SH
← Back to Blog

Contact form with server-side handling

Added a secure server endpoint and Supabase table for contact messages, plus AJAX submission and cleanup.

2026-01-20

Updates

  • Hardened Supabase configuration to fail fast when environment variables are missing.
  • Added a server API endpoint for secure message inserts.
  • Created an initial migration for the messages table.
  • Switched the contact form to AJAX submission with a small UX polish pass.
  • Added environment variable typings and removed temporary debug code.
  • Shipped the contact form so messages save successfully in production.

Notes

I wanted the contact form to be reliable and secure, not just functional. Moving inserts server-side avoids client-side trust issues and keeps the setup closer to real production patterns.


Contact form flow diagram

Contact form flow: messages are submitted to a server endpoint and stored securely in Supabase.