← Вакансії

Fullstack Developer Ongoing work and MVP launch

Бюджет: $10200.0 FIXED / ⭐ 5.00 (3) Australia

react-js, python, angular, node.js, machine-learning, web-programming, django-framework, shopify, next.js, ios, android, saas

We are seeking an experienced Fullstack developer, who ideally has experience in the healthcare environment to help us take our website to MVP launch. Working with the clinical founder we are looking for a longterm ongoing committed developer to help us bring this project to life. We are seeking. REQUIRED TECHNICAL SKILLS Core stack — all required: React and Next.js — production-grade, not tutorial-level Node.js — server-side logic, API routes, job scheduling Supabase — schema design, RLS, Storage for file uploads, PostgreSQL queries TypeScript — type-safe development throughout REST API integration — consuming and building APIs THE ROLE You will take full technical ownership of an existing Next.js/Supabase codebase and deliver 18 defined tasks across 5 fortnightly sprints. Every milestone is gated — payment releases only when deliverables are demonstrated working in production. You must be comfortable being held to concrete acceptance criteria on every task. WHAT YOU WILL BUILD Sprint 1 — Infrastructure and blockers Fix a booking creation bug blocking all revenue, fix a location screen freeze preventing clients from reaching Stripe payment, stop idle AWS EC2 instances, fix therapist verification email delivery, add new onboarding database fields, and build an admin new booking alert (notification tbc? + email firing on every confirmed booking). Sprint 2 — Booking flow and pricing Build a per-service pricing admin panel with a Pricing Type selector (appointment-based: Initial Consultation 60 min + Follow-Up 45 min; session-based: 30/60/90 min), wire Step 4 to read prices live from admin, build a booking summary screen with required phone capture, and fix the dynamic service subtype heading. Sprint 3 — SMS broadcast and commission Build a simultaneous SMS broadcast to all approved matching therapists on booking confirmation — first to tap a tokenised accept link wins, all others expire. Build a commission split admin panel with global default and per-service-category override. Sprint 4 — Payment completion and cancellation Build SMS tap-to-complete session flow — system sends therapist an SMS at session end time, therapist taps a tokenised link on a mobile-optimised page, one tap releases Stripe escrow to therapist. Build a T-05 auto-release cron job as backstop 2 hours after session end. Build a 5-tier cancellation policy with Stripe refund automation. Sprint 5 — Earnings, UI, testing, and launch Build a simplified per-booking earnings view with Stripe Express Dashboard link, verify Stripe 75/25 split in production with a real transaction and configure weekly Monday payout schedule, complete mobile and responsive UI fixes, run full testing suite, and deploy to production. Payments — Stripe Connect Express specifically: This is the most critical technical requirement. Standard Stripe checkout experience is not sufficient. You must have prior production experience with: Stripe Connect Express — therapist Connect account creation and onboarding via Account Links API Stripe PaymentIntents — capture on booking, release on session complete Stripe Transfers API — releasing 75% to therapist Connect account Stripe Refunds API — partial and full refunds for 5-tier cancellation policy Stripe Account Links API — linking therapist to their Stripe Express Dashboard Stripe Webhooks — async event handling You will be required to demonstrate Stripe Connect Express experience before Sprint 1 commences SMS and notifications — all required: Mobile Message REST API (mobilemessage.com.au) — or equivalent Australian SMS REST API with ability to transfer to Mobile Message Tokenised URL generation — unique single-use links with DB storage, expiry validation, and single-use enforcement BullMQ or equivalent job queue — delayed jobs for session-end SMS trigger and auto-release cron Email gateway — SendGrid, AWS SES, or Mailgun for transactional emails Slack webhook — admin notification integration Frontend and UI: Responsive CSS / media queries — mobile-first at 375px, 768px, and 1280px breakpoints CSS Flexbox — specifically align-items: stretch for equal-height card grids Google Maps JavaScript API — address resolution and pin validation in booking flow Session storage — managing pre-auth booking data correctly without premature DB writes Next.js dynamic routing — tokenised completion pages, suburb landing pages Backend and database: Supabase schema design — extending existing schema with new fields for onboarding, token storage, and health fund provider numbers Supabase Storage — document uploads for therapist onboarding (photo ID, certificates, profile photo) ABR API integration — ABN verification during therapist onboarding (abr.business.gov.au, free) Scheduled cron jobs in Node.js — time-based triggers for SMS at session end and auto-release 2 hours post-session Cloud and DevOps: AWS EC2 (ap-southeast-2) — audit and stop idle instances, pull Cost Explorer report Cloudflare DNS and Access — understand existing Zero Trust setup, add developer email to access policy Environment configuration — correct management of .env variables across development, staging, and production Deployment — deploying Next.js to existing AWS or alternative hosting Testing — all of the following must be included in the fixed price: Unit testing — Jest or equivalent — token generation, Stripe calculation logic, cancellation tier logic Integration testing — Stripe + Supabase + Mobile Message working together end-to-end End-to-end testing — full booking flow from service selection to payment receipt (Cypress or Playwright) Mobile and cross-browser testing — iOS Safari and Chrome Android at 375px and 768px — screenshots at all three breakpoints required before each milestone payment Production test — mandatory real-money Stripe transaction confirming 75/25 split lands correctly in both accounts before go-live. This is a hard requirement for Milestone 3 payment release. Performance testing — 100 concurrent users without degradation, sub-1-second page load Security — input sanitisation, rate limiting, token expiry enforcement, no raw card data on platform servers COMPLIANCE REQUIREMENTS YOU MUST UNDERSTAND ACMA SMS Sender ID Register — effective 1 July 2026. All SMS sent under the THERAPPY sender name must be registered via our Mobile Message account before any SMS functionality is built or tested. Do not build against the THERAPPY sender ID until registration is confirmed active. Spam Act 2003 (Cth) — all broadcast and marketing SMS to therapists must include a functional opt-out mechanism (Reply STOP to unsubscribe). Stripe PCI-DSS — card capture must go through Stripe Elements only. No custom card form. No raw card data on Therappy servers. Bank details (BSB/account number) must never be stored in Therappy's database — Stripe Connect Express onboarding only. Privacy Act 1988 (APP 11) — SSL/TLS on all data transmission, secure authentication, standard database access control
Відкрити на Upwork