Next.js Frontend Application: Our responsive HTML/JavaScript frontend runs seamlessly in your browser. Hosted by vercel.com, the frontend contains no personal data—it’s simply “dumb” HTML code.
Supabase Database: All personal data is securely stored in Supabase. The client’s browser communicates directly with Supabase, ensuring that our frontend host (vercel.com) never processes any personal information.
Posthog Web Analytics: We utilize Posthog to gather anonymized web usage data, enabling us to continuously improve the user experience.
1.
Supabase Auth is responsible for generating a JWT token for any user who wants to access the Supabase infrastructure. After successful authentication—whether via email and password or single sign-on (Apple, Google, LinkedIn)—the JWT is securely stored in browser cookies to keep the user logged in.
2.
Supabase REST API acts as a bridge between client HTTPS API requests and the PostgreSQL infrastructure.
3.
Row Level Security is a built-in PostgreSQL feature that restricts database rows visible to each user, based on their specific JWT token.
4.
Triggers and stored procedures are utilized to manage state changes, execute automated actions, and handle business logic within the database.
5.
Supabase functions support long-running tasks, such as sending notification emails or processing results from large language models.
6.
Supabase Storage serves as long-term file storage, leveraging the same JWT and Row Level Security mechanisms for robust security and access control.
