Security Architecture
Browser
CSP + HTTPS
CSP + HTTPS
→
Remix Server
Auth + Validation
Auth + Validation
→
Supabase
RLS + Encryption
RLS + Encryption
→
External APIs
OAuth + Tokens
OAuth + Tokens
Authentication
• Supabase Auth (JWT)
• Google OAuth 2.0
• Session management
• CSRF protection
• Google OAuth 2.0
• Session management
• CSRF protection
Data Protection
• AES-256 encryption
• TLS 1.3 transport
• Row-level security
• Org-scoped queries
• TLS 1.3 transport
• Row-level security
• Org-scoped queries