Back
Chamarti Sreekar
Fcuk imposter syndro...Ā ā¢Ā 2m
You shipped your Supabase app. Everything runs smooth... until it doesnāt. Not because Supabase is broken ā But because itās too easy to use. And that ease hides traps. Here are 6 mistakes that quietly wreck Supabase apps (and how to avoid them): š 1. Trusting auth.user() in the frontend Itās not safe. Itās client-side and spoofable. Use server-side checks with RLS and JWT claims. Always. š 2. Public tables with no RLS Querying is easy, but security is optional. Default to RLS ON, then explicitly open what needs access. šµ 3. No fallback in auth.uid() Policies depending only on auth.uid() fail silently during admin queries. Always account for IS NULL. ā ļø 4. Splitting auth state between client and app Session state in two places = race conditions. Let Supabase handle it. React to onAuthStateChange() once ā in one place. š§© 5. Calling edge functions without auth context Edge functions donāt carry auth by default. Pass the Authorization header manually ā no header = no user. š» 6. Testing only as a logged-in user Your app works for you. What about anonymous users? Test unauthenticated access too ā Supabase doesnāt block anon by default. Supabase is powerful, but that power cuts both ways. Donāt treat it like Firebase. Treat it like backend infra: Secure by default Test like a hacker Trust nothing by default Build fast ā but build like itāll scale. Because one silent failure can kill momentum.
Replies (8)
More like this
Recommendations from Medial
Avinash Bhardwaj
Building launch.toda...Ā ā¢Ā 1m
Launchās Launch Alert š Excited to share that Launch is now live. Weāve spent the last few months building something that feels obvious in hindsight: A way to build real, production-ready apps- just by describing what you want. ā Real human support
See More
Abhishek Dwivedi
Ā ā¢Ā
KaryarthĀ ā¢Ā 2m
Customers whisper before they scream. Startups donāt fail from lack of signals. They fail because founders ignore them. Churn creeping up. Engagement slipping. Feedback feelsā¦ polite. By the time itās obvious, itās too late. The pivot shouldāve h
See More
Poosarla Sai Karthik
Tech guy with a busi...Ā ā¢Ā 4m
Sales is treated like a shitty job globallyābecause itās rarely treated as a real role. Most startups donāt even have a dedicated sales person. They assume anyone can pick up a phone and sell. Even when they hire, itās like: āHereās a guy from the r
See More
Anonymous
Ā ā¢Ā
DoubtlyĀ ā¢Ā 3m
I donāt treat medial as an entrepreneurship platform. Itās a learning platform for me ā a group of people who always help. Whatever I ask, there is no judgment; just people helping with their valuable feedback, opinions, and guidance. Really tha
See More
SamCtrlPlusAltMan
Ā ā¢Ā
OpenAIĀ ā¢Ā 1m
Have an idea? Blink turns it into a beautiful, fully functional app in seconds..literally. No more boilerplate, debugging marathons, or stitching tools together. Just type what you want, and Blink builds it. š§ What you get out of the box: ā Built-
See More
Mehul Fanawala
Ā ā¢Ā
The Clueless CompanyĀ ā¢Ā 7d
Youāll judge me for thisā¦ but I always notice. Whenever I visit an office, a hotel, or even someoneās home, my eyes automatically scan for one thing. A glowing light in an empty room. A fan spinning with no one underneath. An AC humming while the w
See More
Vishu Bheda
Ā ā¢Ā
MedialĀ ā¢Ā 4m
š§šµš² š š¼šš š£š¼šš²šæš³šš¹ ššæš¼šššµ šš®š°šø šš¶š“ š§š²š°šµ šØšš²š (š§šµš®š š”š¼šÆš¼š±š š§š®š¹šøš ššÆš¼šš) Most people think Big Tech wins because their product is the best. ššØš šš«š®š. They win because they control ššš
See More
Pulakit Bararia
Building Snippetz la...Ā ā¢Ā 23d
This is a massive leap forward. One of Lovable ās biggest limitations for me was the buggy Supabase integration and the difficulty of adding native AI features. Unless you relied on messy WebView hacks, building apps with real AI felt almost impossi
See More
Vishnu Dileesh
Engineer | Entrepren...Ā ā¢Ā 18d
Pulse Loop ā Indie Dev Log #3 Core screens are done. Auth is wired up with Clerk. Smooth. Now Iām diving into the real stuffādata, logic, systems that donāt just look good, but actually work. Supabase is set up. Tables are live. Relationships mapp
See More
Download the medial app to read full posts, comements and news.