First Project - johnpeterman72/CursorRIPER.sigma GitHub Wiki

๐ŸŽฏ Your First Project with CursorRIPERโ™ฆฮฃ

Let's build a real project using the framework - a simple task management API. This tutorial demonstrates the complete RIPER workflow.

๐Ÿ“‹ Project Overview

We'll build a REST API with:

  • User authentication
  • CRUD operations for tasks
  • Data validation
  • Error handling

๐Ÿ” Phase 1: Research Mode

Let's start by researching what we need:

/research

Now, let's gather requirements:

I need to build a task management API. What are the key components I should consider?

The framework will:

  • โœ… Read any existing code
  • โœ… Ask clarifying questions
  • โœ… Document findings in memory

Research Activities

  1. Define requirements:
What are the core features needed for a task management API?
- User registration and login
- Create, read, update, delete tasks
- Task status (pending, in-progress, completed)
- Due dates and priorities
  1. Check context:
!af package.json      # Add package file if exists
!ad src/             # Add source directory
  1. Memory is updated: The framework automatically updates:
  • ๐Ÿ“‹ projectbrief.md - Requirements captured
  • ๐Ÿ’ป techContext.md - Technology decisions

๐Ÿ’ก Phase 2: Innovate Mode

Switch to innovate mode to explore solutions:

/innovate

Ask for innovative approaches:

What modern approaches should we consider for authentication and data validation?

Innovation Activities

  1. Explore authentication options:
  • JWT tokens vs sessions
  • OAuth integration possibilities
  • Refresh token strategies
  1. Consider architecture patterns:
  • RESTful vs GraphQL
  • Microservices vs monolithic
  • Database choices (SQL vs NoSQL)
  1. Validation strategies:
  • Schema validation libraries
  • Custom validators
  • Error handling patterns

Context tracking:

!ac authenticationStrategy    # Track auth decisions
!adoc API Design Patterns     # Reference documentation

๐Ÿ“ Phase 3: Plan Mode

Time to create a concrete plan:

/plan

Request a detailed plan:

Create a detailed implementation plan for the task management API with authentication

The Plan (Generated)

## Implementation Plan: Task Management API

### Architecture
- Node.js + Express
- PostgreSQL database  
- JWT authentication
- Input validation with Joi

### Project Structure

src/ โ”œโ”€โ”€ controllers/ โ”‚ โ”œโ”€โ”€ auth.controller.js โ”‚ โ””โ”€โ”€ task.controller.js โ”œโ”€โ”€ middleware/ โ”‚ โ”œโ”€โ”€ auth.middleware.js โ”‚ โ””โ”€โ”€ validation.middleware.js โ”œโ”€โ”€ models/ โ”‚ โ”œโ”€โ”€ user.model.js โ”‚ โ””โ”€โ”€ task.model.js โ”œโ”€โ”€ routes/ โ”‚ โ”œโ”€โ”€ auth.routes.js โ”‚ โ””โ”€โ”€ task.routes.js โ”œโ”€โ”€ services/ โ”‚ โ”œโ”€โ”€ auth.service.js โ”‚ โ””โ”€โ”€ task.service.js โ”œโ”€โ”€ utils/ โ”‚ โ”œโ”€โ”€ database.js โ”‚ โ””โ”€โ”€ jwt.utils.js โ””โ”€โ”€ app.js


### Implementation Steps
1. Set up project structure
2. Configure database connection
3. Create user model and authentication
4. Implement JWT token generation
5. Create task model and CRUD operations
6. Add validation middleware
7. Implement error handling
8. Add tests

Protection markers added:

!cp Critical sections identified for protection

โš™๏ธ Phase 4: Execute Mode

Now let's implement the plan:

/execute

Execute the Plan

  1. Set up project structure:
Create the project structure according to the plan

The AI will create files following the plan exactly.

  1. Implement authentication:
// !cp PROTECTED - JWT Secret Configuration
const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key';
// !cp END-P

// !cc CRITICAL - User Authentication
async function authenticateUser(email, password) {
    const user = await User.findOne({ email });
    if (!user || !await bcrypt.compare(password, user.password)) {
        throw new Error('Invalid credentials');
    }
    return generateToken(user);
}
// !cc END-C
  1. Track implementation:
!af src/controllers/auth.controller.js
!ac authenticateUser()

Key Implementation Rules in Execute Mode

  • โœ… Can create and modify files
  • โœ… Must follow the plan exactly
  • โŒ Cannot deviate or "improve"
  • โŒ Cannot search web (stay focused)

๐Ÿ”Ž Phase 5: Review Mode

Finally, let's review our work:

/review

Review Activities

  1. Check implementation against plan:
Review the implementation against our plan. Are all components implemented correctly?
  1. Verify protection:
Check that all critical code sections are properly protected
  1. Review findings:
  • โœ… All planned components implemented
  • โœ… Authentication working correctly
  • โœ… CRUD operations complete
  • โš ๏ธ Missing: Rate limiting (not in original plan)

๐Ÿ“Š Project Completion

Memory Bank Status

After completing the project, your memory bank contains:

  1. ๐Ÿ“‹ projectbrief.md

    • Complete requirements
    • Success criteria
    • Scope definition
  2. ๐Ÿ›๏ธ systemPatterns.md

    • API architecture
    • Design patterns used
    • Component relationships
  3. ๐Ÿ’ป techContext.md

    • Technology stack
    • Dependencies
    • Environment setup
  4. ๐Ÿ”ฎ activeContext.md

    • Current focus areas
    • Protected code sections
    • Active file references
  5. ๐Ÿ“Š progress.md

    • Completed features
    • Test results
    • Outstanding items

๐ŸŽ“ Lessons Learned

  1. Research First - Gather all requirements before designing
  2. Innovate Freely - Explore options without committing
  3. Plan Thoroughly - Detailed plans make execution smooth
  4. Execute Faithfully - Stick to the plan, no surprises
  5. Review Honestly - Catch issues before deployment

๐Ÿš€ Next Steps

Enhance Your Project

  1. Add more features:

    • User roles and permissions
    • Task sharing and collaboration
    • Email notifications
  2. Improve security:

    !cp Mark more sections as PROTECTED
    !cg Add GUARDED sections for sensitive logic
    
  3. Expand context:

    !af test/auth.test.js    # Add test files
    !ad docs/               # Add documentation
    

Try These Exercises

  1. Protection Practice:

    • Add protection to database queries
    • Guard configuration files
    • Mark critical business logic
  2. Context Management:

    • Create focused contexts for features
    • Use mode-specific contexts
    • Clear irrelevant context
  3. Permission Testing:

    • Try forbidden operations in each mode
    • Understand permission boundaries
    • Practice safe mode transitions

๐Ÿ“š Further Learning

๐ŸŽ‰ Congratulations!

You've completed your first project with CursorRIPERโ™ฆฮฃ! You now understand:

  • โœ… The complete RIPER workflow
  • โœ… How to protect critical code
  • โœ… Context management basics
  • โœ… Permission boundaries
  • โœ… Memory bank usage

Ready for More?


โ† Quick Start | Home | Basic Workflow โ†’