Cursor Rules Template: Django Exam Prep Platform

Overview

Direct answer: This Cursor rules template defines a Django-based exam preparation platform blueprint with question banks, mock tests, explanations, and performance analytics, governed by Cursor AI rules for safe, scalable AI-assisted development.

When to Use These Cursor Rules

You are building a Django backend for an exam prep platform with large question banks.
You need robust APIs (DRF) to expose exams, questions, mock tests, and analytics.
You require strong authentication, audit trails, and secure data handling for student results.
You want a maintainable project structure with clear boundaries across apps.
You plan to use Cursor AI to guide code generation with guardrails and validation.

Copyable .cursorrules Configuration

Framework Role & Context:
  You are a Django backend architect building an exam prep platform with question banks, mock tests, explanations, and analytics. Cursor AI will assist but must follow safety and architectural constraints.

Code Style and Style Guides:
  - Python 3.11+, Django 4.x
  - PEP8, Black, isort
  - Type hints with typing module when beneficial

Architecture & Directory Rules:
  - Project root with manage.py and requirements.txt
  - Apps: exams, questions, analytics, users
  - DRF-based API surface: serializers.py, views.py, urls.py per app
  - Use Django ORM; apply migrations for schema changes

Authentication & Security Rules:
  - JWT access/refresh with rotation; store tokens securely
  - HTTPS in prod; CSRF protection enabled; secure cookies
  - Restrict serializer fields to avoid data leakage; object-level permissions

Database and ORM patterns:
  - PostgreSQL with psycopg2; index question_bank and scoring fields
  - Use Django ORM models with related_name for reverse lookups
  - Optional Redis caching for analytics queries

Testing & Linting Workflows:
  - pytest-django; pytest for serializers & views
  - run flake8, Black, and isort in CI
  - test scoring logic with edge cases (partial banks, empty results)

Prohibited Actions and Anti-patterns for the AI:
  - Do not generate raw SQL; avoid bypassing ORM
  - Do not expose credentials or secret keys in code
  - Do not couple analytics directly to authentication state insecurely

Recommended Project Structure

myexam/
├── manage.py
├── myexam/
│   ├── __init__.py
│   ├── settings.py
│   ├── urls.py
│   ├── wsgi.py
│   └── asgi.py
├── exams/
│   ├── __init__.py
│   ├── models.py
│   ├── serializers.py
│   ├── views.py
│   ├── urls.py
│   └── apps.py
├── questions/
│   ├── __init__.py
│   ├── models.py
│   ├── serializers.py
│   ├── views.py
│   └── apps.py
├── analytics/
│   ├── __init__.py
│   ├── models.py
│   ├── services.py
│   └── apps.py
├── users/
│   ├── __init__.py
│   ├── models.py
│   ├── serializers.py
│   ├── views.py
│   └── apps.py
├── templates/
├── static/
├── requirements.txt

Core Engineering Principles

Clear separation of concerns across exams, questions, analytics, and users apps.
Defensive programming with strict data validation and permissions.
Idempotent API design and deterministic scoring logic.
Schema-driven development with migrations and versioning.
Security-by-default: least privilege, secret management, and audit trails.

Code Construction Rules

Expose RESTful endpoints via DRF with serializers for each model.
Define models: Question, Bank, Exam, MockTest, Result, Explanation, and Interaction.
Implement scoring and analytics services as separate modules with clear interfaces.
Use migrations for every schema change; avoid altering live tables directly.
Follow PEP8 and ensure tests cover edge cases (empty banks, partial results).
Do not use raw SQL in views or serializers; rely on Django ORM for data access.

Security and Production Rules

Set DEBUG=False in production; configure ALLOWED_HOSTS properly.
Use environment variables for SECRET_KEY, DB credentials, and JWT secrets.
Enforce HTTPS, HSTS, and secure cookies; enable CSRF protection for APIs.
Implement rate limiting and audit logging for exam results access.

Testing Checklist

Unit tests for models and serializers; API tests for exams, questions, and analytics endpoints.
Integration tests for exam scoring flow and result persistence.
Static analysis (flake8) and formatting checks (Black, isort) in CI.
End-to-end tests simulating user journeys (login, take mock test, view analytics).

Common Mistakes to Avoid

Overfitting the API surface; not aligning with DRF best practices.
Exposing raw data or credentials through serializers or logs.
Neglecting migrations or direct DB edits in production.
Ignoring accessibility, internationalization, or error handling in API responses.

Related Cursor rules templates

Explore adjacent Cursor rules templates for similar stacks, workflows, and production constraints.

FAQ

What is this Cursor Rules Template used for?

This template provides a Django-based backend blueprint for an exam prep platform, including question banks, mock tests, explanations, and analytics, with Cursor AI safety rules guiding code generation and validation.

Which stack does this template target?

Django, Django REST Framework, PostgreSQL, Redis (optional for caching), and Dockerized development; Cursor AI rules enforce architecture, security, and testing constraints.

How do I integrate question banks and mock tests?

Models for Bank, Question, MockTest, and TestResult support CRUD, indexing, and scoring; DRF serializers and views expose endpoints for client usage.

What are the security considerations?

Use JWT tokens with rotation, HTTPS in production, CSRF protection, secure cookies, and careful field exposure in serializers; enforce object-level permissions.

Where should I paste the .cursorrules configuration?

Place the copyable .cursorrules block in the project root within the repository, co-located with manage.py and the Django settings for consistent AI-guided development.

Target User

Use Cases