Cursor Rules Template: Local Services Marketplace (Providers, Quotes, Bookings, Payments)
Cursor Rules Template for building a Node.js/Express-based local services marketplace with providers, quotes, bookings, payments, reviews, and dispute handling using Cursor AI.
Target User
Developers building a Node.js/Express-based local services marketplace
Use Cases
- Provider onboarding and quoting
- Quote-to-booking workflow
- Payment integration and settlement
- Review and dispute handling
- RBAC-enabled API surfaces
Markdown Template
Cursor Rules Template: Local Services Marketplace (Providers, Quotes, Bookings, Payments)
cursor_rules:
framework: 'Node.js + TypeScript + Express'
context: 'Local services marketplace: providers, quotes, bookings, payments, reviews, disputes'
styleGuide: 'ESLint + Prettier; Airbnb style guide'
architecture:
directories:
- 'src/auth'
- 'src/providers'
- 'src/quotes'
- 'src/bookings'
- 'src/payments'
- 'src/reviews'
- 'src/disputes'
- 'src/common'
auth:
method: 'JWT with HttpOnly refresh tokens'
roles:
- 'customer'
- 'provider'
- 'admin'
database:
engine: 'PostgreSQL'
orm: 'Generic ORM'
schema:
- users
- providers
- services
- quotes
- bookings
- payments
- reviews
- disputes
testing:
unit: true
integration: true
e2e: true
prohibitedActions:
- 'Do not bypass server-side validation'
- 'Do not perform payment operations on client side'
- 'Do not trust client input without sanitization'
coding:
style: 'TypeScript with strict mode'
deployment:
pipelines: 'GitHub Actions; deploy to staging with canary before prod'Overview
Cursor rules configuration for building a local services marketplace with providers, quotes, bookings, payments, reviews and dispute handling using Cursor AI. This Cursor rules template targets a Node.js + Express backend with PostgreSQL and a modern frontend. It defines operational rules for data flows, authentication, and AI-assisted governance that lets you paste a ready-to-use .cursorrules block into your project root.
Direct answer: Paste the block below to enable Cursor AI to manage the entire lifecycle from provider onboarding and quotes to bookings, payments, reviews, and disputes with safe AI governance.
When to Use These Cursor Rules
- When building a local services marketplace with provider onboarding, quotes, and bookings
- When you need end-to-end flow from quote to booking to payment
- When you require auditable dispute handling and review workflows
- When using Node.js/Express + PostgreSQL and a modern frontend stack
- When you want consistent architecture and security across APIs
Copyable .cursorrules Configuration
cursor_rules:
framework: 'Node.js + TypeScript + Express'
context: 'Local services marketplace: providers, quotes, bookings, payments, reviews, disputes'
styleGuide: 'ESLint + Prettier; Airbnb style guide'
architecture:
directories:
- 'src/auth'
- 'src/providers'
- 'src/quotes'
- 'src/bookings'
- 'src/payments'
- 'src/reviews'
- 'src/disputes'
- 'src/common'
auth:
method: 'JWT with HttpOnly refresh tokens'
roles:
- 'customer'
- 'provider'
- 'admin'
database:
engine: 'PostgreSQL'
orm: 'Generic ORM'
schema:
- users
- providers
- services
- quotes
- bookings
- payments
- reviews
- disputes
testing:
unit: true
integration: true
e2e: true
prohibitedActions:
- 'Do not bypass server-side validation'
- 'Do not perform payment operations on client side'
- 'Do not trust client input without sanitization'
coding:
style: 'TypeScript with strict mode'
deployment:
pipelines: 'GitHub Actions; deploy to staging with canary before prod'
Recommended Project Structure
project-root/
├── src/
│ ├── api/
│ │ ├── providers/
│ │ ├── quotes/
│ │ ├── bookings/
│ │ ├── payments/
│ │ ├── reviews/
│ │ └── disputes/
│ ├── auth/
│ ├── config/
│ ├── db/
│ ├── middleware/
│ └── index.ts
├── migrations/
├── tests/
Core Engineering Principles
- Explicit boundaries between domain modules (providers, quotes, bookings, payments, reviews, disputes)
- RBAC with server-side enforcement for every API surface
- Idempotent operations and safe retries for payments and bookings
- Atomic transactions for bookings, quotes, and payments
- Observability: structured logging, metrics, and tracing for critical flows
Code Construction Rules
- Use TypeScript with strict mode; validate inputs with DTOs and schemas
- Adopt repository/service layers for data access and business logic separation
- Leverage transactions for multi-step flows (quote → booking → payment)
- Avoid N+1 queries; fetch up-front with proper joins and indexes
- Write unit tests for validators and core services; integration tests for flows
- Document API contracts with clear shapes and error codes
- Do not embed secrets in code; use environment variables and secret management
Security and Production Rules
- Validate and sanitize all user input on the server; never trust client data
- Use HTTPS everywhere; secure cookies; CSRF protection where applicable
- Rotate and store encryption keys securely; separate data and config secrets
- Audit trails for provider onboarding, quotes, bookings, and disputes
- Limit rate and quota to protect against abuse in payments and bookings
- Automated vulnerability scanning in CI/CD and dependency audits
Testing Checklist
- Unit tests for validators, domain entities, and service methods
- Integration tests for data access, auth flows, and business rules
- End-to-end tests for provider onboarding, quoting, booking, payment, reviews, and disputes
- CI pipeline runs lint, tests, and security checks on push/PRs
- Canary deployments and health checks before production rollouts
Common Mistakes to Avoid
- Skipping server-side validation and trusting client data
- Rushing payments without atomic inventory/booking locks
- Overexposing internal endpoints or misconfiguring RBAC
- Ignoring edge cases in dispute resolution (refunds, holdbacks, timelines)
- Not aligning schemas with domain events and audit requirements
Related Cursor rules templates
Explore adjacent Cursor rules templates for similar stacks, workflows, and production constraints.
- Cursor Rules Template: Rental Marketplace with Property Listings, Applications, Tenant Screening, Payments and Messaging
- Cursor Rules Template for Node.js Hotel Booking Platform
- Cursor Rules Template: Multi-Vendor Marketplace with Seller Onboarding, Listings, Commissions, Payouts and Reviews
- Cursor Rules Template: Node.js + Sequelize Car Rental Management
FAQ
What is the purpose of this Cursor Rules Template for a local marketplace?
The template provides a copyable .cursorrules block and stack-specific project structure to enforce safe AI-assisted development for a local marketplace. It covers providers, quotes, bookings, payments, reviews, and disputes, ensuring consistent architecture and governance with Cursor AI.
How does the quotes-to-bookings flow interact with payments?
The rules define an atomic workflow: generate quotes, confirm bookings, create payments, and post-payment state transitions. All steps are transactionally guarded with server-side validation, preventing partial state changes and enabling clear audit trails for disputes.
How is authentication enforced across roles?
RBAC is enforced at API boundaries using JWTs with HttpOnly refresh tokens. Roles include customer, provider, and admin, restricting access to provider dashboards, booking operations, payment processing, and dispute handling as appropriate.
What testing is required to validate the marketplace?
Unit tests cover validators and domain services, integration tests cover database access and auth flows, and end-to-end tests simulate provider onboarding, quoting, booking, payments, review submissions, and dispute workflows in a staging environment.
How do I customize the template for my provider taxonomy?
Modify domain models (providers, services, quotes), update API contracts, and adapt the dispute and review schemas to reflect your taxonomy. Ensure the Cursor Rules block aligns with the domain-driven design and maintains transactional integrity across flows.