Cursor Rules Template: Python FastAPI PostgreSQL Audit Dashboards with Cursor AI

Overview

The Cursor rules configuration for this template enables Cursor AI to assist in building audit anomaly detection dashboards from transaction logs on a Python FastAPI + PostgreSQL stack. It defines how to ingest logs, detect anomalies, route data to dashboards, and enforce security and testing practices. Direct answer: paste the provided .cursorrules block into your project root as .cursorrules and Cursor AI will guide the implementation.

When to Use These Cursor Rules

You are building audit dashboards that surface anomalies in financial or transactional data from logs.
You use a Python FastAPI backend with PostgreSQL and SQLAlchemy for ORM.
You need deterministic ingestion, validation, and dashboard rendering with testable rules.
You want CI-friendly linting, typing, and security checks baked into the Cursor guidance.

Copyable .cursorrules Configuration

# Cursor rules template for Python-FastAPI-Postgres Audit Dashboards
// Framework Role & Context
Role: Developer Assistant for Cursor AI
Context: Build audit anomaly dashboards using transaction logs in a Python FastAPI + PostgreSQL stack. Target Postgres 15+ with SQLAlchemy ORM. Ensure dashboards are accurate, secure, and testable.

# Code Style and Style Guides
Style: Black (PEP8), isort; type hints enforced; docstrings required; avoid wildcard imports.

# Architecture & Directory Rules
ProjectRoot: .
Dirs: /app, /db, /tests, /migrations, /config
CriticalPaths: /app/main.py, /app/api, /app/dashboards
Ignore: /docs, /examples

# Authentication & Security Rules
Auth: OAuth2 with JWT in FastAPI; secrets loaded from env; never log tokens; DB roles least privilege.

# Database and ORM patterns
DB: PostgreSQL 15+
ORM: SQLAlchemy (2.0+), async patterns where possible
Models: transaction_logs, anomalies, audit_jobs
Migrations: Alembic; use transactions

# Testing & Linting Workflows
Tests: pytest, pytest-asyncio
Lint: mypy, black, ruff; CI runs on PRs
Tests: unit, integration, end-to-end dashboard checks

# Prohibited Actions and Anti-patterns
Do not execute raw SQL without parameters
Do not log sensitive fields (PII, account numbers)
Do not run DB migrations in production handlers
Do not expose debugging endpoints in production

Recommended Project Structure

project-root/
├── app/
│   ├── api/
│   │   ├── endpoints.py
│   │   └── deps.py
│   ├── dashboards/
│   │   ├── audit_dashboard.py
│   │   └── charts.py
│   ├── core/
│   │   ├── config.py
│   │   └── security.py
│   ├── models/
│   │   └── transaction.py
│   ├── services/
│   │   └── anomaly.py
│   └── main.py
├── db/
│   ├── migrations/
│   └── init.sql
├── tests/
│   └── test_audit.py
├── requirements.txt
├── alembic.ini
└── README.md

Core Engineering Principles

Single source of truth for log ingestion and transformation.
Idempotent, auditable data pipelines with strict schema contracts.
Security by default: least privilege, secret management, and access controls.
Deterministic tests for dashboards and anomaly rules.
Observability: structured logging, metrics, and tracing for all rules.
Clear separation of concerns between ingestion, processing, and presentation.

Code Construction Rules

Adhere to Pythonic conventions; type hints are mandatory for public APIs.
Use async database access where supported to avoid blocking I/O.
All SQL must be parameterized; avoid string concatenation for queries.
Dashboard data models must be explicit; avoid implicit type coercion.
Keep business logic out of API endpoints; use services for analytics.

Security and Production Rules

Store credentials in environment variables or secret managers; never commit secrets.
Use OAuth2/JWT for API authentication; enforce role-based access control on dashboards.
Enable HTTPS in production and rotate keys periodically.
Enforce input validation and strict schema for log ingestion.
Monitor for suspicious SQL patterns and protect against SQL injection.

Testing Checklist

Unit tests for data parsing and anomaly detection logic.
Integration tests for the ingestion pipeline and ORM models.
End-to-end tests of dashboard rendering with sample logs.
Static type checks (mypy) and linting in CI.
Regression tests for schema changes and migrations.

Common Mistakes to Avoid

Relying on raw SQL in business logic; use ORM abstractions and parameterized queries.
Exposing sensitive fields in dashboards or logs.
Skipping test coverage for edge-case anomaly patterns.
Over-fetching data in dashboards; paginate or summarize early.
Neglecting secret rotation and access controls during deployment.

FAQ

What stack does this Cursor Rules Template cover?

This template targets a Python FastAPI backend with PostgreSQL, using SQLAlchemy for ORM and a dashboard layer to visualize transaction log anomalies. Cursor AI helps enforce structure, testing, and security while guiding implementation.

How do I apply the copied .cursorrules block?

Place the .cursorrules file at your repository root. Cursor AI will read it to guide code structure, conventions, and anti-patterns for your audit dashboard stack.

What should the project structure look like?

Keep ingestion, processing, and dashboards separated under app/ with models and services; include db/migrations and tests to align with the template.

How is security implemented in this template?

Secrets come from env vars or secret managers; use OAuth2/JWT for APIs; restrict dashboard access and avoid logging sensitive data.

What tests are recommended for audit dashboards?

Unit tests for parsing and anomaly logic, integration tests for ingestion, and end-to-end tests for dashboards; run type checks and lint in CI.

Where can I find related Cursor Rules Templates?

See the Cursor Rules Templates collection on the AI Skills Library for additional templates that cover other stacks or integrations. This helps maintain consistency across projects using Cursor AI.

Target User

Use Cases