sequenceDiagram
participant User
participant ReactApp
participant SpringServer
Note over User, ReactApp: 1. User initiates authentication
ReactApp->>+User: Redirect to Login Page
User-->>-ReactApp: Enters Credentials
Note over ReactApp: 2. Frontend sends credentials to backend
ReactApp->>+SpringServer: POST /login {username, password}
SpringServer-->>-ReactApp: Responds with JWT (Access Token and Refresh Token)
Note over ReactApp, SpringServer: 3. Store tokens securely in the frontend
Note over ReactApp, SpringServer: 4. Access Protected Resource
ReactApp->>+SpringServer: GET /api/resource {Authorization: Bearer <Access Token>}
SpringServer-->>-ReactApp: Returns Protected Resource
Note over ReactApp, SpringServer: 5. Access Token Expiry Detected
ReactApp->>+SpringServer: POST /refresh {refreshToken}
SpringServer-->>-ReactApp: Responds with new Access Token
Note over ReactApp: Continue accessing resources with new Access Token