Security review of AI-generated web app (React + Supabase) — code review & config audit
Rozpočet: -
HOURLY / PART_TIME
⭐ 0.00 (0)
United Kingdom
flutter, node.js, php, kotlin, android, swift, ios-development, android-app-development, laravel-framework, mobile-app-development, python, react-native, mobile-app, figma
Description:
I've built a web application using Lovable (AI-generated React frontend with a Supabase backend) and need an experienced application security specialist to review it before/shortly after launch.
Scope:
Review Supabase configuration, especially Row Level Security (RLS) policies on all tables — confirm no data is exposed to unauthorized users
Check for exposed secrets/API keys in the client-side code and repo
Review authentication and authorization logic (sign-up, session handling, role checks)
Review edge functions / API endpoints for missing auth checks and injection issues
Light manual testing of the deployed app (IDOR, broken access control — OWASP Top 10 basics)
Short written summary of findings, ranked by severity, with practical fix guidance
Otevřít na Upwork