Work in Small Steps
The single most common mistake is asking for too much at once. "Build me a user dashboard with auth, charts, and a settings page" will produce a wall of code you cannot review, with bugs spread across files you did not read.
Small steps keep you in control:
- Ship one function, component, or per .
- Verify each piece works before moving on.
- Build on confirmed-working code, not a tower of unverified output.
Build the whole authentication system with login, signup,
password reset, sessions, and email verification.
Step 1 of the auth flow: write just the signup endpoint.
POST /signup taking { email, password }. Hash the password
with bcrypt, store the user, return 201 with the user id.
Assume the User model and db client already exist (I'll show
you their shapes). We'll handle login next.
Smaller prompts mean smaller diffs, and smaller diffs mean you can actually read what changed. That is the whole game. There is a second payoff too: when something breaks, a small step is trivial to bisect. If you generated and verified the signup endpoint, then the logic, then password reset, a bug that appears after step three almost certainly lives in step three. Big-bang generation throws away that signal — the bug could be anywhere in four hundred lines you never read.