Connect my finished HTML app to Supabase — logins + role-based permissions

I have a complete, working front-end demo of a church member management web app — a single self-contained HTML file. The design and features are finished and should NOT be changed. I need it connected to a real database with user logins and role-based permissions so data is saved, shared across devices, and access is restricted by role. WHAT THE DEMO ALREADY DOES: Member directory with profiles; demographics (name, DOB, contact, address, join date, ministries, status); a health/emergency section (allergies, conditions, medications, physician, blood type, EMS notes, emergency contact, consent flag, last-updated date); a printable emergency card; and a giving section (tithes, offerings, designated funds) with manual entry and Givelify CSV import. It currently saves nothing — data resets on refresh. That is what you will fix. WHAT I NEED BUILT: 1. Persistent storage using Supabase (free tier expected to be sufficient). Keep my existing HTML/JS front end. Host on Netlify. 2. User logins. 3. Role-based permissions — this is the core of the job. Four roles, each seeing ONLY their part: • Admin (Pastor, Secretary): full access including user management. • Nurse: directory + health/emergency only. NO financial access. • Trustee: directory + giving/financial only. NO health access. • Usher (optional): emergency-card view only. Permissions MUST be enforced at the database level using Supabase row-level security — not just hidden in the interface. This system holds protected health and financial information. 4. Keep the existing per-member consent checkbox. Where reasonable, log who created or edited health records and when. DATA STRUCTURE: Two tables. Members (all profile and health fields above). Giving (date, member, type, method, amount). The demo’s fields can serve as the schema directly. DELIVERABLES: 1. Live app on Netlify, connected to Supabase, matching the existing demo’s design exactly. 2. Working logins with the four roles above, tested. 3. Two data tables with security rules enforced. 4. Short written instructions for non-technical staff, including how to add a user and assign a role. CRITICAL REQUIREMENT: Do NOT load any real member data until all permissions are tested with fake accounts and I have confirmed that a nurse login cannot see giving and a trustee login cannot see health. This is non-negotiable. PAYMENT: Structured in two milestones — 40% when database and logins work; 60% when role permissions are tested and the app is live on Netlify. I will share the demo HTML file with the hired developer.