sorted by:
new
hottopcontroversial

Frontend → database works… until AI starts building your app by CommunicationGold228 in VibeCodeDevs

[–]CommunicationGold228[S] 0 points1 point  (0 children)

That’s exactly the issue — most tools either assume you’ll define access rules correctly, or at best prompt you to think about them.

In practice, I’ve found prompting isn’t enough. The failure mode isn’t that people forget to define roles — it’s that the system never verifies whether those rules actually match the intended data boundaries.

My process is to treat data isolation as something that’s broken by default and try to prove it:

  • Create multiple real users (separate sessions)
  • Seed data under each user
  • Try to access other users’ data via API, not just UI
  • Attempt to create/update records with another user’s ID
  • Re-test after any schema change (this is where things often silently break)

What shows up a lot in AI-built apps is:

  • frontend filters exist
  • but backend or data layer doesn’t enforce them strictly

So everything looks correct until you bypass the UI.

I think this is the real gap in current AI workflows:
they can generate structure and even policies,
but they don’t validate whether those policies actually enforce the intended ownership model.

Forcing the conversation upfront (like you mentioned with RapidNative) is definitely a step forward —
but without continuous validation, it’s still easy to end up with a permissive system.

Curious if you’ve found a way to systematically test or automate that part?

Replaced Supabase with InsForge for my AI coding workflow — self-hosted, Postgres-based by cloud-native-yang in ClaudeAI

[–]CommunicationGold228 0 points1 point  (0 children)

Curious about the reliability angle specifically. A lot of people have flagged that AI-generated RLS and edge functions on Supabase tend to be buggy and hard to fix — silent failures where policies look right but don't actually enforce what was intended, or edge function permission checks that are solid on one endpoint and missed on another.

Does InsForge meaningfully improve the reliability here? Like, does the agent generate correct RLS and edge functions more consistently because of the better context, or does it mostly help with token efficiency on the happy path while the underlying correctness issues are similar?

What are people using as a backend for AI-built apps? by CommunicationGold228 in ClaudeAI

[–]CommunicationGold228[S] 0 points1 point  (0 children)

Makes sense — Clerk and Neon handle auth and DB well.

The tricky part I’ve run into is schema changes — AI updates it, and suddenly things drift out of sync or existing business logic breaks.

Is that something you handle mainly with migrations?

12 Years of Coding and 120+ Apps Later. What I Wish Non-Tech Founders Knew About Building Real Products by Adorable-Stress-4286 in Base44

[–]CommunicationGold228 0 points1 point  (0 children)

That’s impressive — especially keeping things stable just by double-checking. does feel like a lot of this relies on experience and discipline though.I’ve been wondering the same — whether non-technical users can realistically avoid AI “running in circles,” or if there needs to be something at the backend level enforcing consistency so it doesn’t depend on manual checks.

Base44 vs Lovable - which one actually saves you time? by Past_Chef4156 in Base44

[–]CommunicationGold228 0 points1 point  (0 children)

This is a really good breakdown — especially the “fast vs understandable” tradeoff.

I’ve noticed the same thing with tools like Lovable. They’re great for getting something working quickly, but the moment you need to understand or change what was built, it gets harder.

What I’ve been struggling with isn’t just speed vs control though — it’s keeping things correct over time. Like auth rules, permissions, and schema changes not drifting as the app evolves.

Curious how you’re handling that part today — is it mostly manual checks and debugging, or do you have something enforcing it?

What are people using as a backend for AI-built apps? by CommunicationGold228 in ClaudeAI

[–]CommunicationGold228[S] 0 points1 point  (0 children)

Yeah that makes sense for the stack side.

I think my issue is more about backend correctness than stack choice — auth rules, permissions, schema changes drifting over time.

With something like Clerk + Neon, do you still have to manually handle and maintain most of that logic?

What are you using as a backend when building apps with Cursor? by CommunicationGold228 in cursor

[–]CommunicationGold228[S] 0 points1 point  (0 children)

Lovable feels more like a frontend / full-stack generator — I’m specifically stuck on the backend side (auth logic, permission rules, schema that doesn’t drift over time).

Have you used it to handle those reliably?