@malamute/ai-rules 1.0.0 → 1.2.0

package/configs/nextjs/.claude/rules/database.md

@@ -0,0 +1,400 @@
+---
+paths:
+  - "**/prisma/**"
+  - "**/db/**"
+  - "**/lib/db.ts"
+  - "**/lib/prisma.ts"
+---
+
+# Next.js Database (Prisma)
+
+## Prisma Setup
+
+### Client Singleton
+
+```typescript
+// lib/prisma.ts
+import { PrismaClient } from '@prisma/client';
+
+const globalForPrisma = globalThis as unknown as {
+  prisma: PrismaClient | undefined;
+};
+
+export const prisma = globalForPrisma.prisma ?? new PrismaClient({
+  log: process.env.NODE_ENV === 'development' ? ['query', 'error', 'warn'] : ['error'],
+});
+
+if (process.env.NODE_ENV !== 'production') {
+  globalForPrisma.prisma = prisma;
+}
+```
+
+### Schema
+
+```prisma
+// prisma/schema.prisma
+generator client {
+  provider = "prisma-client-js"
+}
+
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+}
+
+model User {
+  id        String   @id @default(cuid())
+  email     String   @unique
+  name      String?
+  role      Role     @default(USER)
+  posts     Post[]
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+
+  @@index([email])
+}
+
+model Post {
+  id          String   @id @default(cuid())
+  title       String
+  slug        String   @unique
+  content     String?
+  published   Boolean  @default(false)
+  author      User     @relation(fields: [authorId], references: [id])
+  authorId    String
+  createdAt   DateTime @default(now())
+  updatedAt   DateTime @updatedAt
+
+  @@index([authorId])
+  @@index([slug])
+}
+
+enum Role {
+  USER
+  ADMIN
+}
+```
+
+## Query Patterns
+
+### Server Components
+
+```typescript
+// app/users/page.tsx
+import { prisma } from '@/lib/prisma';
+
+export default async function UsersPage() {
+  const users = await prisma.user.findMany({
+    select: {
+      id: true,
+      name: true,
+      email: true,
+      _count: { select: { posts: true } },
+    },
+    orderBy: { createdAt: 'desc' },
+  });
+
+  return (
+    <ul>
+      {users.map(user => (
+        <li key={user.id}>
+          {user.name} - {user._count.posts} posts
+        </li>
+      ))}
+    </ul>
+  );
+}
+```
+
+### With Pagination
+
+```typescript
+// app/posts/page.tsx
+import { prisma } from '@/lib/prisma';
+
+type Props = {
+  searchParams: Promise<{ page?: string; limit?: string }>;
+};
+
+export default async function PostsPage({ searchParams }: Props) {
+  const { page = '1', limit = '10' } = await searchParams;
+  const pageNum = parseInt(page);
+  const limitNum = parseInt(limit);
+
+  const [posts, total] = await Promise.all([
+    prisma.post.findMany({
+      where: { published: true },
+      include: { author: { select: { name: true } } },
+      skip: (pageNum - 1) * limitNum,
+      take: limitNum,
+      orderBy: { createdAt: 'desc' },
+    }),
+    prisma.post.count({ where: { published: true } }),
+  ]);
+
+  const totalPages = Math.ceil(total / limitNum);
+
+  return (
+    <>
+      <PostList posts={posts} />
+      <Pagination
+        currentPage={pageNum}
+        totalPages={totalPages}
+      />
+    </>
+  );
+}
+```
+
+### Server Actions
+
+```typescript
+// app/posts/actions.ts
+'use server';
+
+import { prisma } from '@/lib/prisma';
+import { auth } from '@/auth';
+import { revalidatePath } from 'next/cache';
+import { z } from 'zod';
+
+const createPostSchema = z.object({
+  title: z.string().min(1).max(200),
+  content: z.string().optional(),
+});
+
+export async function createPost(formData: FormData) {
+  const session = await auth();
+  if (!session) throw new Error('Unauthorized');
+
+  const data = createPostSchema.parse({
+    title: formData.get('title'),
+    content: formData.get('content'),
+  });
+
+  const slug = data.title
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, '-')
+    .replace(/(^-|-$)/g, '');
+
+  const post = await prisma.post.create({
+    data: {
+      ...data,
+      slug,
+      authorId: session.user.id,
+    },
+  });
+
+  revalidatePath('/posts');
+  return post;
+}
+
+export async function deletePost(id: string) {
+  const session = await auth();
+  if (!session) throw new Error('Unauthorized');
+
+  const post = await prisma.post.findUnique({
+    where: { id },
+    select: { authorId: true },
+  });
+
+  if (post?.authorId !== session.user.id) {
+    throw new Error('Forbidden');
+  }
+
+  await prisma.post.delete({ where: { id } });
+  revalidatePath('/posts');
+}
+```
+
+### Transactions
+
+```typescript
+export async function transferCredits(
+  fromUserId: string,
+  toUserId: string,
+  amount: number
+) {
+  return prisma.$transaction(async (tx) => {
+    const sender = await tx.user.update({
+      where: { id: fromUserId },
+      data: { credits: { decrement: amount } },
+    });
+
+    if (sender.credits < 0) {
+      throw new Error('Insufficient credits');
+    }
+
+    const recipient = await tx.user.update({
+      where: { id: toUserId },
+      data: { credits: { increment: amount } },
+    });
+
+    await tx.transaction.create({
+      data: {
+        fromUserId,
+        toUserId,
+        amount,
+        type: 'TRANSFER',
+      },
+    });
+
+    return { sender, recipient };
+  });
+}
+```
+
+## Migrations
+
+```bash
+# Create migration
+npx prisma migrate dev --name add_user_role
+
+# Apply migrations (production)
+npx prisma migrate deploy
+
+# Reset database (development)
+npx prisma migrate reset
+
+# Generate client
+npx prisma generate
+```
+
+## Seeding
+
+```typescript
+// prisma/seed.ts
+import { PrismaClient } from '@prisma/client';
+
+const prisma = new PrismaClient();
+
+async function main() {
+  // Clean up
+  await prisma.post.deleteMany();
+  await prisma.user.deleteMany();
+
+  // Create users
+  const alice = await prisma.user.create({
+    data: {
+      email: 'alice@example.com',
+      name: 'Alice',
+      role: 'ADMIN',
+      posts: {
+        create: [
+          { title: 'First Post', slug: 'first-post', published: true },
+          { title: 'Second Post', slug: 'second-post' },
+        ],
+      },
+    },
+  });
+
+  console.log({ alice });
+}
+
+main()
+  .catch(console.error)
+  .finally(() => prisma.$disconnect());
+```
+
+```json
+// package.json
+{
+  "prisma": {
+    "seed": "tsx prisma/seed.ts"
+  }
+}
+```
+
+## Soft Deletes
+
+```prisma
+model User {
+  id        String    @id @default(cuid())
+  email     String    @unique
+  deletedAt DateTime?
+
+  @@index([deletedAt])
+}
+```
+
+```typescript
+// Middleware for soft deletes
+prisma.$use(async (params, next) => {
+  if (params.model === 'User') {
+    if (params.action === 'delete') {
+      params.action = 'update';
+      params.args['data'] = { deletedAt: new Date() };
+    }
+    if (params.action === 'findMany' || params.action === 'findFirst') {
+      params.args['where'] = {
+        ...params.args['where'],
+        deletedAt: null,
+      };
+    }
+  }
+  return next(params);
+});
+```
+
+## Optimization
+
+### Select Only Needed Fields
+
+```typescript
+// BAD: Fetches all fields
+const users = await prisma.user.findMany();
+
+// GOOD: Select only needed
+const users = await prisma.user.findMany({
+  select: { id: true, name: true, email: true },
+});
+```
+
+### Avoid N+1
+
+```typescript
+// BAD: N+1 query
+const posts = await prisma.post.findMany();
+for (const post of posts) {
+  const author = await prisma.user.findUnique({ where: { id: post.authorId } });
+}
+
+// GOOD: Include relation
+const posts = await prisma.post.findMany({
+  include: { author: { select: { name: true } } },
+});
+```
+
+### Connection Pooling (Serverless)
+
+```typescript
+// For serverless (Vercel, AWS Lambda)
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+  directUrl = env("DIRECT_URL") // For migrations
+}
+
+// Use connection pooler (PgBouncer, Prisma Accelerate)
+// DATABASE_URL="prisma://accelerate.prisma-data.net/?api_key=..."
+```
+
+## Anti-patterns
+
+```typescript
+// BAD: Creating client in component
+export default async function Page() {
+  const prisma = new PrismaClient(); // New connection each request!
+}
+
+// GOOD: Use singleton
+import { prisma } from '@/lib/prisma';
+
+// BAD: Not handling errors
+const user = await prisma.user.findUnique({ where: { id } });
+return user.name; // Might be null!
+
+// GOOD: Handle null
+const user = await prisma.user.findUnique({ where: { id } });
+if (!user) notFound();
+return user.name;
+```

package/configs/nextjs/.claude/rules/middleware.md

@@ -0,0 +1,303 @@
+---
+paths:
+  - "middleware.ts"
+  - "src/middleware.ts"
+---
+
+# Next.js Middleware
+
+## Basic Structure
+
+```typescript
+// middleware.ts
+import { NextResponse } from 'next/server';
+import type { NextRequest } from 'next/server';
+
+export function middleware(request: NextRequest) {
+  // Runs on every matched request
+  return NextResponse.next();
+}
+
+export const config = {
+  matcher: [
+    // Match all paths except static files
+    '/((?!_next/static|_next/image|favicon.ico).*)',
+  ],
+};
+```
+
+## Common Patterns
+
+### Authentication
+
+```typescript
+import { NextResponse } from 'next/server';
+import type { NextRequest } from 'next/server';
+import { getToken } from 'next-auth/jwt';
+
+export async function middleware(request: NextRequest) {
+  const token = await getToken({ req: request });
+  const { pathname } = request.nextUrl;
+
+  // Public paths
+  const publicPaths = ['/login', '/register', '/api/auth'];
+  if (publicPaths.some(path => pathname.startsWith(path))) {
+    return NextResponse.next();
+  }
+
+  // Protected paths
+  if (!token) {
+    const loginUrl = new URL('/login', request.url);
+    loginUrl.searchParams.set('callbackUrl', pathname);
+    return NextResponse.redirect(loginUrl);
+  }
+
+  return NextResponse.next();
+}
+```
+
+### Role-Based Access
+
+```typescript
+export async function middleware(request: NextRequest) {
+  const token = await getToken({ req: request });
+  const { pathname } = request.nextUrl;
+
+  // Admin routes
+  if (pathname.startsWith('/admin')) {
+    if (token?.role !== 'admin') {
+      return NextResponse.redirect(new URL('/forbidden', request.url));
+    }
+  }
+
+  // API admin routes
+  if (pathname.startsWith('/api/admin')) {
+    if (token?.role !== 'admin') {
+      return NextResponse.json(
+        { error: 'Forbidden' },
+        { status: 403 }
+      );
+    }
+  }
+
+  return NextResponse.next();
+}
+```
+
+### Internationalization (i18n)
+
+```typescript
+import { NextResponse } from 'next/server';
+import type { NextRequest } from 'next/server';
+import { match } from '@formatjs/intl-localematcher';
+import Negotiator from 'negotiator';
+
+const locales = ['en', 'fr', 'de'];
+const defaultLocale = 'en';
+
+function getLocale(request: NextRequest): string {
+  const headers = { 'accept-language': request.headers.get('accept-language') || '' };
+  const languages = new Negotiator({ headers }).languages();
+  return match(languages, locales, defaultLocale);
+}
+
+export function middleware(request: NextRequest) {
+  const { pathname } = request.nextUrl;
+
+  // Check if pathname has locale
+  const pathnameHasLocale = locales.some(
+    locale => pathname.startsWith(`/${locale}/`) || pathname === `/${locale}`
+  );
+
+  if (pathnameHasLocale) return NextResponse.next();
+
+  // Redirect to locale
+  const locale = getLocale(request);
+  request.nextUrl.pathname = `/${locale}${pathname}`;
+  return NextResponse.redirect(request.nextUrl);
+}
+
+export const config = {
+  matcher: ['/((?!api|_next/static|_next/image|favicon.ico).*)'],
+};
+```
+
+### Rate Limiting
+
+```typescript
+import { NextResponse } from 'next/server';
+import type { NextRequest } from 'next/server';
+import { Ratelimit } from '@upstash/ratelimit';
+import { Redis } from '@upstash/redis';
+
+const ratelimit = new Ratelimit({
+  redis: Redis.fromEnv(),
+  limiter: Ratelimit.slidingWindow(10, '10 s'),
+});
+
+export async function middleware(request: NextRequest) {
+  if (request.nextUrl.pathname.startsWith('/api')) {
+    const ip = request.ip ?? '127.0.0.1';
+    const { success, limit, remaining, reset } = await ratelimit.limit(ip);
+
+    if (!success) {
+      return NextResponse.json(
+        { error: 'Too many requests' },
+        {
+          status: 429,
+          headers: {
+            'X-RateLimit-Limit': limit.toString(),
+            'X-RateLimit-Remaining': remaining.toString(),
+            'X-RateLimit-Reset': reset.toString(),
+          },
+        }
+      );
+    }
+  }
+
+  return NextResponse.next();
+}
+```
+
+### Geolocation Redirect
+
+```typescript
+export function middleware(request: NextRequest) {
+  const country = request.geo?.country || 'US';
+
+  // Redirect EU users to EU subdomain
+  const euCountries = ['DE', 'FR', 'IT', 'ES', 'NL'];
+  if (euCountries.includes(country) && !request.nextUrl.hostname.includes('eu.')) {
+    return NextResponse.redirect(
+      new URL(request.nextUrl.pathname, 'https://eu.example.com')
+    );
+  }
+
+  return NextResponse.next();
+}
+```
+
+### Security Headers
+
+```typescript
+export function middleware(request: NextRequest) {
+  const response = NextResponse.next();
+
+  // Security headers
+  response.headers.set('X-Frame-Options', 'DENY');
+  response.headers.set('X-Content-Type-Options', 'nosniff');
+  response.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
+  response.headers.set(
+    'Content-Security-Policy',
+    "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';"
+  );
+  response.headers.set(
+    'Permissions-Policy',
+    'camera=(), microphone=(), geolocation=()'
+  );
+
+  return response;
+}
+```
+
+### Request/Response Modification
+
+```typescript
+export function middleware(request: NextRequest) {
+  // Add custom header to request
+  const requestHeaders = new Headers(request.headers);
+  requestHeaders.set('x-request-id', crypto.randomUUID());
+
+  // Rewrite URL
+  if (request.nextUrl.pathname === '/old-path') {
+    return NextResponse.rewrite(new URL('/new-path', request.url));
+  }
+
+  // Pass headers to server components
+  const response = NextResponse.next({
+    request: {
+      headers: requestHeaders,
+    },
+  });
+
+  // Add header to response
+  response.headers.set('x-request-id', requestHeaders.get('x-request-id')!);
+
+  return response;
+}
+```
+
+### A/B Testing
+
+```typescript
+export function middleware(request: NextRequest) {
+  const bucket = request.cookies.get('ab-bucket')?.value;
+
+  if (!bucket) {
+    // Assign to bucket
+    const newBucket = Math.random() > 0.5 ? 'a' : 'b';
+    const response = NextResponse.next();
+    response.cookies.set('ab-bucket', newBucket, {
+      httpOnly: true,
+      maxAge: 60 * 60 * 24 * 30, // 30 days
+    });
+    return response;
+  }
+
+  // Rewrite based on bucket
+  if (request.nextUrl.pathname === '/landing') {
+    return NextResponse.rewrite(
+      new URL(`/landing-${bucket}`, request.url)
+    );
+  }
+
+  return NextResponse.next();
+}
+```
+
+## Matcher Patterns
+
+```typescript
+export const config = {
+  matcher: [
+    // Match all paths except static
+    '/((?!_next/static|_next/image|favicon.ico).*)',
+
+    // Match specific paths
+    '/dashboard/:path*',
+    '/api/:path*',
+
+    // Match with regex
+    '/(api|admin)/:path*',
+
+    // Exclude specific paths
+    '/((?!api/public)api/:path*)',
+  ],
+};
+```
+
+## Anti-patterns
+
+```typescript
+// BAD: Heavy computation in middleware (runs on every request)
+export async function middleware(request: NextRequest) {
+  await heavyDatabaseQuery(); // Blocks all requests!
+}
+
+// GOOD: Keep middleware lightweight
+export async function middleware(request: NextRequest) {
+  // Only quick checks, use Edge-compatible code
+}
+
+// BAD: Using Node.js APIs (middleware runs on Edge)
+import fs from 'fs'; // Won't work!
+
+// GOOD: Use Edge-compatible APIs
+import { Redis } from '@upstash/redis'; // Edge-compatible
+
+// BAD: Modifying response body
+return new Response('Modified body'); // Loses Next.js features
+
+// GOOD: Use rewrite or redirect
+return NextResponse.rewrite(new URL('/new-path', request.url));
+```