markjgsmith

main > posts > 2025 > the-api-auth-project-lives

This API auth project lives!

2025-06-17 22:36:49 +01:00 by Mark Smith

Well I was, I think, quite successfull in my little API authenication app building project. At least I think so. I‘ve tested most of the features and they seem to work, so I guess it‘s a success. Yey!

It did take a bit longer than I expeced. I was sort of expecting it to be plain sailing after yesterday‘s specification writing, and to a certain extent it was. But there were issues. A lot of issues. On the other hand there were reaally a lot of things that weren‘t issues. I mean it‘s staggering how many impossibly difficult things Gemini did get right. The overall structure was great, it made sense, covered all the features. When you went into the details though, there were lots of small niggly things that needed fixing. Which we did, and that worked out great.

Rather than go through and tackle every issue one at a time, I went through the whole thing and took lots of notes, so I could batch like changes together, get the low hanging fruit first so to speak. Gemini was all too happy to make the changes I wanted, and we actually found a few extra things together. There were even a few things where I hadn‘t fully understood what Gemini was doing and Gem politely explained the reasoning and convinced me to go with the suggested approach. All was going I would say extremely well, until that is I decided to move some code around.

You see up until this point, the code was essentially all in one file. And I had noticed that the major sections in the code appeared to follow the specifiction document, it had taken some of the bullet points right out of the document and used them as comments. I though, incorrectly it turns out, that that was a good idea. It‘s kind of a demo project so having an obvious correspondence between the code and the specification would be pretty cool. I was kind of suprised, because there was no way I'd be able to do that, but maybe a powerfull AI can do that sort of thing super easy. Well nope, it turns out it can‘t.

I asked it to cleanup and re-arrange some of the comments and it duely obliged, and since all the code modifications up until that point had been great, I thought nothing of it. I was very impressed. But secretly Gemini was having issues re-arranging the code, and instead of saying, hey actually that idea about keeping a correspondence between the code and the spec is a terrible idea, it just started moving parts of the code, getting confused, and just duplicating pieces, quite large pieces infact, but it would just act like it had done the right thing. I didn‘t notice until it had been happening for quite a while.

At this point I had to intervene, and started editing the file myself directly in Gemini‘s code canvas, getting rid of duplicates. I also discoverd at this point that the code was completely litered with comments that said things like "<-- Just updated that thing you said here", so I deleted all that. Took quite a while but then I realised that Gem was merily, and quietly, undoing all the changes I had been doing. When I asked it told me that since I had made changes without telling it about them that it hadn‘t realised and they were just getting over written by the previous version. Pretty good excuse, though there were definitely some of my changes that did make it into the code, so not sure what‘s going on there.

Anyway we eventually got it all sorted, and after quite few hours, most of the day in fact, I got it running in my IDE. Still got to test a few of the features, but it does look kind of cool. I have essentially got a minimal example of an API that implements all the major authentication and authorization methods that popular websites of the day currently use. It took about a day and a half, much faster than it would have taken we without AI. No question about that. It‘s still not production ready, no tests for example, and data is stored in memory rather than a database. But it‘s really quite impressive. And the code is very good quality code. I even learnt a few new techniques I wasn‘t aware of.

I‘ll likely spend a bit more time on it tomorrow, testing it manually, and making it a bit more robust, then I‘m probably going to try and re-write it, with Gem‘s help of course, in Typescript. So that should be interesting. #

For enquiries about my consulting, development, training and writing services, aswell as sponsorship opportunities contact me directly via email. More details about me here.