2025-05-08 20:20:26 -04:00
|
|
|
# Project Planning and Code Guidelines
|
|
|
|
|
|
|
|
|
|
## General Code Guidelines
|
|
|
|
|
|
|
|
|
|
* **Modular Design:** Use Object-Oriented Programming (OOP) where possible to separate concerns and promote code reuse.
|
|
|
|
|
* **File Size Limit:** No single Python file should exceed **600 lines** to improve readability and maintainability.
|
|
|
|
|
* **Commenting:**
|
|
|
|
|
|
|
|
|
|
* Use clear, concise comments to explain complex logic.
|
|
|
|
|
* Include function and class docstrings where appropriate.
|
|
|
|
|
* Use in-line comments sparingly and only when the logic is not immediately obvious.
|
|
|
|
|
* **Code Structure:**
|
|
|
|
|
|
|
|
|
|
* Follow the Model-View-Controller (MVC) pattern where applicable.
|
|
|
|
|
* Group related classes and functions into separate modules for clarity.
|
|
|
|
|
* **Error Handling:** Implement robust error handling with meaningful messages and fallback behavior where possible.
|
|
|
|
|
* **Readability:**
|
|
|
|
|
|
|
|
|
|
* Use meaningful variable and function names.
|
|
|
|
|
* Avoid deeply nested loops and conditionals where possible.
|
|
|
|
|
|
|
|
|
|
## API Design Guidelines
|
|
|
|
|
|
|
|
|
|
* **RESTful Endpoints:** Use RESTful conventions for all API endpoints.
|
|
|
|
|
* **Status Codes:** Return appropriate HTTP status codes (e.g., 200 for success, 404 for not found, 500 for server error).
|
|
|
|
|
* **Error Responses:** Provide consistent and descriptive error messages.
|
|
|
|
|
* **Data Validation:** Validate all incoming data to prevent unexpected behavior and security issues.
|
2025-05-08 20:49:15 -04:00
|
|
|
* **Unified API and UI:** For demo purposes, both the API endpoints and admin UI should be served by the same Flask application.
|
2025-05-08 20:20:26 -04:00
|
|
|
|
|
|
|
|
## File Organization
|
|
|
|
|
|
|
|
|
|
* **Static Files:** Store images in the `static/images/` directory.
|
|
|
|
|
* **Product Data:** Store product metadata in `products.json`.
|
|
|
|
|
* **Configuration Files:** Use a dedicated `config/` directory for environment-specific settings.
|
2025-05-08 20:49:15 -04:00
|
|
|
* **Templates:** Store HTML templates in the `templates/` directory, with admin-specific templates in `templates/admin/`.
|
|
|
|
|
|
|
|
|
|
## Documentation Guidelines
|
|
|
|
|
|
|
|
|
|
* **Keep Documentation Updated:** Update TASK.md as features are implemented to track progress.
|
|
|
|
|
* **Readme First:** README.md should always reflect the current state of the project and provide clear setup instructions.
|
|
|
|
|
* **Code Comments:** Keep code comments in sync with implementation changes.
|
|
|
|
|
* **API Documentation:** Document all API endpoints, including request/response formats.
|
2025-05-08 20:20:26 -04:00
|
|
|
|
|
|
|
|
## Security Guidelines
|
|
|
|
|
|
|
|
|
|
* **No Hardcoded Credentials:** Avoid hardcoding sensitive information like passwords or API keys.
|
|
|
|
|
* **Input Sanitization:** Validate and sanitize all user input to prevent injection attacks.
|
|
|
|
|
* **Minimal Permissions:** Run the application with the least required privileges.
|
|
|
|
|
|
|
|
|
|
## Future Considerations
|
|
|
|
|
|
|
|
|
|
* **Scalability:** Plan for the potential migration to a database if the product catalog grows.
|
|
|
|
|
* **API Rate Limiting:** Consider adding rate limiting for public APIs.
|
|
|
|
|
* **Monitoring and Logging:** Implement basic logging for audit trails and error diagnosis.
|
|
|
|
|
* **Deployment Automation:** Use Docker or other containerization for easy deployment and scaling.
|