Home
This project is a secure web application built using Flask that demonstrates real-world cybersecurity practices in authentication systems.
It includes multiple layers of protection such as password hashing, CSRF protection, brute-force prevention, role-based access control, and activity logging.
- Build a secure authentication system
- Prevent common web attacks (CSRF, brute-force)
- Implement role-based access control
- Monitor and log suspicious activities
- Apply OWASP secure coding practices
- User Registration & Login
- Password Hashing (Bcrypt)
- Strong Password Validation
- Brute-force Attack Protection
- Role-Based Access Control (Admin/User)
- CSRF Protection (Flask-WTF)
- Security Logging
- Custom Error Handling
- User registers with strong password rules
- Password is hashed using bcrypt
- Login attempts are monitored and limited
- CSRF tokens protect form submissions
- Users are assigned roles (admin/user)
- Admin routes are restricted
- Activities are logged in system logs
- Understanding secure authentication systems
- Implementing CSRF protection
- Applying role-based access control
- Preventing brute-force attacks
- Logging and monitoring security events
- Python (Flask)
- SQLite Database
- Flask-Login
- Flask-WTF
- SQLAlchemy
- Bcrypt
- Two-Factor Authentication (2FA)
- Admin Analytics Dashboard
- Database-based logging system
- IP tracking for login attempts
- Password reset via email
- Deployment on cloud platforms
This project can be used as a base for:
- Secure login systems
- Admin dashboards
- SaaS applications
- Cybersecurity training environments
Deepanshu Semwal
