Python FastAPI PostgreSQL Renewal Dashboards Cursor Rules Template

Overview

The Cursor rules configuration for this template targets a Python FastAPI + PostgreSQL stack. It enables reliable renewal date and risk clause dashboards for in-house legal teams using Cursor AI rules. This page provides a copyable .cursorrules block you can drop into your project root and adapt to your data model.

When to Use These Cursor Rules

• When building auditable dashboards that track contract renewal dates and corresponding risk clauses.
• When enforcing data access rules and consistent formatting across API endpoints and dashboards.
• When integrating Cursor AI to guide data transformation, filtering, and presentation logic for legal teams.
• When you want a reusable blueprint for the Python FastAPI + PostgreSQL stack.

Copyable .cursorrules Configuration

Framework Role & Context
You are a senior Python backend engineer specializing in FastAPI and PostgreSQL. You design stable, auditable rules to support renewal date dashboards and risk clause tracking for legal teams. Follow security-conscious patterns and provide deterministic outputs for Cursor AI interpretation.

Code Style & Style Guides
PEP8, type hints, Black formatting, and mypy typings. All code blocks must be well-structured and easily reviewable.

Architecture & Directory Rules
project/
  backend/
    app/
      main.py
      api/
      core/
      models/
      dashboards/
      services/
      routes/
    migrations/

Authentication & Security Rules
OAuth2 with JWT tokens, bcrypt password hashing, rotation and refresh tokens. Never log plain credentials; use environment-based config and strict token scopes.

Database & ORM patterns
PostgreSQL with SQLAlchemy ORM (AsyncSession). Use Alembic for migrations. Parameterize all queries. Separate data access layer from business logic.

Testing & Linting Workflows
pytest, pytest-asyncio, mypy, flake8 or ruff, and pre-commit hooks. Include end-to-end tests for renewal dashboards.

Prohibited Actions & Anti-patterns for the AI
Do not execute network calls during rule evaluation. Do not bypass authentication. Do not run unparameterized SQL in rules. Do not rely on non-deterministic data; avoid side-channel timing leaks.

Recommended Project Structure

project/
  backend/
    app/
      main.py
      api/
      core/
      models/
      dashboards/
      services/
      routes/
    migrations/
  tests/

Core Engineering Principles

• Treat Cursor AI as a co-developer with strict guardrails and auditable outputs.
• Separate concerns across API, data access, and dashboards.
• Prefer type safety, explicit schemas, and thorough tests.
• Use secure defaults, minimize surface area, and enforce least privilege.
• Document rules and ensure traceability of data transformations.

Code Construction Rules

• All database access must be parameterized; avoid raw string concatenation.
• End-to-end tests must cover renewal date logic and risk clause mapping.
• API endpoints must validate inputs and emit consistent error formats.
• Use Async SQLAlchemy and proper session lifecycle management.
• Code must pass linting and type checks before CI; include mypy and flake8 steps.

Security and Production Rules

• Use OAuth2 with JWT and rotate refresh tokens; never store plain credentials.
• Encrypt sensitive fields at rest and in transit; apply strict access controls.
• Enable logging with redaction for PII; monitor dashboards for anomalies.
• Deploy with proper migrations, backward-compatible schemas, and zero-downtime deploys.

Testing Checklist

• Unit tests for data models, serializers, and business rules.
• Integration tests for API endpoints and database transactions.
• End-to-end tests that simulate renewal scenarios and risk mappings.
• Static analysis and linting in CI; run type checks with mypy.
• Security tests for token validation and access control.

Common Mistakes to Avoid

• Skipping parameterization in SQL queries.
• Relying on non-deterministic data sources in rule evaluation.
• Overloading endpoints with business logic instead of service layers.
• Never bypass authentication or store credentials insecurely.

Related implementation resources: AI Use Case for Photography Galleries Using Email Metrics To Determine Which Artist Spotlights Drive The Most Open Rates and RAG Context Windows for Legal Docs: Practical Guide.

FAQ

What is the Cursor Rules Template used for in this stack?

This Cursor Rules Template provides a repeatable, auditable set of Cursor AI instructions to govern renewal date tracking and risk clause dashboards built on Python FastAPI + PostgreSQL. It ensures consistent data access, security, and testability, while enabling rapid onboarding for legal tech dashboards.

How do I extend the rules to additional dashboards?

Clone the base .cursorrules block, adapt the Architecture & Directory Rules to new modules, and add new data mappings in the ORM layer. Maintain strict separation of concerns and ensure tests cover the new dashboard pathways and data transformations.

How are renewals and risk clauses modeled in the data layer?

The data model includes contracts with renewal_date, renewal_notice_period, and risk_clause fields. SQLAlchemy models map to a normalized schema; views and pydantic schemas expose computed dashboards, while migrations keep schema evolution safe and reversible.

How do I ensure secure authentication in FastAPI?

Implement OAuth2 with JWT, use bcrypt for password hashing, and enforce scopes for endpoints. Store tokens in HttpOnly cookies or secure headers, rotate refresh tokens, and audit authentication events in logs with redaction for sensitive data.

How do I run and test the rules locally?

Set up a local PostgreSQL container, install dependencies, and run migrations. Start the FastAPI app, and execute pytest for unit and integration tests. Use the Cursor Rules Template to verify rule-driven outputs for renewal and risk dashboards.