Case study
AI Portfolio Site
A full-stack portfolio and CMS built with Astro, Supabase, and Vercel, with owner-only admin editing, authenticated content management, and a public project catalog.
Purpose
A full-stack portfolio and CMS built with Astro, Supabase, and Vercel, with owner-only admin editing, authenticated content management, and a public project catalog.
Overview
This site is the project.
Most portfolio sites are static, frozen at the moment they were last deployed. This one stays current. The content lives in Supabase, editing happens through a browser-based admin interface, and the public site reads straight from the database on every request.
I built it to show the kind of full-stack product work that AI roles tend to involve. There was a workflow problem, which is that static portfolios go stale, so I designed a system that fixes it, a CMS-backed server-rendered site with auth-protected admin routes, and shipped it to production.
Architecture
The public side is Astro 5 running in server mode on Vercel. The project pages, the Learning in Public dashboard, and the homepage focus section all render from Supabase on request, so there are no static build artifacts for content. What is in the database is what a visitor sees.
The admin side sits behind Supabase magic-link authentication, with a single configured email as the only allowed admin and no user management or role tables to worry about. Those routes are enforced on the server, not just hidden on the client. Editing runs on React components with TipTap for the project narratives, while metadata, links, media, and the structured fields are managed through forms, and a media library handles upload and deletion through Supabase Storage.
Row Level Security in Supabase enforces the read and write split at the database itself. Anyone can read published content, and only an authenticated session matching the admin email can write. That way a bug in the application cannot accidentally hand out write access, because the database holds the line on its own.
Why this matters as a portfolio piece
The site shows judgment about system design rather than the ability to follow a tutorial. Choosing Astro over Next.js, magic links over passwords, Row Level Security over application-layer checks, and migration scripts over in-app seeding were all considered tradeoffs rather than defaults.
It is also the main public face of my move into AI work. The fact that it exists, is deployed, and does what it was designed to do is the kind of evidence that matters for any role built around shipping AI-adjacent products.
Current state
The site is in active development. The core, meaning auth, database, admin editing, and public rendering, is built and working. Content is still being migrated over from the old markdown files, and public launch is in progress.
Related