A full stack personal finance application for tracking spending, managing monthly budgets, and analyzing expenses by category and time period. The system supports both manual transactions and automated bank data via Plaid.
- Email/password authentication (bcrypt)
- Server-side sessions stored in SQLite
- Secure, httpOnly cookies
- CSRF protection for all state changing requests
- Manual transaction creation and deletion
- Paginated transaction listing
- Clear transaction type labeling:
- Spent
- Credit / Refund
- Mock data import for testing and demos
- Monthly budgets by category (
YYYY-MM) - One budget per category per month
- Budget usage calculation
- Remaining balance and usage percentage per category
- Monthly spending totals (last 6 months)
- Category level spending breakdown
- Budget usage visualization
- Spent only analytics model:
- Credits/refunds remain visible in transactions
- Credits/refunds are excluded from analytics and budgets
- Plaid Link (Sandbox / Production)
- Bank account linking
- Incremental transaction sync using Plaid cursors
- Plaid can be enabled or disabled via .env (
PLAID_ENABLED=true|false) - Application functions fully without Plaid enabled
- Node.js
- Express
- SQLite
- Plaid API
- bcrypt
- CSRF-CSRF
- React (Vite)
- Fetch API with CSRF handling
- Client-side page numbering
- Sessions stored server side in SQLite
- Random session IDs stored in httpOnly cookies
- Immediate session invalidation after logout
- Cookie based CSRF tokens
- Used on POST, PUT, and DELETE requests
- Clean 403 handling for invalid tokens
- SQLite configured with:
foreign_keys = ONjournal_mode = WALbusy_timeoutto prevent lock errors
- Seperate base schema and evolving features (e.g Plaid support)
- Transactions store raw signed amounts
- Budgets and analytics operate on outflows only
- Prevents refunds or credits from distorting spending metrics
cd backend
cp .env.example .env
npm install
npm run db:migrate
npm run devcd frontend
npm install
npm run dev