autoworkflow 3.1.4 → 3.5.0

package/.claude/skills/fiber.md

@@ -0,0 +1,315 @@
+# Fiber Framework Skill
+
+## Application Setup
+\`\`\`go
+package main
+
+import (
+    "log"
+    "os"
+    "time"
+
+    "github.com/gofiber/fiber/v2"
+    "github.com/gofiber/fiber/v2/middleware/cors"
+    "github.com/gofiber/fiber/v2/middleware/limiter"
+    "github.com/gofiber/fiber/v2/middleware/logger"
+    "github.com/gofiber/fiber/v2/middleware/recover"
+)
+
+func main() {
+    app := fiber.New(fiber.Config{
+        ErrorHandler:          customErrorHandler,
+        DisableStartupMessage: os.Getenv("ENV") == "production",
+        ReadTimeout:           10 * time.Second,
+        WriteTimeout:          10 * time.Second,
+    })
+
+    // Global middleware
+    app.Use(recover.New())
+    app.Use(logger.New())
+    app.Use(cors.New(cors.Config{
+        AllowOrigins: "*",
+        AllowMethods: "GET,POST,PUT,DELETE,OPTIONS",
+        AllowHeaders: "Authorization,Content-Type",
+    }))
+
+    // Health check
+    app.Get("/health", func(c *fiber.Ctx) error {
+        return c.JSON(fiber.Map{"status": "ok"})
+    })
+
+    setupRoutes(app)
+
+    log.Fatal(app.Listen(":3000"))
+}
+\`\`\`
+
+## Route Groups
+\`\`\`go
+func setupRoutes(app *fiber.App) {
+    api := app.Group("/api/v1")
+
+    // Public routes
+    auth := api.Group("/auth")
+    auth.Post("/login", loginHandler)
+    auth.Post("/register", registerHandler)
+
+    // Protected routes
+    protected := api.Group("", AuthMiddleware())
+
+    // Users
+    users := protected.Group("/users")
+    users.Get("/", listUsersHandler)
+    users.Get("/:id", getUserHandler)
+    users.Put("/:id", updateUserHandler)
+    users.Delete("/:id", deleteUserHandler)
+
+    // Posts with rate limiting
+    posts := protected.Group("/posts", limiter.New(limiter.Config{
+        Max:        10,
+        Expiration: time.Minute,
+    }))
+    posts.Get("/", listPostsHandler)
+    posts.Post("/", createPostHandler)
+}
+\`\`\`
+
+## Request Parsing and Validation
+\`\`\`go
+type CreateUserRequest struct {
+    Email    string \`json:"email" validate:"required,email"\`
+    Name     string \`json:"name" validate:"required,min=2,max=100"\`
+    Password string \`json:"password" validate:"required,min=8"\`
+}
+
+type QueryParams struct {
+    Page    int    \`query:"page"\`
+    PerPage int    \`query:"per_page"\`
+    Sort    string \`query:"sort"\`
+}
+
+func createUserHandler(c *fiber.Ctx) error {
+    var req CreateUserRequest
+    if err := c.BodyParser(&req); err != nil {
+        return fiber.NewError(fiber.StatusBadRequest, "invalid request body")
+    }
+
+    // Validate using go-playground/validator
+    if err := validate.Struct(&req); err != nil {
+        return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{
+            "error":   "validation_error",
+            "details": formatValidationErrors(err),
+        })
+    }
+
+    user, err := userService.Create(c.Context(), req)
+    if err != nil {
+        return err  // Handled by custom error handler
+    }
+
+    return c.Status(fiber.StatusCreated).JSON(user)
+}
+
+func listUsersHandler(c *fiber.Ctx) error {
+    var query QueryParams
+    if err := c.QueryParser(&query); err != nil {
+        return fiber.NewError(fiber.StatusBadRequest, "invalid query parameters")
+    }
+
+    // Defaults
+    if query.Page == 0 {
+        query.Page = 1
+    }
+    if query.PerPage == 0 {
+        query.PerPage = 20
+    }
+
+    users, total, err := userService.List(c.Context(), query)
+    if err != nil {
+        return err
+    }
+
+    return c.JSON(fiber.Map{
+        "data":     users,
+        "total":    total,
+        "page":     query.Page,
+        "per_page": query.PerPage,
+    })
+}
+
+func getUserHandler(c *fiber.Ctx) error {
+    id := c.Params("id")
+
+    user, err := userService.GetByID(c.Context(), id)
+    if err != nil {
+        return err
+    }
+
+    return c.JSON(user)
+}
+\`\`\`
+
+## Custom Middleware
+\`\`\`go
+// Auth Middleware
+func AuthMiddleware() fiber.Handler {
+    return func(c *fiber.Ctx) error {
+        authHeader := c.Get("Authorization")
+        if authHeader == "" {
+            return fiber.NewError(fiber.StatusUnauthorized, "missing authorization header")
+        }
+
+        tokenString := strings.TrimPrefix(authHeader, "Bearer ")
+        claims, err := validateToken(tokenString)
+        if err != nil {
+            return fiber.NewError(fiber.StatusUnauthorized, "invalid token")
+        }
+
+        // Store in Locals
+        c.Locals("userID", claims.UserID)
+        c.Locals("userRole", claims.Role)
+
+        return c.Next()
+    }
+}
+
+// Request ID Middleware
+func RequestIDMiddleware() fiber.Handler {
+    return func(c *fiber.Ctx) error {
+        requestID := c.Get("X-Request-ID")
+        if requestID == "" {
+            requestID = uuid.New().String()
+        }
+        c.Locals("requestID", requestID)
+        c.Set("X-Request-ID", requestID)
+        return c.Next()
+    }
+}
+
+// Get user from context
+func getUserFromContext(c *fiber.Ctx) string {
+    userID, ok := c.Locals("userID").(string)
+    if !ok {
+        return ""
+    }
+    return userID
+}
+\`\`\`
+
+## Error Handling
+\`\`\`go
+// Custom error handler
+func customErrorHandler(c *fiber.Ctx, err error) error {
+    // Default to 500
+    code := fiber.StatusInternalServerError
+    message := "internal server error"
+
+    // Check for fiber.Error
+    var e *fiber.Error
+    if errors.As(err, &e) {
+        code = e.Code
+        message = e.Message
+    }
+
+    // Check for custom errors
+    switch {
+    case errors.Is(err, ErrNotFound):
+        code = fiber.StatusNotFound
+        message = "resource not found"
+    case errors.Is(err, ErrUnauthorized):
+        code = fiber.StatusUnauthorized
+        message = "unauthorized"
+    case errors.Is(err, ErrForbidden):
+        code = fiber.StatusForbidden
+        message = "forbidden"
+    case errors.Is(err, ErrConflict):
+        code = fiber.StatusConflict
+        message = "resource already exists"
+    }
+
+    // Log internal errors
+    if code == fiber.StatusInternalServerError {
+        log.Printf("internal error: %v", err)
+    }
+
+    return c.Status(code).JSON(fiber.Map{
+        "error": message,
+    })
+}
+\`\`\`
+
+## Testing
+\`\`\`go
+package handler_test
+
+import (
+    "bytes"
+    "encoding/json"
+    "io"
+    "net/http/httptest"
+    "testing"
+
+    "github.com/gofiber/fiber/v2"
+    "github.com/stretchr/testify/assert"
+)
+
+func setupTestApp() *fiber.App {
+    app := fiber.New(fiber.Config{
+        ErrorHandler: customErrorHandler,
+    })
+    setupRoutes(app)
+    return app
+}
+
+func TestCreateUser(t *testing.T) {
+    app := setupTestApp()
+
+    tests := []struct {
+        name       string
+        body       map[string]interface{}
+        wantStatus int
+    }{
+        {
+            name: "valid user",
+            body: map[string]interface{}{
+                "email":    "test@example.com",
+                "name":     "Test User",
+                "password": "password123",
+            },
+            wantStatus: fiber.StatusCreated,
+        },
+        {
+            name: "missing email",
+            body: map[string]interface{}{
+                "name":     "Test User",
+                "password": "password123",
+            },
+            wantStatus: fiber.StatusBadRequest,
+        },
+    }
+
+    for _, tt := range tests {
+        t.Run(tt.name, func(t *testing.T) {
+            body, _ := json.Marshal(tt.body)
+            req := httptest.NewRequest("POST", "/api/v1/users", bytes.NewBuffer(body))
+            req.Header.Set("Content-Type", "application/json")
+
+            resp, _ := app.Test(req)
+            assert.Equal(t, tt.wantStatus, resp.StatusCode)
+        })
+    }
+}
+\`\`\`
+
+## ✅ DO
+- Use \`fiber.Config\` for app configuration
+- Use \`c.Context()\` for passing context to services
+- Return errors from handlers (let error handler process them)
+- Use \`c.Locals()\` for request-scoped values
+- Use built-in middleware (logger, recover, cors, limiter)
+
+## ❌ DON'T
+- Don't ignore errors from \`BodyParser\` or \`QueryParser\`
+- Don't use \`c.Context()\` after handler returns (it's pooled)
+- Don't modify response after calling \`c.Next()\` in middleware
+- Don't store Fiber context in goroutines (copy needed values first)

package/.claude/skills/flask.md

@@ -0,0 +1,322 @@
+# Flask Skill
+
+## Project Structure
+\`\`\`
+app/
+├── __init__.py           # Application factory
+├── config.py             # Configuration
+├── extensions.py         # Flask extensions
+├── models/
+│   └── user.py
+├── routes/
+│   ├── __init__.py
+│   ├── auth.py
+│   └── users.py
+├── services/
+│   └── user.py
+└── templates/
+    └── base.html
+\`\`\`
+
+## Application Factory
+\`\`\`python
+# __init__.py
+from flask import Flask
+from app.extensions import db, migrate, jwt
+from app.config import config
+
+def create_app(config_name='development'):
+    app = Flask(__name__)
+    app.config.from_object(config[config_name])
+
+    # Initialize extensions
+    db.init_app(app)
+    migrate.init_app(app, db)
+    jwt.init_app(app)
+
+    # Register blueprints
+    from app.routes.auth import auth_bp
+    from app.routes.users import users_bp
+
+    app.register_blueprint(auth_bp, url_prefix='/auth')
+    app.register_blueprint(users_bp, url_prefix='/api/users')
+
+    # Register error handlers
+    register_error_handlers(app)
+
+    return app
+
+def register_error_handlers(app):
+    @app.errorhandler(404)
+    def not_found(error):
+        return {'error': 'Not found'}, 404
+
+    @app.errorhandler(500)
+    def internal_error(error):
+        db.session.rollback()
+        return {'error': 'Internal server error'}, 500
+
+# extensions.py
+from flask_sqlalchemy import SQLAlchemy
+from flask_migrate import Migrate
+from flask_jwt_extended import JWTManager
+
+db = SQLAlchemy()
+migrate = Migrate()
+jwt = JWTManager()
+\`\`\`
+
+## Configuration
+\`\`\`python
+# config.py
+import os
+
+class Config:
+    SECRET_KEY = os.environ.get('SECRET_KEY', 'dev-secret')
+    SQLALCHEMY_TRACK_MODIFICATIONS = False
+    JWT_SECRET_KEY = os.environ.get('JWT_SECRET_KEY', 'jwt-secret')
+
+class DevelopmentConfig(Config):
+    DEBUG = True
+    SQLALCHEMY_DATABASE_URI = 'sqlite:///dev.db'
+
+class ProductionConfig(Config):
+    SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL')
+
+class TestingConfig(Config):
+    TESTING = True
+    SQLALCHEMY_DATABASE_URI = 'sqlite:///:memory:'
+
+config = {
+    'development': DevelopmentConfig,
+    'production': ProductionConfig,
+    'testing': TestingConfig,
+}
+\`\`\`
+
+## Blueprints & Routes
+\`\`\`python
+# routes/users.py
+from flask import Blueprint, request, jsonify
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from app.models.user import User
+from app.extensions import db
+from app.schemas import UserSchema, UserCreateSchema
+
+users_bp = Blueprint('users', __name__)
+
+@users_bp.route('/', methods=['GET'])
+def get_users():
+    page = request.args.get('page', 1, type=int)
+    per_page = request.args.get('per_page', 10, type=int)
+
+    pagination = User.query.paginate(page=page, per_page=per_page)
+
+    return jsonify({
+        'users': UserSchema(many=True).dump(pagination.items),
+        'total': pagination.total,
+        'pages': pagination.pages,
+        'page': page,
+    })
+
+@users_bp.route('/<int:user_id>', methods=['GET'])
+def get_user(user_id):
+    user = User.query.get_or_404(user_id)
+    return jsonify(UserSchema().dump(user))
+
+@users_bp.route('/', methods=['POST'])
+def create_user():
+    schema = UserCreateSchema()
+    data = schema.load(request.json)
+
+    user = User(**data)
+    db.session.add(user)
+    db.session.commit()
+
+    return jsonify(UserSchema().dump(user)), 201
+
+@users_bp.route('/<int:user_id>', methods=['PUT'])
+@jwt_required()
+def update_user(user_id):
+    current_user_id = get_jwt_identity()
+    if current_user_id != user_id:
+        return jsonify({'error': 'Forbidden'}), 403
+
+    user = User.query.get_or_404(user_id)
+    data = request.json
+
+    for key, value in data.items():
+        if hasattr(user, key):
+            setattr(user, key, value)
+
+    db.session.commit()
+    return jsonify(UserSchema().dump(user))
+
+@users_bp.route('/<int:user_id>', methods=['DELETE'])
+@jwt_required()
+def delete_user(user_id):
+    user = User.query.get_or_404(user_id)
+    db.session.delete(user)
+    db.session.commit()
+    return '', 204
+\`\`\`
+
+## Authentication
+\`\`\`python
+# routes/auth.py
+from flask import Blueprint, request, jsonify
+from flask_jwt_extended import (
+    create_access_token,
+    create_refresh_token,
+    jwt_required,
+    get_jwt_identity,
+)
+from werkzeug.security import check_password_hash
+from app.models.user import User
+
+auth_bp = Blueprint('auth', __name__)
+
+@auth_bp.route('/login', methods=['POST'])
+def login():
+    email = request.json.get('email')
+    password = request.json.get('password')
+
+    user = User.query.filter_by(email=email).first()
+
+    if not user or not check_password_hash(user.password_hash, password):
+        return jsonify({'error': 'Invalid credentials'}), 401
+
+    access_token = create_access_token(identity=user.id)
+    refresh_token = create_refresh_token(identity=user.id)
+
+    return jsonify({
+        'access_token': access_token,
+        'refresh_token': refresh_token,
+    })
+
+@auth_bp.route('/refresh', methods=['POST'])
+@jwt_required(refresh=True)
+def refresh():
+    identity = get_jwt_identity()
+    access_token = create_access_token(identity=identity)
+    return jsonify({'access_token': access_token})
+
+@auth_bp.route('/me', methods=['GET'])
+@jwt_required()
+def me():
+    user_id = get_jwt_identity()
+    user = User.query.get(user_id)
+    return jsonify(UserSchema().dump(user))
+\`\`\`
+
+## Error Handling
+\`\`\`python
+from flask import jsonify
+from marshmallow import ValidationError
+
+def register_error_handlers(app):
+    @app.errorhandler(ValidationError)
+    def handle_validation_error(error):
+        return jsonify({'error': 'Validation failed', 'details': error.messages}), 400
+
+    @app.errorhandler(404)
+    def not_found(error):
+        return jsonify({'error': 'Resource not found'}), 404
+
+    @app.errorhandler(401)
+    def unauthorized(error):
+        return jsonify({'error': 'Unauthorized'}), 401
+
+    @app.errorhandler(Exception)
+    def handle_exception(error):
+        app.logger.error(f'Unhandled exception: {error}')
+        return jsonify({'error': 'Internal server error'}), 500
+\`\`\`
+
+## Request Validation (Marshmallow)
+\`\`\`python
+# schemas.py
+from marshmallow import Schema, fields, validate, post_load
+
+class UserSchema(Schema):
+    id = fields.Int(dump_only=True)
+    email = fields.Email(required=True)
+    name = fields.Str(required=True, validate=validate.Length(min=1, max=100))
+    created_at = fields.DateTime(dump_only=True)
+
+class UserCreateSchema(Schema):
+    email = fields.Email(required=True)
+    name = fields.Str(required=True)
+    password = fields.Str(required=True, load_only=True, validate=validate.Length(min=8))
+
+    @post_load
+    def hash_password(self, data, **kwargs):
+        from werkzeug.security import generate_password_hash
+        data['password_hash'] = generate_password_hash(data.pop('password'))
+        return data
+\`\`\`
+
+## Testing
+\`\`\`python
+# tests/conftest.py
+import pytest
+from app import create_app
+from app.extensions import db
+
+@pytest.fixture
+def app():
+    app = create_app('testing')
+    with app.app_context():
+        db.create_all()
+        yield app
+        db.drop_all()
+
+@pytest.fixture
+def client(app):
+    return app.test_client()
+
+@pytest.fixture
+def auth_headers(client):
+    # Create user and login
+    client.post('/auth/register', json={
+        'email': 'test@example.com',
+        'password': 'password123',
+        'name': 'Test User',
+    })
+    response = client.post('/auth/login', json={
+        'email': 'test@example.com',
+        'password': 'password123',
+    })
+    token = response.json['access_token']
+    return {'Authorization': f'Bearer {token}'}
+
+# tests/test_users.py
+def test_get_users(client):
+    response = client.get('/api/users/')
+    assert response.status_code == 200
+    assert 'users' in response.json
+
+def test_create_user(client):
+    response = client.post('/api/users/', json={
+        'email': 'new@example.com',
+        'name': 'New User',
+        'password': 'password123',
+    })
+    assert response.status_code == 201
+    assert response.json['email'] == 'new@example.com'
+\`\`\`
+
+## ❌ DON'T
+- Use app.run() in production (use gunicorn)
+- Store secrets in code
+- Forget to use application factory
+- Skip request validation
+
+## ✅ DO
+- Use blueprints for organization
+- Use Flask-SQLAlchemy for ORM
+- Use Flask-Migrate for migrations
+- Use Flask-JWT-Extended for auth
+- Use Marshmallow for validation
+- Use application factory pattern
+- Handle errors globally