CAS System Architecture

Complete overview of our modular Central Authentication Service with enterprise-grade organization

📐 System Design Principles

🔐 Admin Section

Client system management, IP whitelisting, audit logs, security configuration

👤 User Section

Personal dashboard, client system linking, one-click SSO login, profile management

📚 Public Section

API documentation, integration guides, examples, public resources

🗂️ Code Organization

🔐 Admin Structure

app/Http/Controllers/Admin/
├── ClientSystemController.php
├── AuditLogController.php
└── IpWhitelistController.php

app/Livewire/Admin/
├── ClientSystemsManager.php
└── IpWhitelistManager.php

resources/views/admin/
├── layouts/app.blade.php
├── client-systems-livewire.blade.php
├── ip-whitelist-livewire.blade.php
└── livewire/

👤 User Structure

app/Http/Controllers/User/
└── UserDashboardController.php

app/Livewire/User/
└── UserDashboard.php

resources/views/user/
├── layouts/app.blade.php
├── dashboard.blade.php
└── livewire/
    └── user-dashboard.blade.php

📚 Public Structure

app/Http/Controllers/Public/
└── DocumentationController.php

resources/views/public/
├── layouts/app.blade.php
└── documentation/
    ├── index.blade.php
    ├── api.blade.php
    ├── examples.blade.php
    ├── system-architecture.blade.php
    └── (language-specific guides)

🗄️ PostgreSQL Schema Design

Enterprise-grade schema separation with proper access controls and security isolation.

🔐 cas_admin Schema

  • client_systems - Client application configurations
  • ip_whitelist - IP access control lists
  • system_config - Administrative settings
  • Access: Admin users only

👤 cas_user Schema

  • users - User accounts and profiles
  • user_client_links - System linkages
  • sso_tokens - Authentication tokens
  • Access: User-specific RLS policies

📚 cas_public Schema

  • documentation_pages - API docs
  • api_examples - Code samples
  • public_content - General resources
  • Access: Read-only public

📊 cas_audit Schema

  • audit_logs - Complete activity logs
  • security_events - Security incidents
  • performance_metrics - System metrics
  • Access: Audit-only permissions

🛣️ Route Organization

🔐 Admin Routes

/admin/client-systems
/admin/ip-whitelist
/admin/audit-logs
/admin/system-config

// Blue-themed interfaces
// Full management capabilities

👤 User Routes

/user/dashboard
/user/profile
/user/systems
/user/settings

// Green-themed interfaces
// Self-service features

📚 Public Routes

/docs
/docs/api
/docs/examples
/docs/integration

// Gray-themed interfaces
// Public documentation

⚡ Technology Stack

Backend Technologies

  • Laravel 12 - Modern PHP framework with advanced features
  • Livewire 3.6 - Server-side rendering with real-time updates
  • PostgreSQL - Multi-schema enterprise database design
  • Express.js - Alternative TypeScript-based CAS server

Frontend Technologies

  • Tailwind CSS - Utility-first styling framework
  • Alpine.js - Minimal JavaScript framework for interactions
  • Blade Templates - Laravel's templating engine
  • React/Vite - Optional modern frontend stack

🔒 Security Architecture

Authentication & Authorization

  • JWT Tokens - Secure token-based authentication
  • Scrypt/Bcrypt - Advanced password hashing
  • Session Management - PostgreSQL-backed sessions
  • Role-Based Access - Admin/User permission separation

Security Controls

  • IP Whitelisting - Network-level access control
  • HMAC-SHA256 - Cryptographic signature validation
  • CSRF Protection - Built into Livewire components
  • Audit Logging - Comprehensive activity tracking

⚡ Performance Features

Livewire Implementation Benefits

75%
Fewer HTTP Requests

Server-side rendering eliminates API calls

80%
Faster Load Times

Initial content available immediately

100%
Real-Time Updates

Live updates without page refreshes

🔗 Integration Overview

Traditional SSO Flow

  1. 1. Client system requests token with credentials
  2. 2. CAS validates client_id + client_secret + username
  3. 3. JWT token generated with user details
  4. 4. Client system receives authenticated user

Dashboard SSO Flow

  1. 1. User links username to client system
  2. 2. One-click login from user dashboard
  3. 3. Automatic token generation and redirect
  4. 4. Seamless authentication to target system

Supported Integration Languages

Laravel/PHP .NET/C# Node.js Java Python JavaScript