Smart Door: My IoT RFID Access Control System

To address the security vulnerabilities of local credential storage, this project introduces a "dumb sensor, smart server" RFID access control system that centralizes decision-making and logging. At the edge, an ESP32 microcontroller acts purely as a sensor, immediately hashing card UIDs with SHA-256 before transmitting them alongside a one-time nonce and timestamp via an MQTT broker. A Go backend handles all the intelligence—running requests through anti-replay checks, rate limiting, and peppered PostgreSQL database lookups—before returning an access command to the door's hardware. Monitored through a real-time, retro-styled Next.js dashboard via WebSockets, the entire containerized architecture is built on a "security-by-design" philosophy that ensures raw data is never exposed and the system remains fail-secure, ultimately demonstrating that IoT networks are most robust when edge devices simply report and react while the server safely handles the logic.