Pulse Check
Security Center
Review Pulse Check security, account protection, admin access, and launch safety tasks.
Auth
Active
Admin Roles
Planned
RLS
Review
Security Status
Preparing
Security Overview
Pulse Check handles safety check-ins, contacts, alerts, and user settings. Before public launch, security should be reviewed carefully.
Security Checklist
Supabase Auth
ActiveUsers must be signed in before accessing protected app pages.
Row Level Security
ReviewConfirm users can only read and edit their own records.
Admin Protection
NeededAdmin pages should be restricted to Owner/Admin roles only.
Cron Secret
ActiveProtected API routes should require CRON_SECRET.
Recommended Admin-Only Pages
Main admin dashboard.
User management.
Audit logs.
System status.
Backup and restore planning.
Roles and permissions.
Launch Security Steps
Create admin role field
Add role support to profiles or a dedicated admin table.
Protect admin routes
Redirect non-admin users away from admin-only pages.
Review RLS policies
Confirm each table only exposes the right user data.
Test API security
Confirm cron APIs reject requests without the correct secret.
Legal review
Review privacy policy, terms, and emergency-service disclaimers.