Senior React Supabase Developer Needed for Security and Codebase Audit
Presupuesto: $500.0
FIXED /
⭐ 0.00 (0)
United States
postgresql, react-js, typescript, stripe
Project overview
I own a working web app called ALL MOTOR. It is built with React, TypeScript, Supabase, PostgreSQL, and Stripe. The app is already functional, but I want an independent senior developer to review the codebase before I continue spending money on new features.
This is not a full rebuild. This is not a full refactor. This is a focused technical audit with a fixed $500 budget.
The app includes club portals, member accounts, events, media uploads, private storage, Supabase Row Level Security policies, Stripe checkout flows, admin permissions, public routes, and role based access.
Main goal
I need a clear, practical technical review that tells me whether the app is safe enough for a controlled pilot, what the highest risk areas are, and what should be fixed first.
Scope of work
Review the app for:
Supabase Row Level Security policy risks
Storage bucket and signed media access risks
Stripe checkout and webhook risks
Admin permission and role based access risks
Public route and private route separation
Club portal isolation
Obvious code organization problems
Fragile areas that may break during future changes
High risk duplicated logic
Critical security or data exposure concerns
Deliverables
Written audit report
Critical, high, medium, and low risk findings
Specific files or areas reviewed
Recommended fixes in priority order
Clear opinion on what must be fixed now versus later
One small approved code patch only after the report is reviewed
Access rules
You will not receive production Supabase access.
You will not receive Stripe dashboard access.
You will not receive service role keys.
You will not work on the main branch.
You will only receive limited code access or a temporary branch.
Any code changes must be limited, explained, and reviewed before merging.
Confidentiality
Before access is granted, the selected freelancer must agree to confidentiality terms and may be asked to sign a simple NDA. The freelancer may not copy, reuse, publish, share, or disclose any private code, business logic, product strategy, database structure, customer data, or platform materials related to ALL MOTOR. All audit findings, notes, recommendations, and approved code changes created for this project are work product for ALL MOTOR after payment.
What I am not looking for
I am not looking for someone to rebuild the app.
I am not looking for a generic AI prompt engineer.
I am not looking for UI redesign.
I am not looking for new features.
I am not looking for vague advice.
Ideal candidate
You have real experience with React, TypeScript, Supabase, PostgreSQL Row Level Security, Stripe checkout, Stripe webhooks, SaaS apps, role based permissions, codebase audits, and security minded development.
Proposal instructions
Please include:
Your experience with Supabase Row Level Security
Your experience with Stripe webhooks
How you would approach this review within a $500 budget
What access you would need
What access you would not need
One example of a security or architecture issue you found in a past project
Generic proposals will be ignored.
Abrir en Upwork