Denude IDP
Denude is a focused authentication system featuring a clean user experience and streamlined verification flow. It ditches traditional password login in favor of short-lived verification codes sent via email, making the entire experience safer and faster.
Built With
- .NET
- Denude
Technical Breakdown
The system is built with ASP.NET Core and PostgreSQL, following a clean separation of concerns across layers:
- Email-first signup & login.
- Verification codes stored temporarily in the database.
- Expiration and retry logic for codes.
- Discord webhook integration for notifications.
The goal was to avoid external identity libraries and rely only on what was needed for the use case.
Verification codes are short-lived (5 mins) and are stored hashed in the database. Each code is invalidated after use or expiry.
- Codes are single-use and tied to an IP and email.
- Invalid attempts are logged for audit.
- All activity is reported via Discord.
After successful code entry, the user sees a consent screen. This helps clearly communicate what the app is accessing.
Consent persists across sessions for a period and is revokable by the user via a future dashboard.
Operational transparency was a key concern. I integrated Discord webhooks to send alerts for the following events:
- New login or registration
- Failed login attempts
- Verification code resend attempts
This proved invaluable during the early production phase.