A Sustainable Security Framework for Modern Applications using Multi-Factor Authentication and Access Management
SecureOps is a comprehensive face recognition authentication platform that implements multi-factor authentication (MFA) with biometric verification. The system provides secure user registration, login, and access management using facial recognition technology combined with traditional OTP-based verification.
- Multi-Factor Authentication (MFA): Combines facial biometrics with OTP verification
- Facial Detection & Verification: Real-time facial detection and verification using advanced computer vision
- User Management: Complete user lifecycle management with role-based access
- Admin Dashboard: Administrative interface for system monitoring and user management
- Secure Token Management: JWT-based authentication with secure session handling
- Firebase Integration: Cloud database integration for scalable data storage
- Real-time Notifications: Live feedback and status updates during authentication
- Responsive Design: Modern, mobile-friendly web interface
- Python Flask: RESTful API server
- Firebase Admin SDK: Cloud database and authentication
- JWT (JSON Web Tokens): Secure token-based authentication
- PyOTP: Time-based OTP generation and verification
- Face Recognition Models: PyTorch-based facial recognition
- OpenCV: Computer vision processing
- bcrypt: Password hashing
- HTML5/CSS3: Modern responsive design
- JavaScript (ES6+): Client-side logic and API integration
- Face Detection: Uses MTCNN to detect and align faces in images
- Face Embeddings: Generates 512-dimensional face embeddings using FaceNet
- Similarity Matching: Compares face embeddings using cosine similarity
- Verification: Authenticates users by comparing live face captures with stored reference embeddings
- Python 3.11+: Backend runtime environment
- Node.js: For potential frontend tooling (optional)
- Firebase Project: Google Cloud Firebase project with Firestore enabled
- Web Browser: Modern browser with WebRTC support for camera access
- Camera: Webcam or camera device for facial recognition
git clone <repository-url>
cd applicationpython -m venv venv
# On Windows:
venv\Scripts\activate
# On macOS/Linux:
source venv/bin/activatepip install -r requirements.txt- Create a Firebase project at Firebase Console
- Enable Firestore Database
- Generate a service account key JSON file
- Place the JSON file at
backend/firebase/firebase_key.json - Or set the
FIREBASE_CREDENTIALSenvironment variable to the JSON file path
Create a .env file in the root directory:
FIREBASE_CREDENTIALS=backend/firebase/firebase_key.jsonNo additional setup required. The frontend is static HTML/CSS/JS that runs in the browser.
cd backend
python app.pyThe server will start on http://127.0.0.1:5000
Open your web browser and navigate to:
- Landing Page:
http://127.0.0.1:5000(served by Flask) - Or use a local server like Live Server extension in VS Code for development
python backend/scripts/create_admin_user.pyStore sensitive deployment values in a .env file:
- Firebase service account values (
FIREBASE_*settings) - App secret values (
OTP_EXPIRY_SECONDS) - SMTP settings for OTP delivery (
SMTP_USER,SMTP_PASS,SMTP_HOST,SMTP_PORT,EMAIL_FROM) - Optional dev helper (
SHOW_OTP_IN_DEV)
- FIREBASE_CREDENTIALS: Path to Firebase service account JSON file
Configure email settings in backend/utils/email_helper.py for OTP delivery and set SMTP vars in your .env file:
- Password Hashing: bcrypt-based password security
- JWT Tokens: Secure stateless authentication
- OTP Verification: Time-based one-time passwords
- Face Recognition: Biometric authentication with liveness detection
- Session Management: Secure session handling with expiration
- CORS Protection: Cross-origin resource sharing controls
- Input Validation: Comprehensive input sanitization
SecureOps - Building the future of secure authentication with biometrics and multi-factor verification.