CLAUDE.md TemplatesCLAUDE.md Template

CLAUDE.md Template: Angular Material + FastAPI + Azure Blob Storage

CLAUDE.md Template for an Angular Material frontend with a FastAPI backend and Azure Blob Storage starter for Claude Code

CLAUDE.md TemplateAngular MaterialFastAPIAzure Blob StorageClaude Codestarterfrontend-backendstorageblobsecurity

Target User

Developers building CLAUDE.md templates for Claude Code on Angular Material + FastAPI + Azure Blob Storage

Use Cases

  • Bootstrap a full stack starter with frontend, backend and blob storage
  • Provide a copyable CLAUDE.md block for rapid IDE reuse

Markdown Template

CLAUDE.md Template: Angular Material + FastAPI + Azure Blob Storage

Overview

CLAUDE.md template for Angular Material + FastAPI + Azure Blob Storage is a copyable Claude Code starter. It documents frontend, backend, and storage glue in a single CLAUDE.md block you can paste into Claude Code. It is stack specific and geared toward rapid bootstrap for teams building modern web apps with Angular Material on the frontend, a FastAPI backend, and Azure Blob Storage for file handling.

When to Use This CLAUDE.md Template

- You are creating a starter project that combines a polished Angular Material UI with a FastAPI API and Azure Blob Storage for file uploads and retrievals.
- You want a reusable CLAUDE.md block that captures architecture rules, file structure, and deployment guidance for Claude Code.
- You need a consistent starter across multiple projects to enforce security, validation, and deployment standards.
Copyable CLAUDE.md Template

Paste this block into Claude Code to generate the project scaffolding described here. It includes project role, architecture rules, file structure, authentication, storage, validation, security, testing, deployment and explicit things Claude must not do.

# CLAUDE.md

Project role
- You are Claude Code. You will generate a complete starter for a full stack Angular Material frontend, FastAPI backend, and Azure Blob Storage integration. You produce a clean, production focused repository structure and a copyable CLAUDE.md template block for reuse.

Architecture rules
- Separate frontend and backend. Frontend is an Angular Material SPA. Backend is a FastAPI REST API. Azure Blob Storage handles file storage.
- Use REST endpoints for file operations. Ensure CORS configured for the frontend origin. Use HTTPS in all environments.
- Backend authentication uses OAuth2 password flow with JWT tokens. Secrets come from environment variables only.
- Frontend communicates with the backend at /api endpoints. Storage operations use backend-signed URLs or SAS tokens as appropriate.
- All services are designed as stateless services with clear interface boundaries.

File structure rules
- frontend/
- backend/
- storage/
- scripts/
- docs/

Authentication rules
- Backend: OAuth2 password flow with JWT tokens signed using HS256. Access tokens expire after 1 hour. Refresh tokens optional.
- No password in code; use environment variables for secrets. Validate JWT for protected endpoints.

Storage rules (Azure Blob Storage)
- Use a dedicated container for app data. Do not expose storage account keys in code.
- Generate SAS tokens server-side for client uploads when needed. Validate container and blob names.
- Enforce blob tier and access policies via server side logic.

Validation rules
- Validate all input with Pydantic models on the backend. Use strict schemas for file metadata and upload parameters.
- Validate user authentication state for protected endpoints.

Security rules
- Do not hardcode credentials. Do not expose private keys in repository. Do not bypass CORS or TLS requirements.
- Enforce input sanitization to prevent injection attacks. Log relevant activity without logging secrets.

Testing rules
- Backend: unit tests for each endpoint using pytest. Integration tests for Azure Blob operations.
- Frontend: unit tests with Jasmine/Karma and end-to-end tests where feasible.
- CI must run tests and linting on PRs.

Deployment rules
- Provide Dockerfiles for frontend and backend. Use docker-compose for local development; use Kubernetes manifests for production when applicable.
- Environment variables: AZURE_STORAGE_CONNECTION_STRING, JWT_SECRET, API_BASE_URL, CLIENT_URL.
- Use TLS termination at the edge or via reverse proxy. Do not store secrets in images.

Things Claude must not do
- Do not generate code that uses deprecated APIs or libraries.
- Do not embed credentials or secrets in the generated code.
- Do not bypass authentication or authorization checks.
- Do not rely on client side storage for sensitive data.
- Do not generate monolithic, untestable code; keep modular boundaries.
Recommended Project Structure

frontend/
├── src/
│   ├── app/
│   │   ├── components/
│   │   │   └── shared/
│   │   ├── services/
│   │   └── pages/
│   ├── assets/
│   └── index.html
├── angular.json
├── package.json
├── tsconfig.json
backend/
├── app/
│   ├── api/
│   │   ├── v1/
│   │   │   ├── endpoints/
│   │   │   └── schemas/
│   ├── core/
│   ├── main.py
│   └── models/
├── requirements.txt
├── Dockerfile
storage/
├── azure/
│   └── blob_config.json
Core Engineering Principles

- Clear separation of concerns between frontend, backend and storage
- Explicit interfaces and contracts for all components
- Security by default and defense in depth
- Testability and maintainability as first class citizens
- Environment driven configuration
Code Construction Rules

- Frontend uses Angular Material components for a consistent UI
- Backend uses FastAPI with Pydantic models for validation
- Azure Blob Storage access is mediated by the backend and never exposed directly to the client
- All API responses use consistent response envelopes
- Error handling is user friendly but not leaking sensitive internals
Security and Production Rules

- Always use TLS and validate origin in CORS
- Do not commit secrets; store in environment variables or secret stores
- Use least privilege for blob storage access; prefer SAS tokens scoped to operation
- Limit file sizes and validate blob names to prevent path traversal
Testing Checklist

- Unit tests for FastAPI endpoints with pytest
- Integration tests for Azure Blob Storage interactions
- Frontend unit tests and basic e2e checks
- CI runs linting, tests, and type checks
Common Mistakes to Avoid

- Hardcoding credentials or secrets
- Skipping input validation
- Overexposing APIs or storage keys to the client
- Unclear file structure and tangled dependencies
FAQ

What stack does this CLAUDE.md Template cover?Angular Material frontend, FastAPI backend, and Azure Blob Storage for file handling.What will Claude Code generate from this CLAUDE.md Template?A starter project structure with a copyable CLAUDE.md block and deployment guidance for the stack.Can I customize storage or authentication later?Yes. The template emphasizes modular components and clear interfaces to adapt to your auth or storage choices.How do I test the backend and storage integration?Unit tests for FastAPI endpoints and integration tests for Azure Blob operations.Where do I deploy this starter?Follow the deployment rules in the CLAUDE.md template to containerize and publish to your cloud environment.

Overview

CLAUDE.md template for Angular Material + FastAPI + Azure Blob Storage is a copyable Claude Code starter. It documents frontend, backend, and storage glue in a single CLAUDE.md block you can paste into Claude Code. It is stack specific and geared toward rapid bootstrap for teams building modern web apps with Angular Material on the frontend, a FastAPI backend, and Azure Blob Storage for file handling.

When to Use This CLAUDE.md Template

  • You are creating a starter project that combines a polished Angular Material UI with a FastAPI API and Azure Blob Storage for file uploads and retrievals.
  • You want a reusable CLAUDE.md block that captures architecture rules, file structure, and deployment guidance for Claude Code.
  • You need a consistent starter across multiple projects to enforce security, validation, and deployment standards.

Copyable CLAUDE.md Template

Paste this block into Claude Code to generate the project scaffolding described here. It includes project role, architecture rules, file structure, authentication, storage, validation, security, testing, deployment and explicit things Claude must not do.

# CLAUDE.md

Project role
- You are Claude Code. You will generate a complete starter for a full stack Angular Material frontend, FastAPI backend, and Azure Blob Storage integration. You produce a clean, production focused repository structure and a copyable CLAUDE.md template block for reuse.

Architecture rules
- Separate frontend and backend. Frontend is an Angular Material SPA. Backend is a FastAPI REST API. Azure Blob Storage handles file storage.
- Use REST endpoints for file operations. Ensure CORS configured for the frontend origin. Use HTTPS in all environments.
- Backend authentication uses OAuth2 password flow with JWT tokens. Secrets come from environment variables only.
- Frontend communicates with the backend at /api endpoints. Storage operations use backend-signed URLs or SAS tokens as appropriate.
- All services are designed as stateless services with clear interface boundaries.

File structure rules
- frontend/
- backend/
- storage/
- scripts/
- docs/

Authentication rules
- Backend: OAuth2 password flow with JWT tokens signed using HS256. Access tokens expire after 1 hour. Refresh tokens optional.
- No password in code; use environment variables for secrets. Validate JWT for protected endpoints.

Storage rules (Azure Blob Storage)
- Use a dedicated container for app data. Do not expose storage account keys in code.
- Generate SAS tokens server-side for client uploads when needed. Validate container and blob names.
- Enforce blob tier and access policies via server side logic.

Validation rules
- Validate all input with Pydantic models on the backend. Use strict schemas for file metadata and upload parameters.
- Validate user authentication state for protected endpoints.

Security rules
- Do not hardcode credentials. Do not expose private keys in repository. Do not bypass CORS or TLS requirements.
- Enforce input sanitization to prevent injection attacks. Log relevant activity without logging secrets.

Testing rules
- Backend: unit tests for each endpoint using pytest. Integration tests for Azure Blob operations.
- Frontend: unit tests with Jasmine/Karma and end-to-end tests where feasible.
- CI must run tests and linting on PRs.

Deployment rules
- Provide Dockerfiles for frontend and backend. Use docker-compose for local development; use Kubernetes manifests for production when applicable.
- Environment variables: AZURE_STORAGE_CONNECTION_STRING, JWT_SECRET, API_BASE_URL, CLIENT_URL.
- Use TLS termination at the edge or via reverse proxy. Do not store secrets in images.

Things Claude must not do
- Do not generate code that uses deprecated APIs or libraries.
- Do not embed credentials or secrets in the generated code.
- Do not bypass authentication or authorization checks.
- Do not rely on client side storage for sensitive data.
- Do not generate monolithic, untestable code; keep modular boundaries.

Recommended Project Structure

frontend/
├── src/
│   ├── app/
│   │   ├── components/
│   │   │   └── shared/
│   │   ├── services/
│   │   └── pages/
│   ├── assets/
│   └── index.html
├── angular.json
├── package.json
├── tsconfig.json
backend/
├── app/
│   ├── api/
│   │   ├── v1/
│   │   │   ├── endpoints/
│   │   │   └── schemas/
│   ├── core/
│   ├── main.py
│   └── models/
├── requirements.txt
├── Dockerfile
storage/
├── azure/
│   └── blob_config.json

Core Engineering Principles

  • Clear separation of concerns between frontend, backend and storage
  • Explicit interfaces and contracts for all components
  • Security by default and defense in depth
  • Testability and maintainability as first class citizens
  • Environment driven configuration

Code Construction Rules

  • Frontend uses Angular Material components for a consistent UI
  • Backend uses FastAPI with Pydantic models for validation
  • Azure Blob Storage access is mediated by the backend and never exposed directly to the client
  • All API responses use consistent response envelopes
  • Error handling is user friendly but not leaking sensitive internals

Security and Production Rules

  • Always use TLS and validate origin in CORS
  • Do not commit secrets; store in environment variables or secret stores
  • Use least privilege for blob storage access; prefer SAS tokens scoped to operation
  • Limit file sizes and validate blob names to prevent path traversal

Testing Checklist

  • Unit tests for FastAPI endpoints with pytest
  • Integration tests for Azure Blob Storage interactions
  • Frontend unit tests and basic e2e checks
  • CI runs linting, tests, and type checks

Common Mistakes to Avoid

  • Hardcoding credentials or secrets
  • Skipping input validation
  • Overexposing APIs or storage keys to the client
  • Unclear file structure and tangled dependencies

FAQ

What stack does this CLAUDE.md Template cover?
Angular Material frontend, FastAPI backend, and Azure Blob Storage for file handling.
What will Claude Code generate from this CLAUDE.md Template?
A starter project structure with a copyable CLAUDE.md block and deployment guidance for the stack.
Can I customize storage or authentication later?
Yes. The template emphasizes modular components and clear interfaces to adapt to your auth or storage choices.
How do I test the backend and storage integration?
Unit tests for FastAPI endpoints and integration tests for Azure Blob operations.
Where do I deploy this starter?
Follow the deployment rules in the CLAUDE.md template to containerize and publish to your cloud environment.