Bitlysis — Security Audit & Best Practices

When to Use

• Reviewing authentication or authorization implementations
• Auditing API endpoints for security vulnerabilities
• Reviewing smart contracts before deployment
• Checking for OWASP Top 10 vulnerabilities
• Pre-production security review
• Dependency vulnerability scanning

Instructions

Step 1: Authentication & Authorization

// ✅ Use getUser() not getSession() for server-side auth (prevents CSRF)
import { createClient } from "@/lib/supabase/server";