024.017-.023.015-.024.014-.023.013-.023.012-.023.01-.023.01-.022.008-.022.006-.023.006-.021.004-.022.004-.021.001-.021.001-.021-.001-.021-.001-.021-.004-.021-.004-.022-.006-.021-.006-.023-.008-.022-.01-.022-.01-.023-.012-.023-.013-.023-.014-.023-.015-.024-.017-.023-.018-.024-.019-.024-.02-.025-.021-.024-.023-.024-.023-.025-.051-.05-.056-.05-.06-.05-.065-.051-.07-.052-.074-.051-.079-.052-.083-.052-.088-.052-.092-.052-.096-.052-.101-.052-.106-.052-.11-.052-.114-.052-.118-.051-.123-.051-.126-.051-.131-.05-.136-.05-.139-.049-.143-.048-.148-.048-.152-.048-.155-.046-.16-.046-.163-.045-.168-.043-.172-.043-.175-.042-.179-.041-.183-.04-.187-.038-.191-.038-.194-.036-.198-.034-.202-.033-.205-.032-.21-.031-.212-.028-.216-.027-.22-.026-.224-.023-.226-.022-.231-.021-.233-.018-.237-.016-.241-.014-.244-.012-.247-.011-.25-.008-.254-.005-.257-.004-.26-.001-.26.001z"/></symbol></defs><defs><symbol id="my-svg-clock" width="24" height="24"><path transform="scale(.5)" d="M12 2c5.514 0 10 4.486 10 10s-4.486 10-10 10-10-4.486-10-10 4.486-10 10-10zm0-2c-6.627 0-12 5.373-12 12s5.373 12 12 12 12-5.373 12-12-5.373-12-12-12zm5.848 12.459c.202.038.202.333.001.372-1.907.361-6.045 1.111-6.547 1.111-.719 0-1.301-.582-1.301-1.301 0-.512.77-5.447 1.125-7.445.034-.192.312-.181.343.014l.985 6.238 5.394 1.011z"/></symbol></defs><defs><marker id="my-svg-arrowhead" refX="7.9" refY="5" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M -1 0 L 10 5 L 0 10 z"/></marker></defs><defs><marker id="my-svg-crosshead" markerWidth="15" markerHeight="8" orient="auto" refX="4" refY="4.5"><path fill="none" stroke="#000000" stroke-width="1pt" d="M 1,2 L 6,7 M 6,2 L 1,7" style="stroke-dasharray: 0, 0;"/></marker></defs><defs><marker id="my-svg-filled-head" refX="15.5" refY="7" markerWidth="20" markerHeight="28" orient="auto"><path d="M 18,7 L9,13 L14,7 L9,1 Z"/></marker></defs><defs><marker id="my-svg-sequencenumber" refX="15" refY="15" markerWidth="60" markerHeight="40" orient="auto"><circle cx="15" cy="15" r="6"/></marker></defs><defs><marker id="my-svg-solidTopArrowHead" refX="7.9" refY="7.25" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 0 L 10 8 L 0 8 z"/></marker></defs><defs><marker id="my-svg-solidBottomArrowHead" refX="7.9" refY="0.75" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 0 L 10 0 L 0 8 z"/></marker></defs><defs><marker id="my-svg-stickTopArrowHead" refX="7.5" refY="7" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 0 L 7 7" stroke="black" stroke-width="1.5" fill="none"/></marker></defs><defs><marker id="my-svg-stickBottomArrowHead" refX="7.5" refY="0" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 7 L 7 0" stroke="black" stroke-width="1.5" fill="none"/></marker></defs><g data-et="note" data-id="i5"><rect x="466" y="253" fill="#EDF2AE" stroke="#666" width="1228.5" height="39" class="note"/><text x="1080" y="258" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="noteText" dy="1em" style="font-size: 16px; font-weight: 400;"><tspan x="1080">Token auth is rejected for strict cookie-only middleware.</tspan></text></g><g data-et="note" data-id="i40"><rect x="364" y="1900" fill="#EDF2AE" stroke="#666" width="254" height="58" class="note"/><text x="491" y="1905" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="noteText" dy="1em" style="font-size: 16px; font-weight: 400;"><tspan x="491">Sets req.auth, req.user, req.userRole,</tspan></text><text x="491" y="1924" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="noteText" dy="1em" style="font-size: 16px; font-weight: 400;"><tspan x="491">and request-local req.session.user.</tspan></text></g><g data-et="control-structure" data-id="i45"><line x1="64" y1="1968" x2="1680.5" y2="1968" class="loopLine"/><line x1="1680.5" y1="1968" x2="1680.5" y2="2146" class="loopLine"/><line x1="64" y1="2146" x2="1680.5" y2="2146" class="loopLine"/><line x1="64" y1="1968" x2="64" y2="2146" class="loopLine"/><line x1="64" y1="2062" x2="1680.5" y2="2062" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="64,1968 114,1968 114,1981 105.6,1988 64,1988" class="labelBox"/><text x="89" y="1981" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="1986" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[tokenScope does not allow req.method]</tspan></text><text x="872.25" y="2080" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[token scope allows method]</text></g><g data-et="control-structure" data-id="i46"><line x1="54" y1="1425" x2="1690.5" y2="1425" class="loopLine"/><line x1="1690.5" y1="1425" x2="1690.5" y2="2156" class="loopLine"/><line x1="54" y1="2156" x2="1690.5" y2="2156" class="loopLine"/><line x1="54" y1="1425" x2="54" y2="2156" class="loopLine"/><line x1="54" y1="1519" x2="1690.5" y2="1519" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="54" y1="1608" x2="1690.5" y2="1608" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="54" y1="1697" x2="1690.5" y2="1697" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="54" y1="1786" x2="1690.5" y2="1786" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="54,1425 104,1425 104,1438 95.6,1445 54,1445" class="labelBox"/><text x="79" y="1438" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="1443" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[tokenUser.active is false]</tspan></text><text x="872.25" y="1537" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Non-SuperAdmin has no allowed apps]</text><text x="872.25" y="1626" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Token allowedApps has wildcard but user apps do not include APP_NAME]</text><text x="872.25" y="1715" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Token allowedApps does not include APP_NAME]</text><text x="872.25" y="1804" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[App access allowed]</text></g><g data-et="control-structure" data-id="i47"><line x1="44" y1="820" x2="1700.5" y2="820" class="loopLine"/><line x1="1700.5" y1="820" x2="1700.5" y2="2166" class="loopLine"/><line x1="44" y1="2166" x2="1700.5" y2="2166" class="loopLine"/><line x1="44" y1="820" x2="44" y2="2166" class="loopLine"/><line x1="44" y1="1002" x2="1700.5" y2="1002" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="44" y1="1179" x2="1700.5" y2="1179" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="44,820 94,820 94,833 85.6,840 44,840" class="labelBox"/><text x="69" y="833" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="838" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[API token row not found]</tspan></text><text x="872.25" y="1020" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[API token expired]</text><text x="872.25" y="1197" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[API token found]</text></g><g data-et="control-structure" data-id="i48"><line x1="34" y1="391" x2="1710.5" y2="391" class="loopLine"/><line x1="1710.5" y1="391" x2="1710.5" y2="2176" class="loopLine"/><line x1="34" y1="2176" x2="1710.5" y2="2176" class="loopLine"/><line x1="34" y1="391" x2="34" y2="2176" class="loopLine"/><line x1="34" y1="529" x2="1710.5" y2="529" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="34" y1="662" x2="1710.5" y2="662" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="34,391 84,391 84,404 75.6,411 34,411" class="labelBox"/><text x="59" y="404" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="409" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[Header is not "Bearer <token>"]</tspan></text><text x="872.25" y="547" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Token does not start with mbk_ or is too long]</text><text x="872.25" y="680" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Token format is accepted]</text></g><g data-et="control-structure" data-id="i49"><line x1="24" y1="164" x2="1720.5" y2="164" class="loopLine"/><line x1="1720.5" y1="164" x2="1720.5" y2="2186" class="loopLine"/><line x1="24" y1="2186" x2="1720.5" y2="2186" class="loopLine"/><line x1="24" y1="164" x2="24" y2="2186" class="loopLine"/><line x1="24" y1="307" x2="1720.5" y2="307" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="24,164 74,164 74,177 65.6,184 24,184" class="labelBox"/><text x="49" y="177" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="182" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[strictTokenValidation is true]</tspan></text><text x="872.25" y="325" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[token auth allowed]</text></g><g data-et="control-structure" data-id="i59"><line x1="1146" y1="2418" x2="1680.5" y2="2418" class="loopLine"/><line x1="1680.5" y1="2418" x2="1680.5" y2="2596" class="loopLine"/><line x1="1146" y1="2596" x2="1680.5" y2="2596" class="loopLine"/><line x1="1146" y1="2418" x2="1146" y2="2596" class="loopLine"/><line x1="1146" y1="2512" x2="1680.5" y2="2512" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="1146,2418 1196,2418 1196,2431 1187.6,2438 1146,2438" class="labelBox"/><text x="1171" y="2431" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="1438.25" y="2436" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="1438.25">[prefersJson]</tspan></text><text x="1413.25" y="2530" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[browser/page request]</text></g><g data-et="control-structure" data-id="i68"><line x1="1146" y1="2844" x2="1680.5" y2="2844" class="loopLine"/><line x1="1680.5" y1="2844" x2="1680.5" y2="3022" class="loopLine"/><line x1="1146" y1="3022" x2="1680.5" y2="3022" class="loopLine"/><line x1="1146" y1="2844" x2="1146" y2="3022" class="loopLine"/><line x1="1146" y1="2938" x2="1680.5" y2="2938" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="1146,2844 1196,2844 1196,2857 1187.6,2864 1146,2864" class="labelBox"/><text x="1171" y="2857" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="1438.25" y="2862" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="1438.25">[prefersJson]</tspan></text><text x="1413.25" y="2956" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[browser/page request]</text></g><g data-et="control-structure" data-id="i77"><line x1="1146" y1="3240" x2="1680.5" y2="3240" class="loopLine"/><line x1="1680.5" y1="3240" x2="1680.5" y2="3418" class="loopLine"/><line x1="1146" y1="3418" x2="1680.5" y2="3418" class="loopLine"/><line x1="1146" y1="3240" x2="1146" y2="3418" class="loopLine"/><line x1="1146" y1="3334" x2="1680.5" y2="3334" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="1146,3240 1196,3240 1196,3253 1187.6,3260 1146,3260" class="labelBox"/><text x="1171" y="3253" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="1438.25" y="3258" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="1438.25">[prefersJson]</tspan></text><text x="1413.25" y="3352" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[browser/page request]</text></g><g data-et="control-structure" data-id="i92"><line x1="64" y1="3517" x2="1680.5" y2="3517" class="loopLine"/><line x1="1680.5" y1="3517" x2="1680.5" y2="4169" class="loopLine"/><line x1="64" y1="4169" x2="1680.5" y2="4169" class="loopLine"/><line x1="64" y1="3517" x2="64" y2="4169" class="loopLine"/><line x1="64" y1="3685" x2="1680.5" y2="3685" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="64" y1="3848" x2="1680.5" y2="3848" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="64" y1="4011" x2="1680.5" y2="4011" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="64,3517 114,3517 114,3530 105.6,3537 64,3537" class="labelBox"/><text x="89" y="3530" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="3535" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[session expired]</tspan></text><text x="872.25" y="3703" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[user account inactive]</text><text x="872.25" y="3866" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[user not allowed for APP_NAME]</text><text x="872.25" y="4029" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[session valid and app access allowed]</text></g><g data-et="control-structure" data-id="i93"><line x1="54" y1="3121" x2="1690.5" y2="3121" class="loopLine"/><line x1="1690.5" y1="3121" x2="1690.5" y2="4179" class="loopLine"/><line x1="54" y1="4179" x2="1690.5" y2="4179" class="loopLine"/><line x1="54" y1="3121" x2="54" y2="4179" class="loopLine"/><line x1="54" y1="3433" x2="1690.5" y2="3433" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="54,3121 104,3121 104,3134 95.6,3141 54,3141" class="labelBox"/><text x="79" y="3134" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="3139" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[DB session row not found]</tspan></text><text x="872.25" y="3451" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[DB session row found]</text></g><g data-et="control-structure" data-id="i94"><line x1="44" y1="2725" x2="1700.5" y2="2725" class="loopLine"/><line x1="1700.5" y1="2725" x2="1700.5" y2="4189" class="loopLine"/><line x1="44" y1="4189" x2="1700.5" y2="4189" class="loopLine"/><line x1="44" y1="2725" x2="44" y2="4189" class="loopLine"/><line x1="44" y1="3037" x2="1700.5" y2="3037" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="44,2725 94,2725 94,2738 85.6,2745 44,2745" class="labelBox"/><text x="69" y="2738" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="2743" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[sessionId missing or not UUID]</tspan></text><text x="872.25" y="3055" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[sessionId is UUID]</text></g><g data-et="control-structure" data-id="i95"><line x1="34" y1="2373" x2="1710.5" y2="2373" class="loopLine"/><line x1="1710.5" y1="2373" x2="1710.5" y2="4199" class="loopLine"/><line x1="34" y1="4199" x2="1710.5" y2="4199" class="loopLine"/><line x1="34" y1="2373" x2="34" y2="4199" class="loopLine"/><line x1="34" y1="2611" x2="1710.5" y2="2611" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="34,2373 84,2373 84,2386 75.6,2393 34,2393" class="labelBox"/><text x="59" y="2386" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="2391" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[req.session.user is missing]</tspan></text><text x="872.25" y="2629" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[req.session.user exists]</text></g><g data-et="control-structure" data-id="i96"><line x1="14" y1="119" x2="1730.5" y2="119" class="loopLine"/><line x1="1730.5" y1="119" x2="1730.5" y2="4209" class="loopLine"/><line x1="14" y1="4209" x2="1730.5" y2="4209" class="loopLine"/><line x1="14" y1="119" x2="14" y2="4209" class="loopLine"/><line x1="14" y1="2201" x2="1730.5" y2="2201" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="14,119 64,119 64,132 55.6,139 14,139" class="labelBox"/><text x="39" y="132" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="897.25" y="137" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="897.25">[Authorization header exists]</tspan></text><text x="872.25" y="2219" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[No Authorization header]</text></g><g data-et="control-structure" data-id="i99"><line x1="480" y1="4219" x2="1680.5" y2="4219" class="loopLine"/><line x1="1680.5" y1="4219" x2="1680.5" y2="4308" class="loopLine"/><line x1="480" y1="4308" x2="1680.5" y2="4308" class="loopLine"/><line x1="480" y1="4219" x2="480" y2="4308" class="loopLine"/><polygon points="480,4219 530,4219 530,4232 521.6,4239 480,4239" class="labelBox"/><text x="505" y="4232" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">opt</text><text x="1105.25" y="4237" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="1105.25">[Token or session validation throws]</tspan></text></g><text x="282" y="80" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">validateSession(req, res, next, strictTokenValidation?)</text><line x1="82" y1="109" x2="487" y2="109" class="messageLine0" data-et="message" data-id="i1" data-from="R" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="75" y1="109" x2="75" y2="109" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="75" y="113" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">1</text><text x="1079" y="214" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 INVALID_AUTH_TOKEN</text><line x1="498" y1="243" x2="1665.5" y2="243" class="messageLine1" data-et="message" data-id="i4" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="243" x2="491" y2="243" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="247" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">2</text><text x="704" y="352" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">validateTokenAuthentication(req)</text><line x1="498" y1="381" x2="915.5" y2="381" class="messageLine0" data-et="message" data-id="i7" data-from="VS" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="491" y1="381" x2="491" y2="381" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="385" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">3</text><text x="707" y="441" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">null</text><line x1="924.5" y1="470" x2="495" y2="470" class="messageLine1" data-et="message" data-id="i9" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="919.5" y1="470" x2="919.5" y2="470" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="474" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">4</text><text x="1079" y="485" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 INVALID_AUTH_TOKEN</text><line x1="498" y1="514" x2="1665.5" y2="514" class="messageLine1" data-et="message" data-id="i10" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="514" x2="491" y2="514" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="518" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">5</text><text x="707" y="574" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">{ error: "INVALID_TOKEN" }</text><line x1="924.5" y1="603" x2="495" y2="603" class="messageLine1" data-et="message" data-id="i12" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="919.5" y1="603" x2="919.5" y2="603" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="607" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">6</text><text x="1079" y="618" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 INVALID_AUTH_TOKEN</text><line x1="498" y1="647" x2="1665.5" y2="647" class="messageLine1" data-et="message" data-id="i13" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="647" x2="491" y2="647" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="651" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">7</text><text x="921" y="707" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">hashApiToken(token)</text><path d="M 920.5,736 C 980.5,726 980.5,766 920.5,756" class="messageLine0" data-et="message" data-id="i15" data-from="VT" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="926.5" style="fill: none;"/><line x1="919.5" y1="736" x2="919.5" y2="736" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="740" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">8</text><text x="1172" y="781" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">getApiTokenByHash(tokenHash)</text><line x1="926.5" y1="810" x2="1424" y2="810" class="messageLine0" data-et="message" data-id="i16" data-from="VT" data-to="DB" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="919.5" y1="810" x2="919.5" y2="810" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="814" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">9</text><text x="1175" y="870" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">null</text><line x1="1433" y1="899" x2="923.5" y2="899" class="messageLine1" data-et="message" data-id="i18" data-from="DB" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1428" y1="899" x2="1428" y2="899" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1428" y="903" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">10</text><text x="707" y="914" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">{ error: "INVALID_TOKEN" }</text><line x1="924.5" y1="943" x2="495" y2="943" class="messageLine1" data-et="message" data-id="i19" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="919.5" y1="943" x2="919.5" y2="943" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="947" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">11</text><text x="1079" y="958" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 INVALID_AUTH_TOKEN</text><line x1="498" y1="987" x2="1665.5" y2="987" class="messageLine1" data-et="message" data-id="i20" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="987" x2="491" y2="987" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="991" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">12</text><text x="1175" y="1047" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">row with ExpiresAt <= now</text><line x1="1433" y1="1076" x2="923.5" y2="1076" class="messageLine1" data-et="message" data-id="i22" data-from="DB" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1428" y1="1076" x2="1428" y2="1076" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1428" y="1080" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">13</text><text x="707" y="1091" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">{ error: "TOKEN_EXPIRED" }</text><line x1="924.5" y1="1120" x2="495" y2="1120" class="messageLine1" data-et="message" data-id="i23" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="919.5" y1="1120" x2="919.5" y2="1120" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="1124" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">14</text><text x="1079" y="1135" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 API_TOKEN_EXPIRED</text><line x1="498" y1="1164" x2="1665.5" y2="1164" class="messageLine1" data-et="message" data-id="i24" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="1164" x2="491" y2="1164" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="1168" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">15</text><text x="1175" y="1224" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">token row joined to user</text><line x1="1433" y1="1253" x2="923.5" y2="1253" class="messageLine1" data-et="message" data-id="i26" data-from="DB" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1428" y1="1253" x2="1428" y2="1253" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1428" y="1257" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">16</text><text x="921" y="1268" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">Resolve token scope and allowedApps</text><path d="M 920.5,1297 C 980.5,1287 980.5,1327 920.5,1317" class="messageLine0" data-et="message" data-id="i27" data-from="VT" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="926.5" style="fill: none;"/><line x1="919.5" y1="1297" x2="919.5" y2="1297" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="1301" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">17</text><text x="1172" y="1342" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">updateApiTokenLastUsed(row.id) async</text><line x1="926.5" y1="1371" x2="1424" y2="1371" class="messageLine0" data-et="message" data-id="i28" data-from="VT" data-to="DB" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="919.5" y1="1371" x2="919.5" y2="1371" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="1375" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">18</text><text x="707" y="1386" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">tokenUser</text><line x1="924.5" y1="1415" x2="495" y2="1415" class="messageLine1" data-et="message" data-id="i29" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="919.5" y1="1415" x2="919.5" y2="1415" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="919.5" y="1419" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">19</text><text x="1079" y="1475" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 ACCOUNT_INACTIVE</text><line x1="498" y1="1504" x2="1665.5" y2="1504" class="messageLine1" data-et="message" data-id="i31" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="1504" x2="491" y2="1504" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="1508" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">20</text><text x="1079" y="1564" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 APP_NOT_AUTHORIZED</text><line x1="498" y1="1593" x2="1665.5" y2="1593" class="messageLine1" data-et="message" data-id="i33" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="1593" x2="491" y2="1593" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="1597" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">21</text><text x="1079" y="1653" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 APP_NOT_AUTHORIZED</text><line x1="498" y1="1682" x2="1665.5" y2="1682" class="messageLine1" data-et="message" data-id="i35" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="1682" x2="491" y2="1682" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="1686" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">22</text><text x="1079" y="1742" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 APP_NOT_AUTHORIZED</text><line x1="498" y1="1771" x2="1665.5" y2="1771" class="messageLine1" data-et="message" data-id="i37" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="1771" x2="491" y2="1771" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="1775" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">23</text><text x="492" y="1831" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">attachApiTokenUser(req, res, tokenUser)</text><path d="M 492,1860 C 552,1850 552,1890 492,1880" class="messageLine0" data-et="message" data-id="i39" data-from="VS" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="498" style="fill: none;"/><line x1="491" y1="1860" x2="491" y2="1860" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="1864" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">24</text><text x="1079" y="2018" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">403 TOKEN_SCOPE_INSUFFICIENT</text><line x1="498" y1="2047" x2="1665.5" y2="2047" class="messageLine1" data-et="message" data-id="i42" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="2047" x2="491" y2="2047" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="2051" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">25</text><text x="285" y="2107" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">next()</text><line x1="496" y1="2136" x2="79" y2="2136" class="messageLine1" data-et="message" data-id="i44" data-from="VS" data-to="R" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="2136" x2="491" y2="2136" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="2140" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">26</text><text x="590" y="2246" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">isJsonRequest(req)</text><line x1="498" y1="2275" x2="687" y2="2275" class="messageLine0" data-et="message" data-id="i51" data-from="VS" data-to="JT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="491" y1="2275" x2="491" y2="2275" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="2279" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">27</text><text x="593" y="2290" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">prefersJson</text><line x1="696" y1="2319" x2="495" y2="2319" class="messageLine1" data-et="message" data-id="i52" data-from="JT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="691" y1="2319" x2="691" y2="2319" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="691" y="2323" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">28</text><text x="823" y="2334" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">validateCookieSession(req, res, next, prefersJson)</text><line x1="498" y1="2363" x2="1153" y2="2363" class="messageLine0" data-et="message" data-id="i53" data-from="VS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="491" y1="2363" x2="491" y2="2363" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="2367" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">29</text><text x="1412" y="2468" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 SESSION_NOT_FOUND</text><line x1="1164" y1="2497" x2="1665.5" y2="2497" class="messageLine1" data-et="message" data-id="i56" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="2497" x2="1157" y2="2497" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="2501" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">30</text><text x="1412" y="2557" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">302 /mbkauthe/login?redirect=...&reason=logged_out</text><line x1="1164" y1="2586" x2="1665.5" y2="2586" class="messageLine1" data-et="message" data-id="i58" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="2586" x2="1157" y2="2586" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="2590" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">31</text><text x="1158" y="2656" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">Read req.session.user.sessionId</text><path d="M 1158,2685 C 1218,2675 1218,2715 1158,2705" class="messageLine0" data-et="message" data-id="i61" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="1164" style="fill: none;"/><line x1="1157" y1="2685" x2="1157" y2="2685" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="2689" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">32</text><text x="1158" y="2775" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session and clear cookies</text><path d="M 1158,2804 C 1218,2794 1218,2834 1158,2824" class="messageLine0" data-et="message" data-id="i63" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="1164" style="fill: none;"/><line x1="1157" y1="2804" x2="1157" y2="2804" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="2808" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">33</text><text x="1412" y="2894" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 SESSION_EXPIRED</text><line x1="1164" y1="2923" x2="1665.5" y2="2923" class="messageLine1" data-et="message" data-id="i65" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="2923" x2="1157" y2="2923" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="2927" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">34</text><text x="1412" y="2983" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">Render "Session Expired" error page</text><line x1="1164" y1="3012" x2="1665.5" y2="3012" class="messageLine1" data-et="message" data-id="i67" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="3012" x2="1157" y2="3012" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3016" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">35</text><text x="1291" y="3082" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">getSessionAuthData(sessionId)</text><line x1="1164" y1="3111" x2="1424" y2="3111" class="messageLine0" data-et="message" data-id="i70" data-from="CS" data-to="DB" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="1157" y1="3111" x2="1157" y2="3111" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3115" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">36</text><text x="1158" y="3171" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session and clear cookies</text><path d="M 1158,3200 C 1218,3190 1218,3230 1158,3220" class="messageLine0" data-et="message" data-id="i72" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="1164" style="fill: none;"/><line x1="1157" y1="3200" x2="1157" y2="3200" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3204" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">37</text><text x="1412" y="3290" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 SESSION_INVALID</text><line x1="1164" y1="3319" x2="1665.5" y2="3319" class="messageLine1" data-et="message" data-id="i74" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="3319" x2="1157" y2="3319" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3323" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">38</text><text x="1412" y="3379" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">Render "Session Expired" error page</text><line x1="1164" y1="3408" x2="1665.5" y2="3408" class="messageLine1" data-et="message" data-id="i76" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="3408" x2="1157" y2="3408" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3412" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">39</text><text x="1294" y="3478" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">session row joined to user</text><line x1="1433" y1="3507" x2="1161" y2="3507" class="messageLine1" data-et="message" data-id="i79" data-from="DB" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1428" y1="3507" x2="1428" y2="3507" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1428" y="3511" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">40</text><text x="1158" y="3567" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session and clear cookies</text><path d="M 1158,3596 C 1218,3586 1218,3626 1158,3616" class="messageLine0" data-et="message" data-id="i81" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="1164" style="fill: none;"/><line x1="1157" y1="3596" x2="1157" y2="3596" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3600" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">41</text><text x="1412" y="3641" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 SESSION_EXPIRED or rendered error page</text><line x1="1164" y1="3670" x2="1665.5" y2="3670" class="messageLine1" data-et="message" data-id="i82" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="3670" x2="1157" y2="3670" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3674" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">42</text><text x="1158" y="3730" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session and clear cookies</text><path d="M 1158,3759 C 1218,3749 1218,3789 1158,3779" class="messageLine0" data-et="message" data-id="i84" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="1164" style="fill: none;"/><line x1="1157" y1="3759" x2="1157" y2="3759" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3763" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">43</text><text x="1412" y="3804" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 ACCOUNT_INACTIVE or rendered support page</text><line x1="1164" y1="3833" x2="1665.5" y2="3833" class="messageLine1" data-et="message" data-id="i85" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="3833" x2="1157" y2="3833" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3837" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">44</text><text x="1158" y="3893" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session and clear cookies</text><path d="M 1158,3922 C 1218,3912 1218,3952 1158,3942" class="messageLine0" data-et="message" data-id="i87" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="1164" style="fill: none;"/><line x1="1157" y1="3922" x2="1157" y2="3922" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="3926" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">45</text><text x="1412" y="3967" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 APP_NOT_AUTHORIZED or rendered unauthorized page</text><line x1="1164" y1="3996" x2="1665.5" y2="3996" class="messageLine1" data-et="message" data-id="i88" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="3996" x2="1157" y2="3996" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="4000" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">46</text><text x="1158" y="4056" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">req.userRole = sessionRow.Role</text><path d="M 1158,4085 C 1218,4075 1218,4115 1158,4105" class="messageLine0" data-et="message" data-id="i90" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="1164" style="fill: none;"/><line x1="1157" y1="4085" x2="1157" y2="4085" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="4089" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">47</text><text x="618" y="4130" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">next()</text><line x1="1162" y1="4159" x2="79" y2="4159" class="messageLine1" data-et="message" data-id="i91" data-from="CS" data-to="R" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1157" y1="4159" x2="1157" y2="4159" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1157" y="4163" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">48</text><text x="1079" y="4269" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">500 INTERNAL_SERVER_ERROR</text><line x1="498" y1="4298" x2="1665.5" y2="4298" class="messageLine1" data-et="message" data-id="i98" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="491" y1="4298" x2="491" y2="4298" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="491" y="4302" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">49</text></svg>
1	+ <svg id="my-svg" width="100%" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="max-width: 1448.5px; background-color: white;" viewBox="-50 -10 1448.5 2667" role="graphics-document document" aria-roledescription="sequence"><g><rect x="1198.5" y="2581" fill="#eaeaea" stroke="#666" width="150" height="65" name="RES" rx="3" ry="3" class="actor actor-bottom"/><text x="1273.5" y="2613.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1273.5" dy="0">Response</tspan></text></g><g><rect x="998.5" y="2581" fill="#eaeaea" stroke="#666" width="150" height="65" name="DB" rx="3" ry="3" class="actor actor-bottom"/><text x="1073.5" y="2613.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1073.5" dy="0">DB</tspan></text></g><g><rect x="718.5" y="2581" fill="#eaeaea" stroke="#666" width="168" height="65" name="CS" rx="3" ry="3" class="actor actor-bottom"/><text x="802.5" y="2613.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="802.5" dy="0">validateCookieSession</tspan></text></g><g><rect x="461.5" y="2581" fill="#eaeaea" stroke="#666" width="207" height="65" name="VT" rx="3" ry="3" class="actor actor-bottom"/><text x="565" y="2613.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="565" dy="0">validateTokenAuthentication</tspan></text></g><g><rect x="202" y="2581" fill="#eaeaea" stroke="#666" width="150" height="65" name="VS" rx="3" ry="3" class="actor actor-bottom"/><text x="277" y="2613.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="277" dy="0">validateSession</tspan></text></g><g><rect x="0" y="2581" fill="#eaeaea" stroke="#666" width="150" height="65" name="R" rx="3" ry="3" class="actor actor-bottom"/><text x="75" y="2613.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="75" dy="0">Protected Route</tspan></text></g><g><line id="actor5" x1="1273.5" y1="65" x2="1273.5" y2="2581" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="RES" data-et="life-line" data-id="RES"/><g id="root-5" data-et="participant" data-type="participant" data-id="RES"><rect x="1198.5" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="RES" rx="3" ry="3" class="actor actor-top"/><text x="1273.5" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1273.5" dy="0">Response</tspan></text></g></g><g><line id="actor4" x1="1073.5" y1="65" x2="1073.5" y2="2581" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="DB" data-et="life-line" data-id="DB"/><g id="root-4" data-et="participant" data-type="participant" data-id="DB"><rect x="998.5" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="DB" rx="3" ry="3" class="actor actor-top"/><text x="1073.5" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="1073.5" dy="0">DB</tspan></text></g></g><g><line id="actor3" x1="802.5" y1="65" x2="802.5" y2="2581" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="CS" data-et="life-line" data-id="CS"/><g id="root-3" data-et="participant" data-type="participant" data-id="CS"><rect x="718.5" y="0" fill="#eaeaea" stroke="#666" width="168" height="65" name="CS" rx="3" ry="3" class="actor actor-top"/><text x="802.5" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="802.5" dy="0">validateCookieSession</tspan></text></g></g><g><line id="actor2" x1="565" y1="65" x2="565" y2="2581" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="VT" data-et="life-line" data-id="VT"/><g id="root-2" data-et="participant" data-type="participant" data-id="VT"><rect x="461.5" y="0" fill="#eaeaea" stroke="#666" width="207" height="65" name="VT" rx="3" ry="3" class="actor actor-top"/><text x="565" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="565" dy="0">validateTokenAuthentication</tspan></text></g></g><g><line id="actor1" x1="277" y1="65" x2="277" y2="2581" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="VS" data-et="life-line" data-id="VS"/><g id="root-1" data-et="participant" data-type="participant" data-id="VS"><rect x="202" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="VS" rx="3" ry="3" class="actor actor-top"/><text x="277" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="277" dy="0">validateSession</tspan></text></g></g><g><line id="actor0" x1="75" y1="65" x2="75" y2="2581" class="actor-line 200" stroke-width="0.5px" stroke="#999" name="R" data-et="life-line" data-id="R"/><g id="root-0" data-et="participant" data-type="participant" data-id="R"><rect x="0" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" name="R" rx="3" ry="3" class="actor actor-top"/><text x="75" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor actor-box" style="text-anchor: middle; font-size: 16px; font-weight: 400;"><tspan x="75" dy="0">Protected Route</tspan></text></g></g><style>#my-svg{font-family:"trebuchet ms",verdana,arial,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#my-svg .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#my-svg .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#my-svg .error-icon{fill:#552222;}#my-svg .error-text{fill:#552222;stroke:#552222;}#my-svg .edge-thickness-normal{stroke-width:1px;}#my-svg .edge-thickness-thick{stroke-width:3.5px;}#my-svg .edge-pattern-solid{stroke-dasharray:0;}#my-svg .edge-thickness-invisible{stroke-width:0;fill:none;}#my-svg .edge-pattern-dashed{stroke-dasharray:3;}#my-svg .edge-pattern-dotted{stroke-dasharray:2;}#my-svg .marker{fill:#333333;stroke:#333333;}#my-svg .marker.cross{stroke:#333333;}#my-svg svg{font-family:"trebuchet ms",verdana,arial,sans-serif;font-size:16px;}#my-svg p{margin:0;}#my-svg .actor{stroke:#9370DB;fill:#ECECFF;stroke-width:1;}#my-svg rect.actor.outer-path[data-look="neo"]{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg rect.note[data-look="neo"]{stroke:#aaaa33;fill:#fff5ad;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg text.actor>tspan{fill:black;stroke:none;}#my-svg .actor-line{stroke:#9370DB;}#my-svg .innerArc{stroke-width:1.5;stroke-dasharray:none;}#my-svg .messageLine0{stroke-width:1.5;stroke-dasharray:none;stroke:#333;}#my-svg .messageLine1{stroke-width:1.5;stroke-dasharray:2,2;stroke:#333;}#my-svg [id$="-arrowhead"] path{fill:#333;stroke:#333;}#my-svg .sequenceNumber{fill:white;}#my-svg [id$="-sequencenumber"]{fill:#333;}#my-svg [id$="-crosshead"] path{fill:#333;stroke:#333;}#my-svg .messageText{fill:#333;stroke:none;}#my-svg .labelBox{stroke:#9370DB;fill:#ECECFF;filter:none;}#my-svg .labelText,#my-svg .labelText>tspan{fill:black;stroke:none;}#my-svg .loopText,#my-svg .loopText>tspan{fill:black;stroke:none;}#my-svg .sectionTitle,#my-svg .sectionTitle>tspan{fill:black;stroke:none;}#my-svg .loopLine{stroke-width:2px;stroke-dasharray:2,2;stroke:#9370DB;fill:#9370DB;}#my-svg .note{stroke:#aaaa33;fill:#fff5ad;}#my-svg .noteText,#my-svg .noteText>tspan{fill:black;stroke:none;font-weight:normal;}#my-svg .activation0{fill:#f4f4f4;stroke:#666;}#my-svg .activation1{fill:#f4f4f4;stroke:#666;}#my-svg .activation2{fill:#f4f4f4;stroke:#666;}#my-svg .actorPopupMenu{position:absolute;}#my-svg .actorPopupMenuPanel{position:absolute;fill:#ECECFF;box-shadow:0px 8px 16px 0px rgba(0,0,0,0.2);filter:drop-shadow(3px 5px 2px rgb(0 0 0 / 0.4));}#my-svg .actor-man circle,#my-svg line{fill:#ECECFF;stroke-width:2px;}#my-svg g rect.rect{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));stroke:#9370DB;}#my-svg .node .neo-node{stroke:#9370DB;}#my-svg [data-look="neo"].node rect,#my-svg [data-look="neo"].cluster rect,#my-svg [data-look="neo"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].node path{stroke:#9370DB;stroke-width:1px;}#my-svg [data-look="neo"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].node .neo-line path{stroke:#9370DB;filter:none;}#my-svg [data-look="neo"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].node circle .state-start{fill:#000000;}#my-svg [data-look="neo"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg [data-look="neo"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#my-svg :root{--mermaid-font-family:"trebuchet ms",verdana,arial,sans-serif;}</style><g/><defs><symbol id="my-svg-computer" width="24" height="24"><path transform="scale(.5)" d="M2 2v13h20v-13h-20zm18 11h-16v-9h16v9zm-10.228 6l.466-1h3.524l.467 1h-4.457zm14.228 3h-24l2-6h2.104l-1.33 4h18.45l-1.297-4h2.073l2 6zm-5-10h-14v-7h14v7z"/></symbol></defs><defs><symbol id="my-svg-database" fill-rule="evenodd" clip-rule="evenodd"><path transform="scale(.5)" d="M12.258.001l.256.004.255.005.253.008.251.01.249.012.247.015.246.016.242.019.241.02.239.023.236.024.233.027.231.028.229.031.225.032.223.034.22.036.217.038.214.04.211.041.208.043.205.045.201.046.198.048.194.05.191.051.187.053.183.054.18.056.175.057.172.059.168.06.163.061.16.063.155.064.15.066.074.033.073.033.071.034.07.034.069.035.068.035.067.035.066.035.064.036.064.036.062.036.06.036.06.037.058.037.058.037.055.038.055.038.053.038.052.038.051.039.05.039.048.039.047.039.045.04.044.04.043.04.041.04.04.041.039.041.037.041.036.041.034.041.033.042.032.042.03.042.029.042.027.042.026.043.024.043.023.043.021.043.02.043.018.044.017.043.015.044.013.044.012.044.011.045.009.044.007.045.006.045.004.045.002.045.001.045v17l-.001.045-.002.045-.004.045-.006.045-.007.045-.009.044-.011.045-.012.044-.013.044-.015.044-.017.043-.018.044-.02.043-.021.043-.023.043-.024.043-.026.043-.027.042-.029.042-.03.042-.032.042-.033.042-.034.041-.036.041-.037.041-.039.041-.04.041-.041.04-.043.04-.044.04-.045.04-.047.039-.048.039-.05.039-.051.039-.052.038-.053.038-.055.038-.055.038-.058.037-.058.037-.06.037-.06.036-.062.036-.064.036-.064.036-.066.035-.067.035-.068.035-.069.035-.07.034-.071.034-.073.033-.074.033-.15.066-.155.064-.16.063-.163.061-.168.06-.172.059-.175.057-.18.056-.183.054-.187.053-.191.051-.194.05-.198.048-.201.046-.205.045-.208.043-.211.041-.214.04-.217.038-.22.036-.223.034-.225.032-.229.031-.231.028-.233.027-.236.024-.239.023-.241.02-.242.019-.246.016-.247.015-.249.012-.251.01-.253.008-.255.005-.256.004-.258.001-.258-.001-.256-.004-.255-.005-.253-.008-.251-.01-.249-.012-.247-.015-.245-.016-.243-.019-.241-.02-.238-.023-.236-.024-.234-.027-.231-.028-.228-.031-.226-.032-.223-.034-.22-.036-.217-.038-.214-.04-.211-.041-.208-.043-.204-.045-.201-.046-.198-.048-.195-.05-.19-.051-.187-.053-.184-.054-.179-.056-.176-.057-.172-.059-.167-.06-.164-.061-.159-.063-.155-.064-.151-.066-.074-.033-.072-.033-.072-.034-.07-.034-.069-.035-.068-.035-.067-.035-.066-.035-.064-.036-.063-.036-.062-.036-.061-.036-.06-.037-.058-.037-.057-.037-.056-.038-.055-.038-.053-.038-.052-.038-.051-.039-.049-.039-.049-.039-.046-.039-.046-.04-.044-.04-.043-.04-.041-.04-.04-.041-.039-.041-.037-.041-.036-.041-.034-.041-.033-.042-.032-.042-.03-.042-.029-.042-.027-.042-.026-.043-.024-.043-.023-.043-.021-.043-.02-.043-.018-.044-.017-.043-.015-.044-.013-.044-.012-.044-.011-.045-.009-.044-.007-.045-.006-.045-.004-.045-.002-.045-.001-.045v-17l.001-.045.002-.045.004-.045.006-.045.007-.045.009-.044.011-.045.012-.044.013-.044.015-.044.017-.043.018-.044.02-.043.021-.043.023-.043.024-.043.026-.043.027-.042.029-.042.03-.042.032-.042.033-.042.034-.041.036-.041.037-.041.039-.041.04-.041.041-.04.043-.04.044-.04.046-.04.046-.039.049-.039.049-.039.051-.039.052-.038.053-.038.055-.038.056-.038.057-.037.058-.037.06-.037.061-.036.062-.036.063-.036.064-.036.066-.035.067-.035.068-.035.069-.035.07-.034.072-.034.072-.033.074-.033.151-.066.155-.064.159-.063.164-.061.167-.06.172-.059.176-.057.179-.056.184-.054.187-.053.19-.051.195-.05.198-.048.201-.046.204-.045.208-.043.211-.041.214-.04.217-.038.22-.036.223-.034.226-.032.228-.031.231-.028.234-.027.236-.024.238-.023.241-.02.243-.019.245-.016.247-.015.249-.012.251-.01.253-.008.255-.005.256-.004.258-.001.258.001zm-9.258 20.499v.01l.001.021.003.021.004.022.005.021.006.022.007.022.009.023.01.022.011.023.012.023.013.023.015.023.016.024.017.023.018.024.019.024.021.024.022.025.023.024.024.025.052.049.056.05.061.051.066.051.07.051.075.051.079.052.084.052.088.052.092.052.097.052.102.051.105.052.11.052.114.051.119.051.123.051.127.05.131.05.135.05.139.048.144.049.147.047.152.047.155.047.16.045.163.045.167.043.171.043.176.041.178.041.183.039.187.039.19.037.194.035.197.035.202.033.204.031.209.03.212.029.216.027.219.025.222.024.226.021.23.02.233.018.236.016.24.015.243.012.246.01.249.008.253.005.256.004.259.001.26-.001.257-.004.254-.005.25-.008.247-.011.244-.012.241-.014.237-.016.233-.018.231-.021.226-.021.224-.024.22-.026.216-.027.212-.028.21-.031.205-.031.202-.034.198-.034.194-.036.191-.037.187-.039.183-.04.179-.04.175-.042.172-.043.168-.044.163-.045.16-.046.155-.046.152-.047.148-.048.143-.049.139-.049.136-.05.131-.05.126-.05.123-.051.118-.052.114-.051.11-.052.106-.052.101-.052.096-.052.092-.052.088-.053.083-.051.079-.052.074-.052.07-.051.065-.051.06-.051.056-.05.051-.05.023-.024.023-.025.021-.024.02-.024.019-.024.018-.024.017-.024.015-.023.014-.024.013-.023.012-.023.01-.023.01-.022.008-.022.006-.022.006-.022.004-.022.004-.021.001-.021.001-.021v-4.127l-.077.055-.08.053-.083.054-.085.053-.087.052-.09.052-.093.051-.095.05-.097.05-.1.049-.102.049-.105.048-.106.047-.109.047-.111.046-.114.045-.115.045-.118.044-.12.043-.122.042-.124.042-.126.041-.128.04-.13.04-.132.038-.134.038-.135.037-.138.037-.139.035-.142.035-.143.034-.144.033-.147.032-.148.031-.15.03-.151.03-.153.029-.154.027-.156.027-.158.026-.159.025-.161.024-.162.023-.163.022-.165.021-.166.02-.167.019-.169.018-.169.017-.171.016-.173.015-.173.014-.175.013-.175.012-.177.011-.178.01-.179.008-.179.008-.181.006-.182.005-.182.004-.184.003-.184.002h-.37l-.184-.002-.184-.003-.182-.004-.182-.005-.181-.006-.179-.008-.179-.008-.178-.01-.176-.011-.176-.012-.175-.013-.173-.014-.172-.015-.171-.016-.17-.017-.169-.018-.167-.019-.166-.02-.165-.021-.163-.022-.162-.023-.161-.024-.159-.025-.157-.026-.156-.027-.155-.027-.153-.029-.151-.03-.15-.03-.148-.031-.146-.032-.145-.033-.143-.034-.141-.035-.14-.035-.137-.037-.136-.037-.134-.038-.132-.038-.13-.04-.128-.04-.126-.041-.124-.042-.122-.042-.12-.044-.117-.043-.116-.045-.113-.045-.112-.046-.109-.047-.106-.047-.105-.048-.102-.049-.1-.049-.097-.05-.095-.05-.093-.052-.09-.051-.087-.052-.085-.053-.083-.054-.08-.054-.077-.054v4.127zm0-5.654v.011l.001.021.003.021.004.021.005.022.006.022.007.022.009.022.01.022.011.023.012.023.013.023.015.024.016.023.017.024.018.024.019.024.021.024.022.024.023.025.024.024.052.05.056.05.061.05.066.051.07.051.075.052.079.051.084.052.088.052.092.052.097.052.102.052.105.052.11.051.114.051.119.052.123.05.127.051.131.05.135.049.139.049.144.048.147.048.152.047.155.046.16.045.163.045.167.044.171.042.176.042.178.04.183.04.187.038.19.037.194.036.197.034.202.033.204.032.209.03.212.028.216.027.219.025.222.024.226.022.23.02.233.018.236.016.24.014.243.012.246.01.249.008.253.006.256.003.259.001.26-.001.257-.003.254-.006.25-.008.247-.01.244-.012.241-.015.237-.016.233-.018.231-.02.226-.022.224-.024.22-.025.216-.027.212-.029.21-.03.205-.032.202-.033.198-.035.194-.036.191-.037.187-.039.183-.039.179-.041.175-.042.172-.043.168-.044.163-.045.16-.045.155-.047.152-.047.148-.048.143-.048.139-.05.136-.049.131-.05.126-.051.123-.051.118-.051.114-.052.11-.052.106-.052.101-.052.096-.052.092-.052.088-.052.083-.052.079-.052.074-.051.07-.052.065-.051.06-.05.056-.051.051-.049.023-.025.023-.024.021-.025.02-.024.019-.024.018-.024.017-.024.015-.023.014-.023.013-.024.012-.022.01-.023.01-.023.008-.022.006-.022.006-.022.004-.021.004-.022.001-.021.001-.021v-4.139l-.077.054-.08.054-.083.054-.085.052-.087.053-.09.051-.093.051-.095.051-.097.05-.1.049-.102.049-.105.048-.106.047-.109.047-.111.046-.114.045-.115.044-.118.044-.12.044-.122.042-.124.042-.126.041-.128.04-.13.039-.132.039-.134.038-.135.037-.138.036-.139.036-.142.035-.143.033-.144.033-.147.033-.148.031-.15.03-.151.03-.153.028-.154.028-.156.027-.158.026-.159.025-.161.024-.162.023-.163.022-.165.021-.166.02-.167.019-.169.018-.169.017-.171.016-.173.015-.173.014-.175.013-.175.012-.177.011-.178.009-.179.009-.179.007-.181.007-.182.005-.182.004-.184.003-.184.002h-.37l-.184-.002-.184-.003-.182-.004-.182-.005-.181-.007-.179-.007-.179-.009-.178-.009-.176-.011-.176-.012-.175-.013-.173-.014-.172-.015-.171-.016-.17-.017-.169-.018-.167-.019-.166-.02-.165-.021-.163-.022-.162-.023-.161-.024-.159-.025-.157-.026-.156-.027-.155-.028-.153-.028-.151-.03-.15-.03-.148-.031-.146-.033-.145-.033-.143-.033-.141-.035-.14-.036-.137-.036-.136-.037-.134-.038-.132-.039-.13-.039-.128-.04-.126-.041-.124-.042-.122-.043-.12-.043-.117-.044-.116-.044-.113-.046-.112-.046-.109-.046-.106-.047-.105-.048-.102-.049-.1-.049-.097-.05-.095-.051-.093-.051-.09-.051-.087-.053-.085-.052-.083-.054-.08-.054-.077-.054v4.139zm0-5.666v.011l.001.02.003.022.004.021.005.022.006.021.007.022.009.023.01.022.011.023.012.023.013.023.015.023.016.024.017.024.018.023.019.024.021.025.022.024.023.024.024.025.052.05.056.05.061.05.066.051.07.051.075.052.079.051.084.052.088.052.092.052.097.052.102.052.105.051.11.052.114.051.119.051.123.051.127.05.131.05.135.05.139.049.144.048.147.048.152.047.155.046.16.045.163.045.167.043.171.043.176.042.178.04.183.04.187.038.19.037.194.036.197.034.202.033.204.032.209.03.212.028.216.027.219.025.222.024.226.021.23.02.233.018.236.017.24.014.243.012.246.01.249.008.253.006.256.003.259.001.26-.001.257-.003.254-.006.25-.008.247-.01.244-.013.241-.014.237-.016.233-.018.231-.02.226-.022.224-.024.22-.025.216-.027.212-.029.21-.03.205-.032.202-.033.198-.035.194-.036.191-.037.187-.039.183-.039.179-.041.175-.042.172-.043.168-.044.163-.045.16-.045.155-.047.152-.047.148-.048.143-.049.139-.049.136-.049.131-.051.126-.05.123-.051.118-.052.114-.051.11-.052.106-.052.101-.052.096-.052.092-.052.088-.052.083-.052.079-.052.074-.052.07-.051.065-.051.06-.051.056-.05.051-.049.023-.025.023-.025.021-.024.02-.024.019-.024.018-.024.017-.024.015-.023.014-.024.013-.023.012-.023.01-.022.01-.023.008-.022.006-.022.006-.022.004-.022.004-.021.001-.021.001-.021v-4.153l-.077.054-.08.054-.083.053-.085.053-.087.053-.09.051-.093.051-.095.051-.097.05-.1.049-.102.048-.105.048-.106.048-.109.046-.111.046-.114.046-.115.044-.118.044-.12.043-.122.043-.124.042-.126.041-.128.04-.13.039-.132.039-.134.038-.135.037-.138.036-.139.036-.142.034-.143.034-.144.033-.147.032-.148.032-.15.03-.151.03-.153.028-.154.028-.156.027-.158.026-.159.024-.161.024-.162.023-.163.023-.165.021-.166.02-.167.019-.169.018-.169.017-.171.016-.173.015-.173.014-.175.013-.175.012-.177.01-.178.01-.179.009-.179.007-.181.006-.182.006-.182.004-.184.003-.184.001-.185.001-.185-.001-.184-.001-.184-.003-.182-.004-.182-.006-.181-.006-.179-.007-.179-.009-.178-.01-.176-.01-.176-.012-.175-.013-.173-.014-.172-.015-.171-.016-.17-.017-.169-.018-.167-.019-.166-.02-.165-.021-.163-.023-.162-.023-.161-.024-.159-.024-.157-.026-.156-.027-.155-.028-.153-.028-.151-.03-.15-.03-.148-.032-.146-.032-.145-.033-.143-.034-.141-.034-.14-.036-.137-.036-.136-.037-.134-.038-.132-.039-.13-.039-.128-.041-.126-.041-.124-.041-.122-.043-.12-.043-.117-.044-.116-.044-.113-.046-.112-.046-.109-.046-.106-.048-.105-.048-.102-.048-.1-.05-.097-.049-.095-.051-.093-.051-.09-.052-.087-.052-.085-.053-.083-.053-.08-.054-.077-.054v4.153zm8.74-8.179l-.257.004-.254.005-.25.008-.247.011-.244.012-.241.014-.237.016-.233.018-.231.021-.226.022-.224.023-.22.026-.216.027-.212.028-.21.031-.205.032-.202.033-.198.034-.194.036-.191.038-.187.038-.183.04-.179.041-.175.042-.172.043-.168.043-.163.045-.16.046-.155.046-.152.048-.148.048-.143.048-.139.049-.136.05-.131.05-.126.051-.123.051-.118.051-.114.052-.11.052-.106.052-.101.052-.096.052-.092.052-.088.052-.083.052-.079.052-.074.051-.07.052-.065.051-.06.05-.056.05-.051.05-.023.025-.023.024-.021.024-.02.025-.019.024-.018.024-.017.023-.015.024-.014.023-.013.023-.012.023-.01.023-.01.022-.008.022-.006.023-.006.021-.004.022-.004.021-.001.021-.001.021.001.021.001.021.004.021.004.022.006.021.006.023.008.022.01.022.01.023.012.023.013.023.014.023.015.024.017.023.018.024.019.024.02.025.021.024.023.024.023.025.051.05.056.05.06.05.065.051.07.052.074.051.079.052.083.052.088.052.092.052.096.052.101.052.106.052.11.052.114.052.118.051.123.051.126.051.131.05.136.05.139.049.143.048.148.048.152.048.155.046.16.046.163.045.168.043.172.043.175.042.179.041.183.04.187.038.191.038.194.036.198.034.202.033.205.032.21.031.212.028.216.027.22.026.224.023.226.022.231.021.233.018.237.016.241.014.244.012.247.011.25.008.254.005.257.004.26.001.26-.001.257-.004.254-.005.25-.008.247-.011.244-.012.241-.014.237-.016.233-.018.231-.021.226-.022.224-.023.22-.026.216-.027.212-.028.21-.031.205-.032.202-.033.198-.034.194-.036.191-.038.187-.038.183-.04.179-.041.175-.042.172-.043.168-.043.163-.045.16-.046.155-.046.152-.048.148-.048.143-.048.139-.049.136-.05.131-.05.126-.051.123-.051.118-.051.114-.052.11-.052.106-.052.101-.052.096-.052.092-.052.088-.052.083-.052.079-.052.074-.051.07-.052.065-.051.06-.05.056-.05.051-.05.023-.025.023-.024.021-.024.02-.025.019-.024.018-.024.017-.023.015-.024.014-.023.013-.023.012-.023.01-.023.01-.022.008-.022.006-.023.006-.021.004-.022.004-.021.001-.021.001-.021-.001-.021-.001-.021-.004-.021-.004-.022-.006-.021-.006-.023-.008-.022-.01-.022-.01-.023-.012-.023-.013-.023-.014-.023-.015-.024-.017-.023-.018-.024-.019-.024-.02-.025-.021-.024-.023-.024-.023-.025-.051-.05-.056-.05-.06-.05-.065-.051-.07-.052-.074-.051-.079-.052-.083-.052-.088-.052-.092-.052-.096-.052-.101-.052-.106-.052-.11-.052-.114-.052-.118-.051-.123-.051-.126-.051-.131-.05-.136-.05-.139-.049-.143-.048-.148-.048-.152-.048-.155-.046-.16-.046-.163-.045-.168-.043-.172-.043-.175-.042-.179-.041-.183-.04-.187-.038-.191-.038-.194-.036-.198-.034-.202-.033-.205-.032-.21-.031-.212-.028-.216-.027-.22-.026-.224-.023-.226-.022-.231-.021-.233-.018-.237-.016-.241-.014-.244-.012-.247-.011-.25-.008-.254-.005-.257-.004-.26-.001-.26.001z"/></symbol></defs><defs><symbol id="my-svg-clock" width="24" height="24"><path transform="scale(.5)" d="M12 2c5.514 0 10 4.486 10 10s-4.486 10-10 10-10-4.486-10-10 4.486-10 10-10zm0-2c-6.627 0-12 5.373-12 12s5.373 12 12 12 12-5.373 12-12-5.373-12-12-12zm5.848 12.459c.202.038.202.333.001.372-1.907.361-6.045 1.111-6.547 1.111-.719 0-1.301-.582-1.301-1.301 0-.512.77-5.447 1.125-7.445.034-.192.312-.181.343.014l.985 6.238 5.394 1.011z"/></symbol></defs><defs><marker id="my-svg-arrowhead" refX="7.9" refY="5" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M -1 0 L 10 5 L 0 10 z"/></marker></defs><defs><marker id="my-svg-crosshead" markerWidth="15" markerHeight="8" orient="auto" refX="4" refY="4.5"><path fill="none" stroke="#000000" stroke-width="1pt" d="M 1,2 L 6,7 M 6,2 L 1,7" style="stroke-dasharray: 0, 0;"/></marker></defs><defs><marker id="my-svg-filled-head" refX="15.5" refY="7" markerWidth="20" markerHeight="28" orient="auto"><path d="M 18,7 L9,13 L14,7 L9,1 Z"/></marker></defs><defs><marker id="my-svg-sequencenumber" refX="15" refY="15" markerWidth="60" markerHeight="40" orient="auto"><circle cx="15" cy="15" r="6"/></marker></defs><defs><marker id="my-svg-solidTopArrowHead" refX="7.9" refY="7.25" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 0 L 10 8 L 0 8 z"/></marker></defs><defs><marker id="my-svg-solidBottomArrowHead" refX="7.9" refY="0.75" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 0 L 10 0 L 0 8 z"/></marker></defs><defs><marker id="my-svg-stickTopArrowHead" refX="7.5" refY="7" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 0 L 7 7" stroke="black" stroke-width="1.5" fill="none"/></marker></defs><defs><marker id="my-svg-stickBottomArrowHead" refX="7.5" refY="0" markerUnits="userSpaceOnUse" markerWidth="12" markerHeight="12" orient="auto-start-reverse"><path d="M 0 7 L 7 0" stroke="black" stroke-width="1.5" fill="none"/></marker></defs><g data-et="control-structure" data-id="i31"><line x1="64" y1="1259" x2="1284.5" y2="1259" class="loopLine"/><line x1="1284.5" y1="1259" x2="1284.5" y2="1437" class="loopLine"/><line x1="64" y1="1437" x2="1284.5" y2="1437" class="loopLine"/><line x1="64" y1="1259" x2="64" y2="1437" class="loopLine"/><line x1="64" y1="1353" x2="1284.5" y2="1353" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="64,1259 114,1259 114,1272 105.6,1279 64,1279" class="labelBox"/><text x="89" y="1272" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="1277" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Scope disallows method]</tspan></text><text x="674.25" y="1371" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Scope ok]</text></g><g data-et="control-structure" data-id="i32"><line x1="54" y1="1051" x2="1294.5" y2="1051" class="loopLine"/><line x1="1294.5" y1="1051" x2="1294.5" y2="1447" class="loopLine"/><line x1="54" y1="1447" x2="1294.5" y2="1447" class="loopLine"/><line x1="54" y1="1051" x2="54" y2="1447" class="loopLine"/><line x1="54" y1="1145" x2="1294.5" y2="1145" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="54,1051 104,1051 104,1064 95.6,1071 54,1071" class="labelBox"/><text x="79" y="1064" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="1069" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Account inactive or app not authorized]</tspan></text><text x="674.25" y="1163" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Access allowed]</text></g><g data-et="control-structure" data-id="i33"><line x1="44" y1="564" x2="1304.5" y2="564" class="loopLine"/><line x1="1304.5" y1="564" x2="1304.5" y2="1457" class="loopLine"/><line x1="44" y1="1457" x2="1304.5" y2="1457" class="loopLine"/><line x1="44" y1="564" x2="44" y2="1457" class="loopLine"/><line x1="44" y1="746" x2="1304.5" y2="746" class="loopLine" style="stroke-dasharray: 3, 3;"/><line x1="44" y1="923" x2="1304.5" y2="923" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="44,564 94,564 94,577 85.6,584 44,584" class="labelBox"/><text x="69" y="577" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="582" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Token not found]</tspan></text><text x="674.25" y="764" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Token expired]</text><text x="674.25" y="941" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Token found]</text></g><g data-et="control-structure" data-id="i34"><line x1="34" y1="342" x2="1314.5" y2="342" class="loopLine"/><line x1="1314.5" y1="342" x2="1314.5" y2="1467" class="loopLine"/><line x1="34" y1="1467" x2="1314.5" y2="1467" class="loopLine"/><line x1="34" y1="342" x2="34" y2="1467" class="loopLine"/><line x1="34" y1="480" x2="1314.5" y2="480" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="34,342 84,342 84,355 75.6,362 34,362" class="labelBox"/><text x="59" y="355" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="360" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Invalid format or missing Bearer]</tspan></text><text x="674.25" y="498" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Token accepted]</text></g><g data-et="control-structure" data-id="i35"><line x1="24" y1="164" x2="1324.5" y2="164" class="loopLine"/><line x1="1324.5" y1="164" x2="1324.5" y2="1477" class="loopLine"/><line x1="24" y1="1477" x2="1324.5" y2="1477" class="loopLine"/><line x1="24" y1="164" x2="24" y2="1477" class="loopLine"/><line x1="24" y1="258" x2="1324.5" y2="258" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="24,164 74,164 74,177 65.6,184 24,184" class="labelBox"/><text x="49" y="177" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="182" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[strictTokenValidation is true]</tspan></text><text x="674.25" y="276" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[token auth allowed]</text></g><g data-et="control-structure" data-id="i55"><line x1="64" y1="2170" x2="1284.5" y2="2170" class="loopLine"/><line x1="1284.5" y1="2170" x2="1284.5" y2="2422" class="loopLine"/><line x1="64" y1="2422" x2="1284.5" y2="2422" class="loopLine"/><line x1="64" y1="2170" x2="64" y2="2422" class="loopLine"/><line x1="64" y1="2338" x2="1284.5" y2="2338" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="64,2170 114,2170 114,2183 105.6,2190 64,2190" class="labelBox"/><text x="89" y="2183" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="2188" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Expired, inactive, or app not allowed]</tspan></text><text x="674.25" y="2356" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Valid]</text></g><g data-et="control-structure" data-id="i56"><line x1="54" y1="1962" x2="1294.5" y2="1962" class="loopLine"/><line x1="1294.5" y1="1962" x2="1294.5" y2="2432" class="loopLine"/><line x1="54" y1="2432" x2="1294.5" y2="2432" class="loopLine"/><line x1="54" y1="1962" x2="54" y2="2432" class="loopLine"/><line x1="54" y1="2130" x2="1294.5" y2="2130" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="54,1962 104,1962 104,1975 95.6,1982 54,1982" class="labelBox"/><text x="79" y="1975" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="1980" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Row not found]</tspan></text><text x="674.25" y="2148" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Row found]</text></g><g data-et="control-structure" data-id="i57"><line x1="44" y1="1710" x2="1304.5" y2="1710" class="loopLine"/><line x1="1304.5" y1="1710" x2="1304.5" y2="2442" class="loopLine"/><line x1="44" y1="2442" x2="1304.5" y2="2442" class="loopLine"/><line x1="44" y1="1710" x2="44" y2="2442" class="loopLine"/><line x1="44" y1="1878" x2="1304.5" y2="1878" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="44,1710 94,1710 94,1723 85.6,1730 44,1730" class="labelBox"/><text x="69" y="1723" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="1728" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Invalid or missing sessionId UUID]</tspan></text><text x="674.25" y="1896" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Valid UUID]</text></g><g data-et="control-structure" data-id="i58"><line x1="34" y1="1576" x2="1314.5" y2="1576" class="loopLine"/><line x1="1314.5" y1="1576" x2="1314.5" y2="2452" class="loopLine"/><line x1="34" y1="2452" x2="1314.5" y2="2452" class="loopLine"/><line x1="34" y1="1576" x2="34" y2="2452" class="loopLine"/><line x1="34" y1="1670" x2="1314.5" y2="1670" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="34,1576 84,1576 84,1589 75.6,1596 34,1596" class="labelBox"/><text x="59" y="1589" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="1594" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Session missing]</tspan></text><text x="674.25" y="1688" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[Session exists]</text></g><g data-et="control-structure" data-id="i59"><line x1="14" y1="119" x2="1334.5" y2="119" class="loopLine"/><line x1="1334.5" y1="119" x2="1334.5" y2="2462" class="loopLine"/><line x1="14" y1="2462" x2="1334.5" y2="2462" class="loopLine"/><line x1="14" y1="119" x2="14" y2="2462" class="loopLine"/><line x1="14" y1="1492" x2="1334.5" y2="1492" class="loopLine" style="stroke-dasharray: 3, 3;"/><polygon points="14,119 64,119 64,132 55.6,139 14,139" class="labelBox"/><text x="39" y="132" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">alt</text><text x="699.25" y="137" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="699.25">[Authorization header exists]</tspan></text><text x="674.25" y="1510" text-anchor="middle" class="sectionTitle" style="font-size: 16px; font-weight: 400;">[No Authorization header]</text></g><g data-et="control-structure" data-id="i62"><line x1="266" y1="2472" x2="1284.5" y2="2472" class="loopLine"/><line x1="1284.5" y1="2472" x2="1284.5" y2="2561" class="loopLine"/><line x1="266" y1="2561" x2="1284.5" y2="2561" class="loopLine"/><line x1="266" y1="2472" x2="266" y2="2561" class="loopLine"/><polygon points="266,2472 316,2472 316,2485 307.6,2492 266,2492" class="labelBox"/><text x="291" y="2485" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="labelText" style="font-size: 16px; font-weight: 400;">opt</text><text x="800.25" y="2490" text-anchor="middle" class="loopText" style="font-size: 16px; font-weight: 400;"><tspan x="800.25">[Unhandled throw]</tspan></text></g><text x="175" y="80" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">validateSession(req)</text><line x1="82" y1="109" x2="273" y2="109" class="messageLine0" data-et="message" data-id="i1" data-from="R" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="75" y1="109" x2="75" y2="109" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="75" y="113" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">1</text><text x="774" y="214" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 INVALID_AUTH_TOKEN</text><line x1="284" y1="243" x2="1269.5" y2="243" class="messageLine1" data-et="message" data-id="i4" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="243" x2="277" y2="243" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="247" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">2</text><text x="420" y="303" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">validateTokenAuthentication(req)</text><line x1="284" y1="332" x2="561" y2="332" class="messageLine0" data-et="message" data-id="i6" data-from="VS" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="277" y1="332" x2="277" y2="332" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="336" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">3</text><text x="423" y="392" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">null / error</text><line x1="570" y1="421" x2="281" y2="421" class="messageLine1" data-et="message" data-id="i8" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="565" y1="421" x2="565" y2="421" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="565" y="425" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">4</text><text x="774" y="436" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 INVALID_AUTH_TOKEN</text><line x1="284" y1="465" x2="1269.5" y2="465" class="messageLine1" data-et="message" data-id="i9" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="465" x2="277" y2="465" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="469" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">5</text><text x="818" y="525" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">getApiTokenByHash(hash)</text><line x1="572" y1="554" x2="1069.5" y2="554" class="messageLine0" data-et="message" data-id="i11" data-from="VT" data-to="DB" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="565" y1="554" x2="565" y2="554" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="565" y="558" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">6</text><text x="821" y="614" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">null</text><line x1="1078.5" y1="643" x2="569" y2="643" class="messageLine1" data-et="message" data-id="i13" data-from="DB" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1073.5" y1="643" x2="1073.5" y2="643" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1073.5" y="647" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">7</text><text x="423" y="658" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">error</text><line x1="570" y1="687" x2="281" y2="687" class="messageLine1" data-et="message" data-id="i14" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="565" y1="687" x2="565" y2="687" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="565" y="691" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">8</text><text x="774" y="702" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 INVALID_AUTH_TOKEN</text><line x1="284" y1="731" x2="1269.5" y2="731" class="messageLine1" data-et="message" data-id="i15" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="731" x2="277" y2="731" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="735" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">9</text><text x="821" y="791" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">expired row</text><line x1="1078.5" y1="820" x2="569" y2="820" class="messageLine1" data-et="message" data-id="i17" data-from="DB" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1073.5" y1="820" x2="1073.5" y2="820" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1073.5" y="824" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">10</text><text x="423" y="835" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">TOKEN_EXPIRED</text><line x1="570" y1="864" x2="281" y2="864" class="messageLine1" data-et="message" data-id="i18" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="565" y1="864" x2="565" y2="864" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="565" y="868" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">11</text><text x="774" y="879" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 API_TOKEN_EXPIRED</text><line x1="284" y1="908" x2="1269.5" y2="908" class="messageLine1" data-et="message" data-id="i19" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="908" x2="277" y2="908" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="912" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">12</text><text x="821" y="968" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">token row + user</text><line x1="1078.5" y1="997" x2="569" y2="997" class="messageLine1" data-et="message" data-id="i21" data-from="DB" data-to="VT" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="1073.5" y1="997" x2="1073.5" y2="997" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="1073.5" y="1001" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">13</text><text x="423" y="1012" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">tokenUser</text><line x1="570" y1="1041" x2="281" y2="1041" class="messageLine1" data-et="message" data-id="i22" data-from="VT" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="565" y1="1041" x2="565" y2="1041" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="565" y="1045" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">14</text><text x="774" y="1101" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 ACCOUNT_INACTIVE / APP_NOT_AUTHORIZED</text><line x1="284" y1="1130" x2="1269.5" y2="1130" class="messageLine1" data-et="message" data-id="i24" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="1130" x2="277" y2="1130" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="1134" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">15</text><text x="278" y="1190" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">attachApiTokenUser(req)</text><path d="M 278,1219 C 338,1209 338,1249 278,1239" class="messageLine0" data-et="message" data-id="i26" data-from="VS" data-to="VS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="284" style="fill: none;"/><line x1="277" y1="1219" x2="277" y2="1219" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="1223" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">16</text><text x="774" y="1309" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">403 TOKEN_SCOPE_INSUFFICIENT</text><line x1="284" y1="1338" x2="1269.5" y2="1338" class="messageLine1" data-et="message" data-id="i28" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="1338" x2="277" y2="1338" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="1342" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">17</text><text x="178" y="1398" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">next()</text><line x1="282" y1="1427" x2="79" y2="1427" class="messageLine1" data-et="message" data-id="i30" data-from="VS" data-to="R" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="1427" x2="277" y2="1427" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="1431" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">18</text><text x="538" y="1537" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">validateCookieSession(req, prefersJson)</text><line x1="284" y1="1566" x2="798.5" y2="1566" class="messageLine0" data-et="message" data-id="i37" data-from="VS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="277" y1="1566" x2="277" y2="1566" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="1570" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">19</text><text x="1037" y="1626" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 SESSION_NOT_FOUND / redirect</text><line x1="809.5" y1="1655" x2="1269.5" y2="1655" class="messageLine1" data-et="message" data-id="i39" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="802.5" y1="1655" x2="802.5" y2="1655" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="1659" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">20</text><text x="804" y="1760" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session</text><path d="M 803.5,1789 C 863.5,1779 863.5,1819 803.5,1809" class="messageLine0" data-et="message" data-id="i42" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="809.5" style="fill: none;"/><line x1="802.5" y1="1789" x2="802.5" y2="1789" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="1793" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">21</text><text x="1037" y="1834" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 SESSION_EXPIRED / error page</text><line x1="809.5" y1="1863" x2="1269.5" y2="1863" class="messageLine1" data-et="message" data-id="i43" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="802.5" y1="1863" x2="802.5" y2="1863" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="1867" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">22</text><text x="937" y="1923" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">getSessionAuthData(sessionId)</text><line x1="809.5" y1="1952" x2="1069.5" y2="1952" class="messageLine0" data-et="message" data-id="i45" data-from="CS" data-to="DB" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="fill: none;"/><line x1="802.5" y1="1952" x2="802.5" y2="1952" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="1956" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">23</text><text x="804" y="2012" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session</text><path d="M 803.5,2041 C 863.5,2031 863.5,2071 803.5,2061" class="messageLine0" data-et="message" data-id="i47" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="809.5" style="fill: none;"/><line x1="802.5" y1="2041" x2="802.5" y2="2041" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="2045" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">24</text><text x="1037" y="2086" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 SESSION_INVALID / error page</text><line x1="809.5" y1="2115" x2="1269.5" y2="2115" class="messageLine1" data-et="message" data-id="i48" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="802.5" y1="2115" x2="802.5" y2="2115" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="2119" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">25</text><text x="804" y="2220" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">destroy session</text><path d="M 803.5,2249 C 863.5,2239 863.5,2279 803.5,2269" class="messageLine0" data-et="message" data-id="i51" data-from="CS" data-to="CS" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" x1="809.5" style="fill: none;"/><line x1="802.5" y1="2249" x2="802.5" y2="2249" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="2253" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">26</text><text x="1037" y="2294" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">401 / error page</text><line x1="809.5" y1="2323" x2="1269.5" y2="2323" class="messageLine1" data-et="message" data-id="i52" data-from="CS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="802.5" y1="2323" x2="802.5" y2="2323" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="2327" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">27</text><text x="440" y="2383" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">next()</text><line x1="807.5" y1="2412" x2="79" y2="2412" class="messageLine1" data-et="message" data-id="i54" data-from="CS" data-to="R" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="802.5" y1="2412" x2="802.5" y2="2412" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="802.5" y="2416" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">28</text><text x="774" y="2522" text-anchor="middle" dominant-baseline="middle" alignment-baseline="middle" class="messageText" dy="1em" style="font-size: 16px; font-weight: 400;">500 INTERNAL_SERVER_ERROR</text><line x1="284" y1="2551" x2="1269.5" y2="2551" class="messageLine1" data-et="message" data-id="i61" data-from="VS" data-to="RES" stroke-width="2" stroke="none" marker-end="url(#my-svg-arrowhead)" style="stroke-dasharray: 3, 3; fill: none;"/><line x1="277" y1="2551" x2="277" y2="2551" stroke-width="0" marker-start="url(#my-svg-sequencenumber)"/><text x="277" y="2555" font-family="sans-serif" font-size="12px" text-anchor="middle" class="sequenceNumber">29</text></svg>

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mbkauthe",
-  "version": "5.0.1",
+  "version": "5.0.2",
   "description": "MBKTech's reusable authentication system for Node.js applications.",
   "main": "index.js",
   "type": "module",