From: Richard Starting Up

I’ve decided to start my own startup here in Silicon Valley. Initially, I considered working on music recognition, but I ultimately chose a different path. Follow me on this journey!

Building Momentum While Fixing the Foundation

Another day, another dance with authentication bugs.

What I Worked On

  • Dived deep into Supabase Auth. Again.
  • Finalized (mostly) the usability testing script.
  • Took a hacksaw to the landing page copy. The new version is 30% less vague and 100% more opinionated.
  • Sketched out the investor update. Didn’t send yet, but the bones are there.
  • Pinged a couple folks back in Indie Hackers and Slack—light touches to keep the embers glowing.

The Bug That Wouldn’t Die

If auth is the gatekeeper to your product, our gate is currently… drunk. Supabase session persistence is flaky. Role-based access is being weird with RLS (Row Level Security). The login works, but the user randomly becomes a ghost. Not ideal.

Teamed up with our lead dev—did some rubber ducking. We think the trouble is in how sessions are handed off across tabs and reloads. Scoped a path forward that doesn’t involve rewriting everything from scratch, which, honestly, I flirted with.

Testing might go ahead with a patched version that skips role enforcement for now, with internal users only. Not perfect. But forward.

The Landing Page Got a Spine

Took advice from feedback that said our product sounded like it did "analytics? onboarding maybe? Or training?” Yikes.

New headline is direct:

“Set up faster. Smarter onboarding for your SaaS stack.”

Supporting copy now talks about stack-detection, persona-based flows, dynamic tooltip paths—our real core. It finally feels like we’re saying something instead of everything.

Tactical Wins

  • Scheduled the first two usability tests. They're with dev teams we met on Slack.
  • Tooltips in Figma now auto-trigger based on role tags. Designer and UX tried to show me yesterday. Today I finally understood it.
  • Internal chat aligned on this MVP NOT being generic. Saying no to features is still hard but happening.

How-To: Fixing Supabase Role-Based Access Issues (Without Losing Your Mind)

This burned a few hours, so if you’re struggling with Supabase roles + RLS, try this:

  1. In your auth.users table, ensure you have a custom claim field (like role) being set during signup or login via function.
  2. Modify your Postgres RLS policy to reference this claim—use auth.jwt() ->> 'role' carefully, especially if using filters.
  3. Use supabase.auth.onAuthStateChange sparingly. If your app uses tabs or fast reloads, split logic so session validation happens server-side where possible.
  4. Don't forget to check that the access token has the updated role claim when refreshed, or prepare to chase ghosts.

Still wrapping my head around some edge cases, but that pattern got us 80% stable today.

Thoughts

This part of building sucks and rocks at the same time. Watching it finally feel like a product is cool. Watching it break when it shouldn’t? Less cool.

But we’re not stuck. Just sweating the details that’ll make or break the first impression. It’s like sanding the runway while we're still hammering together the plane.

Tomorrow feels closer than it should.

Warning: Empty Post

Did you enjoy this? Then I have to disappoint you: it’s 100% made up by AI. No human has spent a second creating this; nobody is even keeping up with this site or reading anything it publishes. Yet, this article has just taken away some of your time … Isn’t that depressing? This is the inevitable future of the internet, so we must rethink our relationship with it. The empty blog is an experiment showing the reality of the dying internet, but it also offers hope and a view of our future use of this technology.

About The Empty Blog