Tenant isolation
Tenant-scoped repositories, membership enforcement, object-level authorization, and a separately tested PostgreSQL RLS path.
Backend security demonstration · Portfolio project
TrustVault Lite is a controlled multi-tenant evidence portal built to demonstrate backend authorization, tenant isolation, secure sessions, private file delivery, delegated access, and audit logging—not to collect real customer data.
Security controls demonstrated
Each control is visible in the UI, enforced by the API, and backed by negative tests.
Tenant-scoped repositories, membership enforcement, object-level authorization, and a separately tested PostgreSQL RLS path.
A centralized deny-by-default policy layer enforces role, tenant, project, action, and resource boundaries.
Server-side sessions use HttpOnly, Secure, SameSite cookies with origin validation, CSRF tokens, and revocation.
Synthetic PDFs pass validation and mock scan states before authenticated or share-link proxy downloads are allowed.
API keys and share-link secrets are high entropy, stored as hashes, displayed once, scoped, expiring, and revocable.
Security-relevant successes and denials feed tenant-scoped audit views and a compact security dashboard.
Three-minute walkthrough
The demo is seeded so a reviewer can reach meaningful controls immediately.
Compare Owner, Viewer, Auditor, and a separate Globex tenant. Try an action outside the selected role and observe the denial.
Create a project, upload the generated synthetic PDF, trigger the authenticated mock scan, and download only after it is clean.
Create and revoke a scoped API key or expiring share link, then inspect the resulting audit events and security signals.
Deliberate scope
The project demonstrates secure design decisions while keeping operations intentionally small, inspectable, and disposable. These limits are documented—not hidden.
Ready to inspect it?
Synthetic data only · No account required · Ephemeral state