SecureAuth Portal

Secure Authentication
& Access Control Portal

A secure web application demonstrating password protection, multi-factor authentication (TOTP), role-based access control, and real-time security monitoring.

Security Features

Secure Password Storage

bcrypt hashing with configurable cost factor. Passwords never stored in plaintext.

Multi-Factor Auth (TOTP)

Time-based OTP via Google Authenticator. QR code enrollment with RFC 6238 compliance.

Role-Based Access Control

User and Admin roles enforced at database level with Row Level Security policies.

Anomaly Detection

Rule-based risk scoring: IP tracking, failed attempt monitoring, rapid login detection.

Rate Limiting

Account lockout after excessive failures. Per-session attempt tracking.

JWT Sessions

Secure token-based authentication with automatic refresh and httpOnly cookie support.

// ITBP301 – Security Principles & Practice
Cybersecurity Course Project – UAE University
Secure Authentication & Access Control Portal

// Core Technologies
Database: PostgreSQL with Row Level Security
Authentication: Supabase Auth (JWT, TOTP MFA)
Security: RBAC, Rate Limiting, Anomaly Detection
Deployment: Cloudflare Workers (Edge)

Secure Authentication& Access Control Portal