|
| 1 | +# CLAUDE.md - Development Quick Reference |
| 2 | + |
| 3 | +This file provides essential guidance for Claude Code when working with the Litestar Fullstack SPA project. For comprehensive architecture documentation, see `docs/architecture/`. |
| 4 | + |
| 5 | +## 🚀 Quick Commands |
| 6 | + |
| 7 | +```bash |
| 8 | +# Setup |
| 9 | +make install # Fresh installation |
| 10 | +cp .env.local.example .env # Setup environment |
| 11 | +make start-infra # Start PostgreSQL + Redis |
| 12 | +uv run app run # Start all services |
| 13 | + |
| 14 | +# Development |
| 15 | +make types # Generate TypeScript types (ALWAYS after schema changes!) |
| 16 | +make lint # Run all linting |
| 17 | +make check-all # Run all checks before commit |
| 18 | +make test # Run Python tests |
| 19 | + |
| 20 | +# Database |
| 21 | +app database upgrade # Run migrations |
| 22 | +app database make-migrations # Create new migration |
| 23 | +``` |
| 24 | + |
| 25 | +## 🎯 Critical Development Rules |
| 26 | + |
| 27 | +### ALWAYS |
| 28 | + |
| 29 | +- Run `make types` after ANY backend schema changes |
| 30 | +- Run `make lint` after code changes |
| 31 | +- Run `make check-all` before committing |
| 32 | +- Use msgspec.Struct for ALL API DTOs (NEVER raw dicts or Pydantic) |
| 33 | +- Use the inner `Repo` pattern for services |
| 34 | +- Use Advanced Alchemy base classes (UUIDAuditBase) |
| 35 | +- Type all function signatures properly |
| 36 | +- Handle async operations correctly |
| 37 | + |
| 38 | +### NEVER |
| 39 | + |
| 40 | +- Create files unless absolutely necessary |
| 41 | +- Create documentation files unless explicitly requested |
| 42 | +- Use raw dicts for API responses |
| 43 | +- Access database sessions directly (use services) |
| 44 | +- Commit without running tests |
| 45 | +- Add comments unless requested |
| 46 | +- Use emojis unless requested |
| 47 | + |
| 48 | +## 📁 Quick Structure Reference |
| 49 | + |
| 50 | +``` |
| 51 | +src/py/app/ |
| 52 | +├── db/models/ # SQLAlchemy models (use Mapped[]) |
| 53 | +├── schemas/ # msgspec.Struct DTOs (API contracts) |
| 54 | +├── services/ # Business logic (inner Repo pattern) |
| 55 | +├── server/routes/ # Litestar controllers |
| 56 | +└── lib/ # Core utilities |
| 57 | +
|
| 58 | +src/js/src/ |
| 59 | +├── components/ # React components |
| 60 | +├── routes/ # TanStack Router pages |
| 61 | +├── lib/api/ # Auto-generated client |
| 62 | +└── hooks/ # React hooks |
| 63 | +``` |
| 64 | + |
| 65 | +## 🔥 Service Pattern (Copy This!) |
| 66 | + |
| 67 | +```python |
| 68 | +from litestar.plugins.sqlalchemy import repository, service |
| 69 | +from app.db import models as m |
| 70 | + |
| 71 | +class UserService(service.SQLAlchemyAsyncRepositoryService[m.User]): |
| 72 | + """Service for user operations.""" |
| 73 | + |
| 74 | + class Repo(repository.SQLAlchemyAsyncRepository[m.User]): |
| 75 | + """User repository.""" |
| 76 | + model_type = m.User |
| 77 | + |
| 78 | + repository_type = Repo |
| 79 | + |
| 80 | + # Custom service methods here |
| 81 | +``` |
| 82 | + |
| 83 | +## 🔐 Current Authentication Features |
| 84 | + |
| 85 | +- JWT-based authentication |
| 86 | +- Email verification (with tokens) |
| 87 | +- Password reset flow (with security tracking) |
| 88 | +- 2FA/TOTP support (configurable) |
| 89 | +- OAuth Google Integration (backend complete, frontend pending) |
| 90 | +- Rate limiting on sensitive operations |
| 91 | +- Configurable security requirements |
| 92 | + |
| 93 | +## 📝 Schema Pattern (Copy This!) |
| 94 | + |
| 95 | +```python |
| 96 | +import msgspec |
| 97 | + |
| 98 | +class UserCreate(msgspec.Struct, gc=False, array_like=True, omit_defaults=True): |
| 99 | + """User creation payload.""" |
| 100 | + email: str |
| 101 | + password: str |
| 102 | + name: str | None = None |
| 103 | +``` |
| 104 | + |
| 105 | +## 🚨 Common Pitfalls to Avoid |
| 106 | + |
| 107 | +1. **Forgetting `make types`** - Frontend will have type errors |
| 108 | +2. **Using dict instead of msgspec.Struct** - Performance and validation issues |
| 109 | +3. **Direct DB access** - Always use service repositories |
| 110 | +4. **Blocking operations in async** - Use async/await properly |
| 111 | +5. **Not running tests** - Breaks in CI/CD |
| 112 | + |
| 113 | +## 🧪 Testing Commands |
| 114 | + |
| 115 | +```bash |
| 116 | +# Run specific test |
| 117 | +uv run pytest src/py/tests/integration/test_email_verification.py -xvs |
| 118 | + |
| 119 | +# Run with coverage |
| 120 | +make test-coverage |
| 121 | + |
| 122 | +# Run integration tests |
| 123 | +make test-all |
| 124 | +``` |
| 125 | + |
| 126 | +## 🔄 Workflow Reminders |
| 127 | + |
| 128 | +1. **New Feature Flow:** |
| 129 | + - Create/update models |
| 130 | + - Run `app database make-migrations` |
| 131 | + - Create msgspec schemas |
| 132 | + - Implement service with inner Repo |
| 133 | + - Add controller routes |
| 134 | + - Register in `routes/__init__.py` |
| 135 | + - Update `signature_namespace` if needed |
| 136 | + - Run `make types` |
| 137 | + - Implement frontend |
| 138 | + |
| 139 | +2. **Before Every Commit:** |
| 140 | + - `make lint` |
| 141 | + - `make test` |
| 142 | + - `make check-all` |
| 143 | + |
| 144 | +## 📊 Current Work Context |
| 145 | + |
| 146 | +- Email verification: ✅ Implemented |
| 147 | +- Password reset: ✅ Implemented |
| 148 | +- 2FA/TOTP: ✅ Implemented (configurable) |
| 149 | +- OAuth: Backend ✅ | Frontend ❌ | Tests ❌ |
| 150 | +- Production validation: Backend 70% ✅ | Frontend ❌ | Tests ❌ |
| 151 | +- Rate limiting: ✅ Basic implementation |
| 152 | + |
| 153 | +For detailed patterns and examples, see `docs/architecture/`. |
0 commit comments