Quick, jot it down!

Ever had a really cool idea only to not have pen and paper handy to note it down? Or you store it somewhere on your phone and forget about it in less than two minutes?

Imagine you are in the moment. Your heart is full, you are bursting with energy and you want to capture those feelings — raw and unfiltered — right on the spot. Maybe a picture will help convey your state of mind. But this time, social media doesn't feel like the right platform. After all, a click can easily slip into a scroll and a scrolling session can quickly turn into an hour of screen-zombie time.

The haiku that popped into your mind doesn't need to impress. You just hope that your thoughts will kinda sorta resonate with someone else out there or, maybe, shift someone else's mind towards a calm, relaxed state.

This is why I decided to build haikus. I wanted to share my short, sometimes witty, sometimes heartfelt but most importantly fleeting thoughts. To ensure I can post them in real time, I built a private dashboard so that I can create new haikus as they pop into my mind, and I don't risk forgetting or losing them in some other tool.

From a technical point of view, the private dashboard has been very interesting to build. It led me to a deeper dive into sessions, cookies, handling passwords, managing secure protocols with a reverse proxy server and aws secrets and roles. Let me guide you through my learning journey in the next sections.

Haikus is a full-stack project hosted on aws. I leverage the same flask/gunicorn + react + nginx + s3/dynamoDB stack and architecture that I have used in other projects, you can read in detail here.

I created a private dashboard for this project, allowing me to log in from anywhere and capture new haikus instantly. In the process, I worked with several key technical concepts, such as:

storing passwords safely
The industry standard is to never store plain text but instead hash passwords. Hashing is a technique that uses a third-party library to convert a text password into a fixed-length string. Each password produces a unique value. After the password is hashed, it is not possible to retrieve the original text, and only the hashed value is stored and matched.
Here is an example flow for a website that requires a login password.

1. Sarah wants to register for cooldogstore.com and chooses the password cool_puppy.
2. When cooldogstore.com receives Sarah's password, it's hashed into a unique, non-human-readable string, e.g., 23hf2387413h.
3. Only the hash 23hf2387413h is saved in the database. The site never sees Sarah's actual password.
4. A few days later, Sarah tries to log in but enters an incorrect password kool_puppy. The system hashes this input and obtains a new unique hash, 4681nd2320. Since it does not match the stored hash 23hf2387413h, the login fails.
5. Only when Sarah types cool_puppy correctly does the hash match the stored value, allowing her to log in successfully.

Hashing ensures that Sarah's password is stored safely and nobody can ever access it, even from the database.
For the haiku dashboard, I applied the same principle to safely manage the login password.

session & cookies
A session is a way for the browser to remember who is logged in. In flask, this is done by using flask's built-in session object, which stores data specific to a user's session in a signed cookie.
In react, cookies are sent by including the credentials in the api calls: Here is the haiku dashboard sign in page in action:



Building the haikus page and dashboard has allowed me to review fundamental concepts such as password management and sessions.

In the next iterations, I plan to:
• add more dashboard features — sorting, filtering, updating and deleting haikus
• enable haikus to be created offline.

I would like to keep haikus a space for reflection and calmness, even as it quietly evolves. Expanding the dashboard feels like being a magician behind the scenes — creating new tools while diving into a variety of engineering challenges.