47 lines
2.2 KiB
Markdown
47 lines
2.2 KiB
Markdown
# Project Planning and Code Guidelines
|
|
|
|
## General Code Guidelines
|
|
|
|
* **Modular Design:** Use Object-Oriented Programming (OOP) where possible to separate concerns and promote code reuse.
|
|
* **File Size Limit:** No single Python file should exceed **600 lines** to improve readability and maintainability.
|
|
* **Commenting:**
|
|
|
|
* Use clear, concise comments to explain complex logic.
|
|
* Include function and class docstrings where appropriate.
|
|
* Use in-line comments sparingly and only when the logic is not immediately obvious.
|
|
* **Code Structure:**
|
|
|
|
* Follow the Model-View-Controller (MVC) pattern where applicable.
|
|
* Group related classes and functions into separate modules for clarity.
|
|
* **Error Handling:** Implement robust error handling with meaningful messages and fallback behavior where possible.
|
|
* **Readability:**
|
|
|
|
* Use meaningful variable and function names.
|
|
* Avoid deeply nested loops and conditionals where possible.
|
|
|
|
## API Design Guidelines
|
|
|
|
* **RESTful Endpoints:** Use RESTful conventions for all API endpoints.
|
|
* **Status Codes:** Return appropriate HTTP status codes (e.g., 200 for success, 404 for not found, 500 for server error).
|
|
* **Error Responses:** Provide consistent and descriptive error messages.
|
|
* **Data Validation:** Validate all incoming data to prevent unexpected behavior and security issues.
|
|
|
|
## File Organization
|
|
|
|
* **Static Files:** Store images in the `static/images/` directory.
|
|
* **Product Data:** Store product metadata in `products.json`.
|
|
* **Configuration Files:** Use a dedicated `config/` directory for environment-specific settings.
|
|
|
|
## Security Guidelines
|
|
|
|
* **No Hardcoded Credentials:** Avoid hardcoding sensitive information like passwords or API keys.
|
|
* **Input Sanitization:** Validate and sanitize all user input to prevent injection attacks.
|
|
* **Minimal Permissions:** Run the application with the least required privileges.
|
|
|
|
## Future Considerations
|
|
|
|
* **Scalability:** Plan for the potential migration to a database if the product catalog grows.
|
|
* **API Rate Limiting:** Consider adding rate limiting for public APIs.
|
|
* **Monitoring and Logging:** Implement basic logging for audit trails and error diagnosis.
|
|
* **Deployment Automation:** Use Docker or other containerization for easy deployment and scaling.
|