Hi everyone, I’ve spent the past year building a platform for neutral, data-driven public company research, and I’d love to share some of the technical choices and things I’ve learned along the way. By "neutral approach," I mean the platform avoids investment advice and focuses solely on aggregating financial data — there’s no room for “buy x and you make guaranteed profits” or similar claims.

The platform gets used by investors who try to find undervalued stocks. Today, I want to share a bit of the technical background and hope you like it — otherwise, I’m here to read your roast.

I am using Django as my web framework (hard learning curve, but worth it) with PostgreSQL as the relational heart of my project. Django-allauth is there to authenticate your account — I really recommend it. It’s somewhat tricky to set up, but once configured, it's flexible enough to support various auth providers (I kept things simple for now and have been happy with: Google + normal signup). Then you can easily integrate Mailjet or SendGrid into these authentication workflows (Mailjet is pretty good, I’d say!)

If you visit the platform, you may recognize a very simple — maybe clinical — design. That’s because I had to admit that I’m not a good designer, so I opted for a clean, minimal layout to avoid clutter.

My choice for the frontend was Jinja (within Django), Tailwind, and some vanilla CSS. For visualizations, I strongly recommend you work with ECharts, or if you have a project related to stocks — checkout tradingview‘s JS libary. There are indeed tons of other JS libraries I used over time, e.g., for PDF generation, but one other thing I need to give a shoutout to here is htmx — literally a game changer for me to communicate fast and easy between front- and backend.

For caching operations, I decided on Redis (very easy setup via Django).

To ensure that my stock data is current, I’ve implemented Celery along with Celery Beat. I am using Redis to as the message broker, but am eager to try out RabbitMQ for my next project — but this one does not require priority queues, and I had Redis on board already, so I stuck with it.

The datasets I work with are listed inside the FAQ. To sum it up real quick: I use a mix of open government data (easy to get, hard to organize at scale) and paid APIs (e.g., for the exchange-related information, which adds up very fast to $$$$).

Lately, I’ve been thinking about how to integrate LLMs in a way my users benefit from. So I’ve created a schema that allows LLMs to analyze earnings call transcripts. Currently, there are already 500 reports generated by DeepSeek R1 and GPT-4 (no sign-up required example — for Microsoft).

Apologies if some descriptions lack polish — this is the only thing I’ve made so far. I hope that I can write more precise/formal descriptions once I’ve finished my CS bachelor :)

Also: I know the platform isn’t fully responsive yet. Several mobile issues were reported — that’s what I’m currently working on.

This post is more focused on my tech stack/experience, but here are some major features I’ve built based on the journey above:

• Watchlists (List of stocks you may want to invest in)
• Portfolios (An extended version of watchlists, with performance metrics, historical data, and community feedback — you can rate shared portfolios, e.g., for their diversification grade)
• Company Screeners (Basically a criteria filter, to discover new ideas/investments — Example: “Show me all US stocks in the Tech or Energy sector with a dividend growth of 25%”)
• Company Report (A detailed analysis of a company divided into financials, earnings reports, catalysts, and Investor Relations)
• Workspaces (Take notes on SEC statements, read SEC documents in an optimized user interface)
• Some others are: Calendars, News articles, Company comparisons, People reports, Market reports

Thanks for reading it, hope it helps someone. Please let me know, if you have any questions or feedback :)

I'm reading this one myself and it's been useful so far. It's a free short book so if you don't have experience with prompting this should help you out. I found this book while browsing X posts.

It is shared via google drive, you can get it here -> https://drive.google.com/file/d/1AbaBYbEa_EbPelsT40-vj64L-2IwUJHy/view?usp=sharing

Hey guys, for those who don't know, I'm the founder of Huzzler. Just wanted to make this post to announce the launch of my development agency 😁

You might know, but there are lots of MVP agencies out there. What makes mine different from the others is that it's focused on creating super high-quality products (design and development-wise). I've been coding for 9 years and have created countless enterprise-grade products. I build full stack, web & mobile and even do smart contract blockchain development.

My services are

• Website development (simple and complex)
• Any kind of website integrations
• Beautiful Design & UI
• PWA development
• Native app development with react-native (4 years of professional experience with react-native)
• web3 smart contract development (solidity)
• web3 frontend development with EVM compatible chains
• Hosting

Feel free to check out my agency site on: propulsion.so

I cannot use Stripe in my country but I needed some payments infra, I found Dodo Payments to be a good solution right now. Hopefully it stays that way.

Good DX and it's available in countries where Stripe isn't.

https://dodopayments.com

I've come across this website that gives you a decent amount of marketing blocks to use. Pair this with some good sales copy and you should be good to go.

https://tailark.com

I looked at starter kit made by WebDevCody and saw this rate limiter implementation.

Very easy to use and does the job, suitable for when you have only one instance. You would need something like Redis to scale this up for multiple instances.

You can check it out here -> https://github.com/webdevcody/wdc-saas-starter-kit/blob/main/src/lib/limiter.ts

OpenRouter.AI is an LLM and multimodal model inference management service.

You issue an API key once.

Then you choose which model you want to use.

Set your prompt.

Ready to go.

You can also use it for free (up to 1k requests / day)

Here's a short demo.

Hello guys. We talk about tech stacks all the time, always using the latest shiny new javascript framework. But I'm wondering. What tech stack are you actually the most productive in? Can be different from what you use now, but what can you code the fastest with?

Hi there,

I need some recommendations and guidance. I'm working on a personal project that I want to turn into a SAAS. I have no experience at building a SAAS app and I want to understand the steps to do so. Right now the backend is built in Python and I was thinking of Flask for the front end. Where should I start to take it to the next level? Thank in advance

Hey everyone 👋 For those interested, we've added new advertising options ranging from 1,659 up to 7,458 weekly impressions.

Only until April 30th , we're doing a sale were you get 25 bonus ad credits per 100 credits purchased️

Advertising options: huzzler.so/advertise/options-pricing

Upcoming features for Huzzler

Now that the development on the advertising system is done, we're focusing on making Huzzler the best platform for founders. Here is a list of a couple of the planned features we have:

• Automatically add your product to "alternative to" so people can find your products through SEO
• Be able to save / bookmark valuable posts in folders
• Accountability system where you can define goals and celebrate milestones with the community weekly (you will be held accountable by the community) 😉
• A problem/solution directory where users can submit real world problems they have. This will provide Huzzler users with a list of already validated product ideas. You'll also be able to notify the user who posted the problem when your app is ready, that way you already have a paying customer ready.
• Gamification: have a level and xp. Increase your level by contributing in the community
• Referral system: gain advertising credits by referring people to Huzzler
• OAuth, login with Google
• Embeddable badges for the launch Arena
• Be able to link a product with a showcase
• Better filtering / sorting in product pages (filter by category, sort by date,..)
• Coming soon tab: all projects that are soon to be relelased
• Previous launch arena winners pages
• .... and many more features

Let me know if you'd like to see other features as well 😁

Thanks for reading guys!

Don't pay for Cursor or Windsurf.

Why?

Because Cline + OpenRouter.AI can you give the exact same experience for FREE (up to 1k requests/day)

I made a YT demo

new to this community. not sure if this is okay to post here but I wanted to share how quickly developing MVPs for my clients using Windsurf.

I used to lose days setting up auth, DB, styling, API routes, now I make about $4K/month just shipping MVPs fast. The secret is that I use windsurf with next.js to create a fullstack app fast. next.js is the only stack that works really well with windsurf. it can create:

• Pre-configured auth (Clerk/Supabase)
• Prisma + full database setup
• API routes ready to go
• Tailwind + shadcn/ui components
• ESLint, Prettier, Husky, commit hooks out of the box

What else do you need? I haven't had a single thing a client asked that windsurf couldn't do. I tweak a few config files (windsurf.json, .env), generate the project, and start building real features Most MVPs are live in 5-7 days. Clients love the speed.

For me, AI is not bad, it's good. It's fast made dev fun (and profitable) again. Let me know if you have any questions technical or other and ill do my best to answer them.

Hacky but useful — we just needed a UI for blog assets stored in Supabase (images, markdown, PDFs). Next.js + Tailwind. Auth, file upload, folder nav, publish button.

Nothing fancy. Just worked for us. Might work for you too.

npx create-supawald my-app

https://github.com/structuredlabs/supawald

hey, this question is mainly for the founder of Huzzler!

first of all I want to say, it's really awesome!!

a little background about me: I am an uni student learning to build products.

so, I am really interested to know a detailed explanation of tech stack of huzzler. if you can, please go into whys of things as well.

what are you using for storing images/profiles pictures and all?

looking forward to hear from the founder! :)

For those using Cursor AI, what model(s) do you use? Is claude 3.5 still king? Heard great things about Gemini 2.5 pro as well

Shipping fast feels great—until the hackers show up.

Leo Jr. learned this the hard way. He’s a non-technical indie hacker who built and scaled an app publicly, attracting attention (and revenue) with spicy takes like "AI SaaS won’t work." But the attention didn’t stop at engagement. It made him a target.

Soon after, hackers began probing his app for security flaws. And they found plenty—API keys exposed in the codebase, easily bypassable paywalls, and more. The result? Half the internet was trying to break his app for fun.

This isn’t new. Pieter Levels, Marc Lou—other big names in the indie hacker world have dealt with DDoS attacks and vulnerability exploits after their products blew up. But Leo’s case stands out because he’s not a developer. He vibe-coded his way to success without fully understanding the security side of things.

What Indie Hackers Can Learn

As someone who's also building and shipping apps fast (and not immune to these risks), here are two key takeaways:

1. Hide Your API Keys

Publicly exposed API keys are an open invitation to hackers. Store them securely using environment variables instead of hardcoding them in your codebase. If you’re using Next.js, create a .env.local file and reference the keys like this:

NEXT_PUBLIC_API_KEY=your-key-here

Then access it in your code like this:

const apiKey = process.env.NEXT_PUBLIC_API_KEY;

Simple fix, big impact.

2. Stop Using CSS for Paywalls

CSS-based paywalls (display: none;) are laughably easy to bypass. Instead of relying on front-end styling, enforce the paywall logic on the backend. If that's too complex, a middle-ground solution is to obfuscate the content using Base64 encoding and set up DevTools protection to make it harder to bypass.

3. Securing Webhooks – The Overlooked Weak Spot

Webhooks are essential for automating tasks between apps—but they’re also an easy target for attackers if left unprotected. Here’s how to lock them down:

• Use a Signature and Timestamp – Your webhook’s receiving URL must be public, but you can secure the data using a signature, timestamp, and token to create a hashmap (a key-value store).
• Generate a HMAC Signature – Link the timestamp and token values, encode them using the HMAC algorithm with your ESP’s API key (in SHA256 mode), and compare the result with the signature.
• Reject Duplicate Tokens – Cache the token value locally and reject any request that tries to reuse the same token. This prevents replay attacks where hackers repeat or misdirect the webhook action.

Here’s a quick example in TypeScript for securing webhooks:

import crypto from 'crypto';

const verifyWebhook = (signature: string, timestamp: string, token: string, secret: string) => {  
  const data = `${timestamp}.${token}`;  
  const expectedSignature = crypto  
    .createHmac('sha256', secret)  
    .update(data)  
    .digest('hex');  

  return signature === expectedSignature;  
};

Shipping Fast ≠ Ignoring Security

As an indie maker, I get it—speed matters. But security matters too. Leo’s experience is a reminder that even if you're not a developer, securing your app isn’t optional. Don’t let vibe coding turn into vibe hacking.

I’d love to hear from other makers—how are you balancing speed with security in your builds?

Let’s discuss in the comments.

I've been coding with Cursor AI for a while and it's awesome. But I still want to improve my workflow. Like when should you use agent vs chat mode, how to give it the right context?

Reach thousands of active founders looking for tools to solve their problems. Our Featured Product placement guarantees premium visibility with 7,458 weekly impressions for post ads (like you are reading right now).

Get direct access to your perfect target audience - people actively building, launching, and growing startups who are ready to invest in solutions like yours. Limited weekly slots available.

Reserve yours now at huzzler.so/advertise

I feel like more people should be using DaisyUI. I've used it over 5 projects and its simply amazing. DaisyUI adds component class names to Tailwind CSS, providing you with all sorts of components such modals, cards, avatars, carousels, you name it. It's ridiculously easy to use and very powerful.

Take for example uncapped.ai. It's an AI wrapper with 30+ themes. I've implemented this in only 5 minutes with daisyUI. With any other library, this would take me ages.