Time Locked PDF

Identified the need for time-restricted document access — exam papers, timed assignments, and scheduled content releases that shouldn't be accessible outside specific windows.

Designed the access control flow: server-side time verification to prevent client-side clock manipulation, signed URLs for document access, and automatic expiration.

Built Vercel serverless functions for time validation, PDF serving with signed URLs, and access logging. Ensured all time checks happen server-side.

Created a clean UI showing countdown timers, access windows, and document availability status. Added visual indicators for locked/unlocked states.

Implemented an in-browser PDF viewer that prevents direct downloads during restricted periods. Added watermarking for authorised views.

Addressed timezone issues, daylight saving transitions, and concurrent access scenarios. Added graceful degradation for slow connections.

Implemented server-side validation to prevent URL manipulation, replay attacks, and screenshot detection. Added rate limiting for access attempts.

Tested across timezones, browsers, and devices. Simulated clock manipulation attempts to verify server-side enforcement holds.

Final security constraints applied — HTTPS enforcement, CORS policies, and content security headers. Deployed to Vercel with production configuration.

Added access analytics dashboard, refined the UI based on user feedback, and documented the security architecture for future maintenance.