SECURITY MODEL
Security built in, not bolted on.
The CREANODE platform is designed with security as a foundational constraint — not a feature added after the fact. Every layer of the system enforces isolation, authentication, and auditability.
Authentication
Secure session-based authentication with bcrypt password hashing, session fixation prevention, and session invalidation on logout. Failed login attempts are tracked per account and per IP — with automatic lockout after threshold breach. Authentication events are logged in full.
Authorization
Every request is checked against the user's role and permissions before any data is accessed or any action is performed. Authorization is enforced at the controller layer and repeated at the data layer — so it cannot be bypassed by constructing a direct database query. The UI hiding a button is not security; the data layer refusing the request is.
Data Isolation
Each organization's data is scoped at the query level — not just filtered in the UI. A user in one organization cannot access another organization's data through any path: direct URLs, API calls, or parameter manipulation. Tenant isolation is a structural property of the system, not a permission check.
CSRF & Rate Limiting
All state-modifying requests require a valid CSRF token. Rate limiting is applied to authentication endpoints, form submissions, and API calls — with per-account and per-IP tracking. Rate limiting prevents brute-force attacks and reduces the blast radius of compromised credentials.
Audit Trail
Every significant operation — login, logout, data access, data modification, admin action, API call — is logged with actor, timestamp, IP address, and change details. Audit logs are append-only and cannot be modified through the application. The audit trail is the organization's record of what happened and who was responsible.
