@startuml

group Register
Client -> Pathfinder : E-Mail + Login form
Pathfinder -> Keeper : Save account info
alt No errors
Keeper -> Pathfinder : E-Mail address
Pathfinder -> Mailman : Send sign-in url with TOKEN
Pathfinder -> Client : OK with Check e-mail
else Invalid data
Keeper -> Pathfinder : Failed
Pathfinder -> Client : BAD_REQUEST with errors
end
end

group Sign In (First step)
Client -> Pathfinder : Send Login form
Pathfinder -> Keeper : Load user profile
alt Valid
Keeper -> Pathfinder : User e-mail
Pathfinder -> Mailman : Send sign-in url with TOKEN
Pathfinder -> Client : OK with Check e-mail
else Invalid
Keeper -> Pathfinder : Not found
Pathfinder -> Client : OK with Check e-mail
end
end

group Sign In (Second step)
Client -> Pathfinder : Visit sign-in url from e-mail
Pathfinder -> Mailman : Check TOKEN
alt Valid token
Mailman -> Pathfinder : Found
Pathfinder -> Sentinel : Generate JWT
Sentinel -> Pathfinder : JWT
Pathfinder -> Client : FOUND with JWT
else Invalid token
Mailman -> Pathfinder : Not found
Pathfinder -> Client : UNAUTHORIZED
end
end

group Check session
Client -> Pathfinder : Validate JWT
Pathfinder -> Sentinel : Check JWT
alt Valid JWT
Sentinel -> Pathfinder : Valid
Pathfinder -> Client : FOUND
else Invalid JWT
Sentinel -> Pathfinder : Invalid
Pathfinder -> Client : UNAUTHORIZED
end
end

@enduml