Skip to main content

Architecture

Components

Supabase Auth

  • Purpose: Handles user authentication and session management
  • Technology: Supabase Auth service
  • Key Functions:
    • Email/password verification
    • Session token generation
    • Password reset functionality

TOTP 2FA System

  • Purpose: Mandatory second factor authentication
  • Technology: TOTP (Time-based One-Time Password)
  • Key Functions:
    • Generate 6-digit time-based codes
    • Verify codes against user’s authenticator app
    • Block access without valid 2FA

Session Management

  • Purpose: Maintain secure user sessions
  • Technology: JWT tokens with Supabase
  • Key Functions:
    • Automatic session refresh
    • Session timeout handling
    • Cross-tab session synchronization

Implementation

Login Process

React form with email/password validation, connects to Supabase Auth API.

2FA Verification

TOTP code verification using Supabase’s built-in 2FA, required for all users.

Session Storage

JWT tokens stored in browser, automatically refreshed by Supabase client.
All users must have 2FA enabled - no exceptions for any role