2025 • Full-Stack Development

Archeway Application Tracker

Explore Project Visit Archeway

Core Features

Dashboard, Kanban, Calendar, Analytics, Auth

Full-Stack

Architecture

Flask backend with PostgreSQL

OAuth 2.0

Authentication

Secure Google sign-in

Production

Deployed

Live on Azure with SSL

Project Overview

Internship tracking lives in spreadsheets, calendar apps, and browser bookmarks across most students. Archeway puts it in one place: a kanban board, a calendar, and analytics, all connected to the same application data.

Started as a Software Engineering class project, shipped to production serving real users. Built on Flask with PostgreSQL, Google OAuth for authentication, and Chart.js for analytics visualization. Everything a student needs to run an organized internship search without losing track of where they stand with each company.

The production deployment on Azure includes CSRF protection, rate limiting, CSP headers, and XSS prevention throughout — built as if real user data were at stake, because it is.

Key Features

Dashboard

Real-time overview of active applications, upcoming deadlines, and application-stage distribution — all visible without drilling into individual records.

Kanban Board

Drag-and-drop board moving applications through Saved, Applied, Interviewing, Offered, and Rejected. State changes persist immediately via optimistic UI with server rollback on failure.

Calendar View

Application deadlines and interview dates rendered as color-coded calendar events so nothing gets missed during a busy recruiting season.

Application Analytics

Chart.js-powered breakdowns of response rates, stage progression timelines, and company-level conversion data to show what's actually working in the search.

Technical Stack

Backend

Flask Python framework

PostgreSQL Database

Flask-RESTful API design

Flask-Mail Email notifications

Frontend

JavaScript Interactive UI

HTML/CSS Responsive layout

Chart.js Data visualization

Drag & Drop API Kanban interface

Security & DevOps

OAuth 2.0 Google auth

CSRF Protection Form security

Azure Cloud hosting

SSL/TLS Encrypted traffic

Challenges & Solutions

Security for a Real User Base

A class project can skip security. A production application storing real user data cannot. Going from one to the other required treating the entire codebase as an untrusted attack surface.

Fix. CSRF tokens on every form and endpoint, custom input sanitization utilities against XSS, rate limiting on authentication routes, and CSP headers restricting what resources the browser will execute. Each vulnerability class handled at the framework level, not case by case.

Kanban State Consistency

Drag-and-drop feels broken when there's a visible lag between the user's action and the visible result. But updating the server before the UI creates exactly that lag.

Fix. Optimistic UI — the kanban card moves immediately in the DOM, the server update happens in the background, and on failure the card snaps back with an error message. Users get instant feedback; data consistency is still guaranteed.

Production Deployment Gap

The gap between a locally running Flask app and a production Azure deployment is substantial: environment secrets, database migrations, SSL, logging, email, and error monitoring all need to exist and be configured correctly before launch.

Fix. Environment variable management for all secrets, Flask-Mail for automated welcome emails, structured error logging piped to a monitoring service, and SSL certificates through Azure for encrypted user sessions.

Key Learnings

Real users break things you never thought about testing. The gap between a working demo and a production-ready application is mostly the gap between your assumptions and what users actually do.

Security can't be retrofitted cleanly. Adding CSRF protection and CSP headers to a finished Flask app that wasn't designed with them in mind takes twice as long as building them in from the start.

Optimistic UI is a UX decision that has to be a backend decision too. You can't commit to instant visual feedback without also committing to a rollback strategy that keeps the data honest.

Flask-SQLAlchemy migration management becomes critical the moment real data exists in the database. Dropping a table is easy in dev; it's a crisis in production.

Shipping something classmates actually use is a different kind of accountability than shipping for a grade. Feature requests and bug reports from real users don't stop when the semester ends.

Explore More

Live Website

Visit Archeway

→

Flask Framework

Documentation

→

Chart.js

Visualization library

→

All Projects

Prev Project Synthetic Data Pipelines

Next Project Algebraic GPAC Compiler