Mathis/memegoat
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Activity
Files
1f7bd51a7bf604c1204a75a48e1126737f525b64
memegoat/documentation/content/docs/flows.mdx
Mathis HERRIOT 1f7bd51a7b feat(docs): add detailed features and business flow diagrams 
- Introduced new interaction and community features, including comments and private messaging.
- Added technical diagrams for critical workflows: authentication, content publication, and messaging.
- Enhanced data model documentation with support for comments and messaging tables.
- Updated API references with endpoints for comments, messaging, and user search.
- Integrated post-quantum cryptography for improved data protection.
2026-02-01 20:27:46 +01:00

178 lines
5.5 KiB
Plaintext
Raw Blame History

---
title: Flux Métiers
description: Diagrammes de séquence et explications des flux critiques de Memegoat.
---
# 🔄 Flux Métiers
Cette section détaille les processus critiques de la plateforme Memegoat à travers des diagrammes de séquence et des explications techniques étape par étape.
## 🔐 Authentification & Sécurité
### Inscription & Double Authentification (2FA)
Le processus d'inscription intègre immédiatement les mesures de sécurité fortes (Argon2id, PGP). L'activation de la 2FA est optionnelle mais fortement recommandée.
```mermaid
sequenceDiagram
participant U as Utilisateur
participant F as Frontend
participant B as Backend
participant DB as PostgreSQL
participant M as Serveur SMTP
Note over U, DB: Flux d'Inscription
U->>F: Remplir formulaire (email, password)
F->>B: POST /auth/register
B->>B: Hash password (Argon2id)
B->>B: Chiffrement Email (PGP)
B->>B: Génération Email Hash (Blind Indexing)
B->>DB: INSERT INTO users
B->>M: Envoi email de validation
B-->>F: 201 Created
F-->>U: Succès (Redirection Login)
Note over U, DB: Activation 2FA
U->>F: Activer 2FA
F->>B: POST /users/me/2fa/setup
B->>B: Générer Secret TOTP
B->>B: Chiffrer Secret (PGP)
B->>DB: UPDATE users SET two_factor_secret
B-->>F: Secret + QR Code URL
F-->>U: Affiche QR Code
U->>F: Saisir code TOTP
F->>B: POST /users/me/2fa/enable (token)
B->>B: Déchiffrer Secret (PGP)
B->>B: Vérifier TOTP (otplib)
B->>DB: UPDATE users SET is_two_factor_enabled = true
B-->>F: 200 OK
```
---
## 📤 Publication de Contenu (Pipeline Média)
La publication d'un mème ou d'un GIF suit un pipeline rigoureux garantissant la sécurité (Antivirus) et l'optimisation (Transcodage).
```mermaid
sequenceDiagram
participant U as Utilisateur
participant F as Frontend
participant B as Backend
participant AV as ClamAV
participant S3 as MinIO (S3)
participant DB as PostgreSQL
U->>F: Sélectionner image/vidéo
F->>B: POST /contents/upload (multipart)
B->>B: Validation (Taille, MIME-Type)
B->>AV: Scan Antivirus (Stream)
AV-->>B: Verdict (Clean/Infected)
alt Infecté
B-->>F: 400 Bad Request (Virus detected)
else Sain
B->>B: Transcodage (Sharp/FFmpeg)
Note right of B: WebP pour images, WebM pour vidéos
B->>S3: Upload fichier optimisé
S3-->>B: Storage Key
B->>DB: INSERT INTO contents
B->>DB: INSERT INTO audit_logs (Upload action)
B-->>F: 201 Created
end
```
---
## 💬 Messagerie & Temps Réel
Memegoat utilise **Socket.io** pour les interactions en temps réel, avec une validation de session robuste via `iron-session`.
```mermaid
sequenceDiagram
participant U1 as Utilisateur A
participant F1 as Frontend A
participant WS as WebSocket Gateway
participant B as Backend (API)
participant F2 as Frontend B
participant U2 as Utilisateur B
U1->>F1: Ouvre le chat
F1->>WS: Connexion (transports: websocket)
Note over WS: Authentification via iron-session cookie
WS->>WS: Vérifie Access Token (JWT)
WS->>WS: Rejoindre room "user:A"
WS-->>F1: Connected
U1->>F1: Tape un message
F1->>WS: Event "typing" { recipientId: B, isTyping: true }
WS->>F2: Event "user_typing" { userId: A, isTyping: true }
F2-->>U2: Affiche "A est en train d'écrire..."
U1->>F1: Envoyer message
F1->>B: POST /messages { recipientId: B, text: "Salut !" }
B->>DB: INSERT INTO messages
B-->>F1: 201 Created
B->>WS: Trigger Notify(B)
WS->>F2: Event "new_message" { senderId: A, text: "Salut !" }
F2-->>U2: Affiche message + Notification
```
---
## ⚖️ Cycle de Vie & Conformité (RGPD)
La gestion des données respecte le droit à l'oubli à travers un processus de suppression en deux étapes et une purge automatique.
```mermaid
sequenceDiagram
participant U as Utilisateur
participant B as Backend
participant DB as PostgreSQL
participant S3 as MinIO (S3)
participant C as Cron Job (PurgeService)
Note over U, DB: Droit à l'oubli (Phase 1)
U->>B: DELETE /users/me
B->>DB: UPDATE users SET deleted_at = NOW()
B->>DB: UPDATE contents SET deleted_at = NOW() WHERE user_id = U
B-->>U: 200 OK (Compte désactivé)
Note over C, S3: Purge Automatique (Phase 2 - après 30 jours)
C->>B: Execute purgeExpiredData()
B->>DB: SELECT users WHERE deleted_at < 30 days
B->>DB: DELETE FROM users (Hard Delete)
Note right of B: Cascade delete sur API keys, Sessions, etc.
B->>DB: DELETE FROM contents (Hard Delete)
B->>S3: DELETE objects (Storage Keys)
B->>DB: Purge Audit Logs / Reports expirés
```
---
## 🚩 Modération
Le flux de modération permet aux utilisateurs de signaler des abus, traités ensuite par les administrateurs.
```mermaid
sequenceDiagram
participant U as Utilisateur
participant B as Backend
participant DB as PostgreSQL
participant A as Administrateur
U->>B: POST /reports { contentId, reason, description }
B->>DB: INSERT INTO reports (status: pending)
B-->>U: 201 Created
A->>B: GET /reports (Admin Panel)
B->>DB: SELECT * FROM reports WHERE status = pending
B-->>A: Liste des signalements
A->>B: PATCH /reports/:id/status { status: resolved }
B->>DB: UPDATE reports SET status = resolved
Note right of B: Si contenu illicite, l'admin peut supprimer le contenu
B->>B: DELETE /contents/:id/admin (Hard Delete)
B-->>A: 200 OK
```
Reference in New Issue View Git Blame Copy Permalink