Cursor Rules Template: Revenue Intelligence Dashboard (React + Express + PostgreSQL)

Overview

Cursor rules configuration for a revenue intelligence dashboard stack built with React on the frontend, Express on the backend, and PostgreSQL as the data store. This template enables Cursor AI to generate, validate, and optimize code, API contracts, tests, and deployment guidance tailored to pipeline forecasting, rep performance, quota tracking, and AI-driven insights. It provides a copyable .cursorrules block you can paste into your project root to drive consistent AI-assisted development.

Direct answer: this Cursor rules template delivers a ready-to-paste configuration that guides Cursor AI to produce stack-specific artifacts, enforce security, and keep architecture aligned with React + Express + PostgreSQL best practices.

When to Use These Cursor Rules

• Starting a revenue intelligence dashboard project with a React + Express + PostgreSQL stack
• Defining strict API contracts and data schemas for forecasting dashboards
• Ensuring secure authentication, data access, and safe AI-assisted generation
• Generating tests, linting rules, and deployment checks automatically
• Extending the dashboard with AI insights and anomaly detection without architecture drift

Copyable .cursorrules Configuration

.cursorrules
framework: React + Express + PostgreSQL
context: Cursor AI configuration for a revenue intelligence dashboard featuring pipeline forecasting, rep performance, quota tracking, and AI insights
rules:
  - section: Framework Role & Context
    text: You are a Cursor AI assistant for a full stack revenue dashboard using React on the client, Express on the server, and PostgreSQL as the data store. Provide concrete code blocks, API contracts, and security guidelines tailored to this stack.
  - section: Code Style and Style Guides
    text: Use TypeScript across client and server, ESLint with Airbnb rules, and Prettier. Enforce 2-space indentation, semicolons, explicit types, and consistent naming.
  - section: Architecture & Directory Rules
    text: Organize project with client/ and server/ roots. Server code lives under server/src, with controllers and routes; client code lives under client/src with components and pages. Use db/migrations for PostgreSQL migrations.
  - section: Authentication & Security Rules
    text: Implement JWT-based auth with HttpOnly cookies, refresh tokens, and server-side validation. Enforce CORS, HTTPS in production, and do not log PII or secrets.
  - section: Database and ORM patterns
    text: Use node-postgres (pg) with parameterized queries. Do not rely on an ORM. Define schema for accounts, pipelines, forecasts, reps, quotas, ai_insights. Use migrations in db/migrations.
  - section: Testing & Linting Workflows
    text: Unit tests with Jest; API integration tests with Supertest; run npm test. Run lint/type checks on precommit hooks and in CI.
  - section: Prohibited Actions and Anti-patterns
    text: Do not hardcode credentials. Do not bypass auth. Do not construct SQL via string concatenation. Do not trust client validation alone. Do not drift architecture by mixing concerns.

Recommended Project Structure

project-root/
  client/
    src/
      App.tsx
      index.tsx
      components/
        dashboards/
      pages/
  server/
    src/
      index.ts
      routes/
      controllers/
      models/
      services/
  db/
    migrations/

Core Engineering Principles

• Clear API contracts and explicit data shapes
• Type safety across client and server
• Secure by default: authentication, authorization, and data access controls
• Test-driven approach with unit, integration, and end-to-end considerations
• Idempotent, auditable operations and deterministic AI outputs
• Observability: structured logs, metrics, and tracing for the dashboard layer

Code Construction Rules

• Frontend uses React with TypeScript; components are pure and presentational where possible
• Backend uses Express with TypeScript; routes validate inputs and return stable shapes
• All database access uses parameterized queries via pg; avoid dynamic SQL concatenation
• Migrations live under db/migrations; sources of truth for schema changes
• API responses are typed; avoid leaking internal implementation details
• AI-driven code generation respects the least-privilege principle and data minimization

Security and Production Rules

• JWT tokens issued with short lifetimes; rotate tokens and store in HttpOnly cookies
• Server validates all inputs; server-side guards protect endpoints
• CORS configured for production domains; disable wildcards in production
• Encrypt sensitive data at rest where required; avoid logging secrets
• Use HTTPS in prod; containerize with non-root users and least privilege

Testing Checklist

• Unit tests for utilities, services, and reducers
• Integration tests for API routes with realistic mock data
• End-to-end considerations for dashboard rendering and AI spec inference
• Lint and type-check on CI; run migrations in test env
• Security tests for auth flows and input validation

Common Mistakes to Avoid

• Relying solely on client-side validation for security-critical paths
• Hardcoding secrets or credentials in code or commit history
• Mixing server and client concerns in the same directory without clear boundaries
• Using an ORM if not required, leading to unnecessary abstraction
• Ignoring migrations and evolving schema ad hoc in production

Related Cursor rules templates

Explore adjacent Cursor rules templates for similar stacks, workflows, and production constraints.

• Cursor Rules Template: SaaS Revenue Dashboard (MRR, ARR, Churn & Cohorts)
• Bug Tracking System Cursor Rules Template for Cursor AI
• Cursor Rules Template: Marketing Analytics Platform with Campaign Tracking, Attribution, Landing Page Analytics and AI Insights
• Cursor Rules Template: Team OKR Tracking Platform with Goals, Check-ins, Dashboards & AI Status Summaries

FAQ

What is the purpose of this Cursor Rules Template?

This template provides a copyable .cursorrules configuration and a practical project structure for a Revenue Intelligence Dashboard built on a React + Express + PostgreSQL stack. It guides Cursor AI to generate framework-aligned code, tests, security patterns, and deployment guidance.

Can I paste the .cursorrules block into my project root directly?

Yes. The block is designed to be pasted at the top level of your repository so Cursor AI can influence file generation, API contracts, and testing scaffolds for the stack described.

Which files should I expect Cursor AI to generate from this template?

Expect API surface definitions, data access patterns using pg, type-safe interfaces for pipelines and forecasts, authentication scaffolding, and test stubs. The AI will respect the architecture rules and security constraints defined in the block.

How do I extend this template for new dashboards?

Adapt the .cursorrules block with new use cases, data models, and UI components. Maintain the directory structure and ensure API contracts remain backward compatible for existing dashboards.

What about deployment and secrets?

Keep secrets in environment variables, use a secret manager in production, and ensure CI/CD pipelines inject them securely. The template emphasizes HTTPS, token rotation, and minimal data exposure.

Is testing integrated with Cursor AI generation?

Yes. The template includes guidance for unit, integration, and API testing. Cursor AI can scaffold Jest tests and API test suites aligned with the stack.