← Вакансии

Senior React Supabase Developer Needed for Security and Codebase Audit

Бюджет: $500.0 FIXED / ⭐ 0.00 (0) United States

postgresql, react-js, typescript, stripe

Project overview I own a working web app called ALL MOTOR. It is built with React, TypeScript, Supabase, PostgreSQL, and Stripe. The app is already functional, but I want an independent senior developer to review the codebase before I continue spending money on new features. This is not a full rebuild. This is not a full refactor. This is a focused technical audit with a fixed $500 budget. The app includes club portals, member accounts, events, media uploads, private storage, Supabase Row Level Security policies, Stripe checkout flows, admin permissions, public routes, and role based access. Main goal I need a clear, practical technical review that tells me whether the app is safe enough for a controlled pilot, what the highest risk areas are, and what should be fixed first. Scope of work Review the app for: Supabase Row Level Security policy risks Storage bucket and signed media access risks Stripe checkout and webhook risks Admin permission and role based access risks Public route and private route separation Club portal isolation Obvious code organization problems Fragile areas that may break during future changes High risk duplicated logic Critical security or data exposure concerns Deliverables Written audit report Critical, high, medium, and low risk findings Specific files or areas reviewed Recommended fixes in priority order Clear opinion on what must be fixed now versus later One small approved code patch only after the report is reviewed Access rules You will not receive production Supabase access. You will not receive Stripe dashboard access. You will not receive service role keys. You will not work on the main branch. You will only receive limited code access or a temporary branch. Any code changes must be limited, explained, and reviewed before merging. Confidentiality Before access is granted, the selected freelancer must agree to confidentiality terms and may be asked to sign a simple NDA. The freelancer may not copy, reuse, publish, share, or disclose any private code, business logic, product strategy, database structure, customer data, or platform materials related to ALL MOTOR. All audit findings, notes, recommendations, and approved code changes created for this project are work product for ALL MOTOR after payment. What I am not looking for I am not looking for someone to rebuild the app. I am not looking for a generic AI prompt engineer. I am not looking for UI redesign. I am not looking for new features. I am not looking for vague advice. Ideal candidate You have real experience with React, TypeScript, Supabase, PostgreSQL Row Level Security, Stripe checkout, Stripe webhooks, SaaS apps, role based permissions, codebase audits, and security minded development. Proposal instructions Please include: Your experience with Supabase Row Level Security Your experience with Stripe webhooks How you would approach this review within a $500 budget What access you would need What access you would not need One example of a security or architecture issue you found in a past project Generic proposals will be ignored.
Открыть заказ