MeetHalf Project Development Rules

Guidelines and constraints for developing the MeetHalf application—a location-based meeting point finder built with React, Prisma, TypeScript, and Google Maps API.

Project Status

**Stage 0-2**: ✅ Complete

**Stage 3-4**: In development

**Stage 5-6**: Pending

Configuration

When working on this project, always use these settings:

**Frontend port**: 5173

**Backend port**: 3000

**Database**: SQLite (`dev.db`)

**Google Maps API key environment variable**: `VITE_GOOGLE_MAPS_JS_KEY`

Security Rules

Always enforce these security practices:

1. **Never commit `.env` files** — Environment files must remain in `.gitignore`

2. **Never commit `*.db` files** — Database files must remain in `.gitignore`

3. **Password hashing**: Use bcrypt with 10 rounds (`bcrypt.hash(password, 10)`)

4. **JWT storage**: Store JWT tokens in HttpOnly cookies only (not localStorage)

5. **CORS policy**: Only allow requests from `localhost:5173` and `127.0.0.1:5173`

Development Standards

Follow these conventions throughout the codebase:

1. **Language**: Use TypeScript for all source files

2. **API validation**: Validate all API payloads using Zod schemas

3. **Form handling**: Use `react-hook-form` for all frontend forms

4. **Database changes**: Use Prisma migrations for all schema modifications (`npx prisma migrate dev`)

Stage 4 Prerequisites

These database schema changes are already in place:

`Group.ownerId` — ready for authorization checks

`Member.lat`, `Member.lng`, `Member.address` — ready (numeric fields)

Instructions for AI Agent

When assisting with MeetHalf development:

1. **Check project stage** before making changes — do not implement features from future stages

2. **Validate security** — refuse any request that violates the security rules above

3. **Enforce TypeScript** — all new code must be strongly typed

4. **Use Zod for validation** — never accept unvalidated API input

5. **Follow Prisma workflow** — always generate migrations after schema changes

6. **Respect port configuration** — do not suggest alternative ports

7. **Environment variables** — remind user to set `VITE_GOOGLE_MAPS_JS_KEY` if Google Maps features are referenced

Example: Adding a New API Endpoint

```typescript

// 1. Define Zod schema for validation

import { z } from 'zod';

const CreateGroupSchema = z.object({

name: z.string().min(1).max(100),

ownerId: z.string().uuid(),

});

// 2. API route with validation

app.post('/api/groups', async (req, res) => {

try {

const data = CreateGroupSchema.parse(req.body);

// ... implementation

} catch (error) {

if (error instanceof z.ZodError) {

return res.status(400).json({ error: error.errors });

}

throw error;

}

});

```

Example: Database Schema Change

```bash

1. Edit schema.prisma

2. Generate migration

npx prisma migrate dev --name add_group_owner

3. Verify migration was created in prisma/migrations/

```

Common Tasks

**Start frontend**: `npm run dev` (port 5173)

**Start backend**: `npm start` (port 3000)

**Run migrations**: `npx prisma migrate dev`

**Generate Prisma client**: `npx prisma generate`

**View database**: `npx prisma studio`

MeetHalf Project Development Rules

MeetHalf Project Development Rules

Project Status

Configuration

Security Rules

Development Standards

Stage 4 Prerequisites

Instructions for AI Agent

Example: Adding a New API Endpoint

Example: Database Schema Change

1. Edit schema.prisma

2. Generate migration

3. Verify migration was created in prisma/migrations/

Common Tasks

Reviews (0)