A secure note-sharing application with HTML-rendered Markdown, featuring Policy-Based Access Control (PBAC) and OWASP-aligned security architecture.
This project is a fullstack web application that allows users to create, manage, and share notes written in Markdown — rendered as HTML. The focus lies on applying modern security principles, including Policy-Based Access Control via Open Policy Agent and OWASP best practices throughout the entire stack.
- 📄 Markdown Notes – Create and edit notes with full Markdown support, rendered as HTML
- 🔐 Policy-Based Access Control (PBAC) – Fine-grained authorization powered by Open Policy Agent
- 🔗 Note Sharing – Share notes with other users with configurable access permissions
- 🛡️ OWASP-Aligned Security – Secure authentication flow with JWT + Refresh Token rotation, HttpOnly Cookies, Fingerprinting, and CSRF protection
- ✉️ Email Verification – Account registration includes email confirmation
- 🔑 Password Reset – Secure password reset via email link
- 💬 Real-Time Chat (Coming Soon) – Secure WebSocket-based messaging between users, following OWASP WebSocket Security
- 👥 Team Structure (Coming Soon) – Organize users into teams with team-based resource access control via Open Policy Agent
Docker & Docker Compose installed
Copy the example file and fill in your values:
cd projekt
cp .env.example .envJWT_SECRET=your-secret-here
REFRESH_TOKEN_HMAC_SECRET=your-secret-here
POSTGRES_USER=your-user
POSTGRES_DB=your-db
POSTGRES_PASSWORD=your-password
MAIL_HOST=mailhog
MAIL_PORT=1025
⚠️ Note: The local database configuration is required for running backend integration and unit tests.
docker compose -f docker-compose.dev.yml up --build| Service | URL |
|---|---|
| Backend | http://localhost:8080 |
| Frontend | http://localhost:8090 |
| Mailhog | http://localhost:8025 |