Remix Framework + InfluxDB + Auth0 CLAUDE.md Template

Overview

Direct answer: This CLAUDE.md Template provides a ready-to-paste Claude Code block and file-structure guidance to build a Remix Framework app powered by InfluxDB with Auth0 authentication and InfluxDB Client Engine.

It targets Remix + InfluxDB + Auth0 stack with clear rules for architecture, file layout, authentication, database usage, validation, security, testing, and deployment. Claude should generate code and scaffolds that follow these rules.

When to Use This CLAUDE.md Template

• When you are building a Remix app that stores data in InfluxDB via the Client Engine and authenticates users with Auth0.
• When you need a reproducible, copy-paste CLAUDE.md template to bootstrap a project with consistent conventions.
• When you want strict guidelines for testing, deployment, and security specific to this stack.

Copyable CLAUDE.md Template

# CLAUDE.md

Project role: You are Claude Code, an experienced full-stack engineer with a focus on Remix Framework, InfluxDB, Auth0, and the InfluxDB Client Engine. You will generate a copyable CLAUDE.md template and a recommended project layout that is safe to paste into a repository.

Architecture rules:
- Use Remix as the frontend and server runtime.
- Use InfluxDB Client Engine for data writes and queries.
- Authenticate users with Auth0 and enforce role-based access where applicable.
- Keep business logic in a dedicated server layer; avoid leaking credentials to the client.
- Use environment variables for all secrets; never embed them in code.

File structure rules:
- Follow a Remix-friendly layout with app/, routes/, and public/ as primary folders.
- Create a separate infra/ folder for DB configuration and deployment helpers.
- Use a dedicated src/ or lib/ for shared utilities; avoid duplicating code.
- Place InfluxDB client setup under infra/db/influxdb.ts and reuse it across routes.

Authentication rules:
- Integrate Auth0 via standard OAuth 2.0/OIDC flows.
- Store session cookies as HTTPOnly; implement CSRF protection for stateful routes.
- Validate and sanitize all user input that flows to DB writes.

Database rules:
- Connect to InfluxDB Client Engine with token from env; target a dedicated bucket per environment.
- Use prepared statements or parameterized queries; avoid string interpolation for queries.
- Honor retention policies and chunked writes where applicable.

Validation rules:
- Validate request inputs on both client and server sides; use schema validation (Zod) before DB writes.
- Normalize dates and timestamps to RFC3339.

Security rules:
- Do not log sensitive data (tokens, secrets).
- Do not expose DB tokens in frontend code.
- Enforce CORS with a narrow origin list for API routes.

Testing rules:
- Unit tests for utilities and validators.
- Integration tests for Auth0 login flow and InfluxDB writes using mocks.
- End-to-end tests for the main user journey.

Deployment rules:
- Add necessary environment variables (AUTH0_DOMAIN, AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, INFLUXDB_URL, INFLUXDB_TOKEN, INFLUXDB_ORG, INFLUXDB_BUCKET).
- Build and deploy on a Remix-friendly host (Vercel, Fly.io, or similar).
- Ensure environment-specific configs are properly isolated.

Things Claude must not do:
- Do not emit hard-coded secrets.
- Do not bypass authentication checks.
- Do not generate insecure authentication flows.
- Do not perform direct DB writes from the client.

Recommended Project Structure

remix-app/
├── app/
│   ├── components/
│   ├── routes/
│   │   ├── index.tsx
│   │   └── api/
│   │       └── users.ts
│   ├── entry.client.tsx
│   ├── entry.server.tsx
│   └── root.tsx
├── infra/
│   ├── influxdb.ts
│   └── env.example
├── package.json
├── remix.config.js
├── tsconfig.json
└── .env.example

Core Engineering Principles

• Explicitly separate concerns: frontend routes, server actions, and DB access.
• Ensure secure defaults: HTTPOnly cookies, strict CORS, and environment-based configs.
• Prefer typed schemas for validation (Zod) and robust error handling.
• Write idempotent DB operations where possible.
• Code should be maintainable and self-documenting.

Code Construction Rules

• Use Remix conventions for loaders, actions, and route modules.
• Abstract InfluxDB client setup into a single reusable module.
• Do not bypass Auth0 checks; guard sensitive routes with proper middleware.
• Validate every external input; do not trust client data.

Security and Production Rules

• Store secrets in environment variables; never commit them to code. Use a secret manager in production.
• Enable HTTPS and secure cookies for sessions.
• Limit API surface: authenticate and authorize at route boundaries.
• Rotate tokens and monitor InfluxDB client usage for anomalies.

Testing Checklist

• Unit: validators, adapters, and utilities.
• Integration: Auth0 login flow, DB writes, and data retrieval.
• End-to-end: user journey from login to data ingestion.
• Deployment: verify environment variables and runtime behavior in production-like environments.

Common Mistakes to Avoid

• Hard-coding secrets or credentials.
• Disabling Auth0 checks or skipping input validation.
• Direct client DB access or insecure query construction.
• Ignoring environment-specific configurations and retention policies.

FAQ