1. High-Level Design (HLD)

This service acts as the central entry point for the entire flight booking system. It handles user authentication, Role-Based Access Control (RBAC), and serves as an API Gateway, proxying traffic to downstream microservices while enforcing rate limits.

2. Class & Component Design

The code follows a strict 3-layer architecture (Controller-Service-Repository) alongside an API Gateway routing mechanism

3. Key Algorithms & Logic (Critical Flows)

A. User Signup & Password Hashing

When a user signs up, the system must securely store their credentials and assign a default role.

B. Authentication (JWT Generation) When a user signs in, the system verifies their identity and issues a stateless token.

1. Retrieve: Fetch the user by email from the DB.
2. Verify: Compare the incoming plain-text password with the stored hash using bcrypt.compare.
3. Generate: Create a JWT payload containing the user's id and email.
4. Sign & Return: Sign the JWT using the JWT_SECRET and return it to the client.

4. Database Schema & Relationships

The application utilizes Sequelize ORM to model a Many-to-Many relationship between Users and Roles.

• Users Table: Stores id, email, and password. Includes a beforeCreate hook to automatically salt and hash passwords before they touch the database.