Expense Tracker

Problem: Needed a personal finance tracker capable of handling multiple accounts and concurrent requests without the thread contention issues common in sync ORM setups.

Decision: Chose async SQLAlchemy 2.0 over the sync ORM — the async engine eliminates thread-per-request overhead, which matters for a financial app where multiple sessions may write simultaneously. Implemented MFA/TOTP (via pyotp) on top of JWT after identifying that token-only auth was insufficient for an app storing financial data. Chose bcrypt for password hashing over alternatives for its built-in work factor tuning.

Result: Full-stack app deployed on Railway (backend) and Vercel (frontend) with sub-100ms API response times. Auth flow covers registration, login, JWT refresh, and TOTP enrollment/verification.