Why Async Confused Me More Than JWT Authentication

I thought authentication would be the hardest part of backend development.

I implemented JSON Web Token in my API using FastAPI, and surprisingly… it made sense.

But async?

That broke my brain.

JWT Felt Logical

With JWT:

• User logs in

• Server generates token

• Client sends token

• Server verifies token

Clear flow. Easy to visualize.

Even secret keys and expiration times were understandable once I practiced.

Async Felt Invisible

Async didn’t show visible behavior.

It’s not something you “see.”

You write:

async def get_user():

But what actually changes?

Nothing obvious.

That’s what made it confusing.

The Real Struggle

Here’s what confused me:

• What is an event loop?

• Why do I need await?

• What happens if I forget await?

• Why does blocking code break async?

• Why can sync and async mix but sometimes cause problems?

JWT had steps.

Async had concepts.

The Mental Model That Helped

Imagine a restaurant:

Sync version:

• Waiter takes one order.

• Goes to kitchen.

• Waits until food is ready.

• Delivers food.

• Takes next order.

Async version:

• Waiter takes order.

• Sends to kitchen.

• Doesn’t wait.

• Takes another order.

• Comes back when food is ready.

The waiter doesn’t cook faster.

He just doesn’t stand idle.

That’s async.

My Biggest Mistake

I once wrote async endpoints but used blocking database calls.

So I had async functions… but no real async behavior.

That’s when I realized:

Async is powerful only if everything in the chain supports it.