markdowntown-backend
Core workflow
- •Identify whether the change is an API route, a data-model change (Prisma), or validation logic.
- •For API routes, confirm auth/rate-limits + response shape and cache tag invalidation.
- •For Prisma changes, update
prisma/schema.prisma, run migrations/generate, and update callers. - •For validation updates, reuse shared validators and keep error messages consistent.
- •Run compile/lint/unit tests; update API tests if response shapes change.
Quick map
- •API routes:
src/app/api/**/route.ts - •Auth gating:
src/lib/requireSession.ts,src/lib/auth.ts - •Rate limiting + abuse logging:
src/lib/rateLimiter.ts,src/lib/reports.ts - •Prisma client:
src/lib/prisma.ts - •Prisma schema + migrations:
prisma/schema.prisma,prisma/migrations/* - •Cache tags + revalidation:
src/lib/cacheTags.ts,src/lib/revalidate.ts,src/lib/cache.ts - •Validation:
src/lib/validation.ts,src/lib/skills/skillValidate.ts,src/lib/uam/uamValidate.ts,src/lib/uam/uamLint.ts
Guardrails
- •Keep API responses deterministic; use
NextResponse.jsonwith explicit status codes. - •When mutating data, call
safeRevalidateTagfor list/detail tags and landing. - •Do not bypass
requireSessionfor private routes; keep 401 responses consistent. - •Avoid direct Prisma access from UI components; use API routes or server utilities.
References
- •docs/DEV_ONBOARDING.md
- •docs/MIGRATIONS.md
- •docs/architecture/architecture.md
- •docs/architecture/security-public-rendering.md
- •codex/skills/markdowntown-backend/references/api-routes.md
- •codex/skills/markdowntown-backend/references/prisma.md
- •codex/skills/markdowntown-backend/references/validation.md