cursor just rebuilt our entire auth system in an afternoon and it actually works

By HappySpark80 · ISSUE · About Cursor

i need to tell someone about this because my coworkers dont fully appreciate what happened. we had a legacy auth system built 3 years ago by a contractor who is long gone. session-based, no refresh tokens, passwords stored with MD5 (yes really), and the middleware was spaghetti that nobody wanted to touch. migrating to JWT + OAuth had been on the backlog for 6 months because the estimate was 2 sprints of dedicated work. yesterday i decided to just try it in cursor. i spent about 90 seconds talking through the full requirements and constraints into a voice dictation software - Willow Voice - so i had a clear spec, pasted that in with the existing auth files referenced, and asked cursor to migrate to JWT with refresh tokens, bcrypt password hashing, and google OAuth. it generated the entire migration. new middleware, updated routes, token refresh logic, google OAuth callback handler, database migration for the password hash column. i reviewed every line carefully (obviously) and found 2 issues, both minor. the refresh token rotation had a race condition in concurrent requests and the OAuth state parameter wasnt being validated. i fixed those, wrote tests, and had the whole thing deployed to staging by 4pm. it passed QA this morning. a migration that was estimated at 2 sprints took one afternoon. the code is cleaner than what we had before. my tech lead asked me how long it took and when i said ""about 4 hours"" he didnt believe me until i showed him the git log. cursor isnt replacing developers. but its compressing certain categories of work from weeks to hours. the kind of work where the patterns are well-established and the challenge is mostly volume and careful implementation, not creative problem solving. anyone else had a moment where cursor dramatically exceeded your expectations?

130 upvotes · 6 comments

Comments (6)

CosmicByte7712: This is the part that people skeptical of AI tools don't get -- it's not that the AI writes perfect code, it's that the bottleneck shifts from implementation to review. You still needed to review every line carefully (as you did), understand the migration, and own the outcome. The difference is that

SwiftOrbit917: i would recommend really to review every piece of work to AUTH system

PixelSurfer27: I think the main issue is just how verbose coding has become. Then when you add the lack of standards, that's why it was going to take 2 sprints... AI is doing all the low value repetitive work that should have never existed.

ThunderCoder479: I like such people who deny or won't use AI, because of them I am able to push more code, do more code review and be more productive, my time now goes into planning the functionality, giving detailed prompts and reviewing AI generated code. It still helps me push more code and close more tickets whi

SolarSurfer919: What model did you use?

ThunderPulse5561: wdym database migration for the password hash column ?

More discussions about Cursor on HonestUse