Security

The backend system has been meticulously designed with security as a top priority, ensuring the protection of both user data and system integrity. All communication between the client and server is enforced strictly over HTTPS, using industry-standard TLS protocols. This guarantees the confidentiality and integrity of data in transit, preventing man-in-the-middle (MITM) attacks or eavesdropping. Any non-HTTPS request is automatically rejected or redirected to secure channels, ensuring no part of the system is exposed through unencrypted communication.

A critical component of backend security is the authentication and session management system. The API uses JSON Web Tokens (JWT) for stateless and scalable authentication. JWTs are signed and validated using a secure algorithm (RS256), and token expiration is configured to limit the lifespan of a session, reducing the risk of token hijacking. Additionally, rate limiting is implemented at the API gateway level to prevent brute-force attacks and abuse, especially on sensitive endpoints like login or password reset.

Password storage is handled with utmost care. All user passwords are hashed using the bcrypt algorithm, with 10 rounds of salting. Bcrypt is computationally expensive by design, making it significantly harder for attackers to perform brute-force attacks, even in case of a data breach. The system also includes checks for password strength at registration and password change points, further enhancing overall credential security.

The backend is protected against a broad range of SQL injection attacks through the use of parameterized queries and ORM-level query builders. No raw SQL is exposed directly to user input without strict sanitization and validation. This eliminates the possibility of attackers manipulating queries to access unauthorized data or execute unintended operations. In addition to SQL injection protection, the backend also includes safeguards against Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF). While XSS primarily affects the frontend, the backend ensures all returned data is encoded properly to prevent malicious scripts from executing in the browser. For CSRF, tokens and SameSite cookie policies are configured to ensure that only authorized and intentional requests are processed.

The backend server itself runs in a secure and isolated environment, with restricted SSH access, active monitoring, and regular software patching to minimize vulnerabilities. Logs and exceptions are handled using structured logging systems, and all errors return standardized and sanitized responses to avoid leaking stack traces or internal system details. Critical errors are reported to an internal alerting system, allowing developers to respond quickly and proactively.

Finally, the database follows industry best practices for access control and encryption. Only the application backend has credentials to access the production database, and these credentials are stored securely using environment variables and secrets management tools. Role-based access control (RBAC) ensures that users only have access to the data and operations necessary for their role, minimizing the surface area for privilege escalation or data exposure.