A Day in the Life: Complete Claude Code Session Walkthrough

Source: Dev.to

Part 7 of 7 · Series: Building Your AI Developer Handbook · GitHub You’re building a password reset feature. User enters email → gets a reset link → clicks link → enters new password. Standard flow. Medium complexity. Let’s walk through every step using the full workflow — as if you’re looking over the shoulder of someone who built this system. “Show me your workflow and I’ll show you your output quality.” Claude loads automatically in the background: ✓ ~/.claude/CLAUDE.md loaded ← the global handbook ✓ .claude/CLAUDE.md loaded ← project rules (TypeScript, pnpm) ✓ memory/MEMORY.md scanned ← all lessons and preferences

You haven’t typed anything yet. Claude already knows: Feature-based folder structure State management ladder No mocking the database No AI attribution in commits No useCallback without profiler evidence “A doctor who reviews your file before you enter the room is more useful than one who asks ‘so, remind me who you are?’” /status

Model: claude-sonnet-4-6 Effort: normal Plugins: security-guidance ✓

Thirty seconds. Sometimes the wrong model loads due to overload fallback. Sometimes a plugin fails silently. This check costs 30 seconds and prevents a surprise 30 minutes later. “A pilot’s first action after sitting in the cockpit isn’t to take off. It’s to check all instruments are reading correctly.” /cost → Tokens used: 2,847 | Estimated cost: $0.004

Note this number. You’ll compare it later before the expensive code review step. A surprise spike means something went wrong. /plan

Build a password reset feature:

• User enters email on /forgot-password
• System sends a reset link (token, expires in 1 hour)
• User clicks link → /reset-password?token=xxx
• User enters new password
• Token validated, password updated, token invalidated

Claude responds with a plan — no code yet: Proposed approach:

1. DB: Add password_reset_tokens table

   • id, user_id, token (hashed), expires_at, used_at

2. API:

   • POST /api/auth/forgot-password — generate token, send email
   • POST /api/auth/reset-password — validate token, update password

3. UI:

   • /features/auth/ForgotPasswordForm.tsx
   • /features/auth/ResetPasswordForm.tsx
   • usePasswordReset.ts hook

4. Tests:

   • Unit: token generation/validation logic
   • Integration: full flow with real test DB
   • No E2E (not a critical path)

Questions before I start:

• Email provider?
• Token length and hashing algorithm preference?
• Should used tokens be deleted or marked used?

“A plan that asks questions is more valuable than a plan that assumes answers.” You answer the questions. You approve the plan. Only now does coding start. Claude implements. Because the preferences are loaded, it automatically: Creates /features/auth/ForgotPasswordForm.tsx — not /components/ForgotPassword.tsx

Uses useState for form fields, TanStack Query for the API calls Writes catch blocks that console.error and surface toasts Does NOT add useCallback to handlers without profiler evidence You watch. You redirect if something drifts. “Supervision isn’t distrust — it’s how you catch small course corrections before they become major detours.” pnpm test

Must exit 0. Not “mostly passing.” Not “the one failing test is unrelated.” All tests pass. If they fail: FAIL features/auth/usePasswordReset.test.ts ✗ handles expired token correctly Expected: { error: ‘Token expired’ } Received: { error: undefined }

You stop. You fix it. You run tests again. Only when green do you proceed. “You wouldn’t send a letter before proofreading it. You wouldn’t ship code before testing it. The test gate is the proofread.” /cost → Tokens used: 18,492 | Delta: +15,645 | Cost: $0.026

~15k tokens for a medium feature is normal. If you saw +80k tokens, that’s a red flag — Claude may have scanned the whole codebase or looped a tool call. Investigate before spending on the code review. /code-review

Claude reviews the diff — not the whole codebase, just what changed: ⚠ HIGH usePasswordReset.ts:47 Token comparison uses === (timing attack surface). Fix: use crypto.timingSafeEqual() instead.

ℹ LOW ResetPasswordForm.tsx:23 Loading state not shown during submission. Fix: disable submit button while isPending is true.

“A second pair of eyes catches what the first pair stopped seeing. Even if both pairs belong to the same AI.” Fix the HIGH immediately. Decide on the LOW. /simplify

Code review found bugs. Simplify finds clutter: usePasswordReset.ts: resetForm() called in 3 places — extract to reset handler ForgotPasswordForm.tsx: inline styles on 2 elements — move to className

This pass doesn’t hunt for bugs. It hunts for code that works but could be cleaner. “A code review checks if the bridge is safe. Simplify checks if the bridge is elegant. Both matter.” /code-review —comment

Posts findings as inline comments directly on the GitHub PR. Reviewers see the notes in context — right on the lines that matter. PR is ready for human review.

Step Command Time

1 /status 30 sec

2 /cost 5 sec

3 /plan 10–20 min

4 Code varies

5 pnpm test 2–5 min

6 /cost 5 sec

7 /code-review 5–10 min

8 /simplify 5–10 min

9 /code-review —comment 2 min

Total gate overhead: ~30–40 minutes. Defects reaching production: dramatically fewer. “The gates don’t slow you down. They stop you from having to go back.” Without the gates, the same feature might take 45 minutes to implement. But: The token comparison vulnerability reaches production ← timing attack A test failure was “unrelated” and got ignored ← it wasn’t Folder structure drifted from feature-based ← scattered files PR has no inline notes ← reviewer has no context Session cost 3x more ← nobody checked the delta “Fast and wrong is slower than right the first time.” You don’t need to implement this entire workflow today. Start here: Create ~/.claude/CLAUDE.md with four rules: think first, simplicity, surgical changes, goal-driven Create one memory file — next time Claude does something you didn’t want, write it down Add the test gate — never proceed past failing tests The rest follows naturally.

Part Topic

Part 1 Overview — the full system

Part 2 The Handbook (CLAUDE.md)

Part 3 The Memory System

Part 4 Battle Scars as Rules (Feedback Files)

Part 5 Your Coding DNA (User Preferences)

Part 6 Context is King (Project + Reference Files)

Part 7 A Day in the Life (Complete Walkthrough)

All workflow files on GitHub “Discipline is not the enemy of creativity. It’s the foundation that lets creativity build something that lasts.” Thanks for following the series. If you build your own version of this workflow, share it — I’d love to see how others adapt these ideas.