backend-design
Backend Design
Workflow
Follow this systematic design process:
-
Requirements Analysis
- Gather functional requirements (features, operations)
- Define non-functional requirements (performance, scalability, availability)
- Identify constraints (budget, timeline, technology, compliance)
-
Architecture Selection
- Choose architecture pattern (monolith, microservices, serverless)
- Select technology stack based on requirements
- Define service boundaries and responsibilities
-
API Design
- Design RESTful endpoints with proper resource modeling
- Define request/response schemas and contracts
- Plan versioning strategy and documentation
- See api-design-guide.md for REST/GraphQL/gRPC patterns
-
Database Design
- Model entities and relationships
- Design schema with normalization
- Plan indexing and partitioning strategies
- See database-design.md for relational and NoSQL patterns
-
Security Design
- Design authentication flow (OAuth 2.0, JWT)
- Plan authorization model (RBAC, ABAC)
- Define data encryption and protection strategy
-
Scalability & Performance
- Design caching strategy (Redis, CDN)
- Plan load balancing and auto-scaling
- Define asynchronous processing with message queues
-
Documentation
- Create API specifications (OpenAPI/Swagger)
- Document architecture decisions with Mermaid diagrams
- Provide implementation guidelines and roadmap
Output Structure
Present your backend design with these sections:
- System Overview - High-level architecture, components, technology stack
- API Specification - Endpoints, schemas, authentication, OpenAPI docs
- Database Design - ERD, schema, indexes, migration plan
- Architecture Decisions - Service decomposition, communication patterns, consistency model
- Security Implementation - Authentication/authorization flows, encryption
- Scalability Plan - Load balancing, caching, database scaling, auto-scaling
- Deployment Architecture - Containers, infrastructure, CI/CD, monitoring
- Implementation Roadmap - Phases, milestones, dependencies, risks
Core Principles
- API-first approach - Design and document APIs before implementation
- Security by design - Build authentication, authorization, and encryption from the start
- Design for scalability - Plan for growth with caching, load balancing, and horizontal scaling
- Plan for failure - Include error handling, retries, circuit breakers, and graceful degradation
- Document thoroughly - Create clear API specs, Mermaid architecture diagrams, and implementation guides
Reference Files
Load additional resources based on specific needs:
-
Detailed Design Process: See backend-design-process.md for comprehensive step-by-step workflow with examples for API design, database modeling, authentication flows, and microservices patterns
-
API Design Guide: See api-design-guide.md when designing RESTful APIs, GraphQL schemas, or gRPC services - includes resource modeling, status codes, versioning strategies, and documentation
-
Database Design: See database-design.md for detailed guidance on relational and NoSQL database design, normalization, indexing, partitioning, and replication strategies
-
Best Practices: See best-practices.md for API design, database optimization, security hardening, performance tuning, and reliability patterns
-
Common Patterns: See common-patterns.md for code examples of repository pattern, service layer, dependency injection, and other architectural patterns
-
Example Projects: See examples.md for complete architecture examples including e-commerce systems, real-time chat applications, and microservices implementations
More from dauquangthanh/hanoi-rainbow
frontend-design-review
Conducts comprehensive frontend design reviews covering UI/UX design quality, design system validation, accessibility compliance, responsive design patterns, component library architecture, and visual design consistency. Evaluates design specifications, Figma/Sketch files, design tokens, interaction patterns, and user experience flows. Identifies usability issues, accessibility violations, design system deviations, and provides actionable recommendations for improvement. Produces detailed design review reports with severity-rated findings, visual examples, and implementation guidelines. Use when reviewing frontend designs, validating design systems, ensuring accessibility compliance, evaluating component libraries, assessing responsive designs, or when users mention design review, UI/UX review, Figma review, design system validation, accessibility audit, or frontend design quality.
276frontend-ui-ux-design
Creates comprehensive frontend UI/UX designs including user interfaces, design systems, component libraries, responsive layouts, and accessibility implementations. Produces wireframes, mockups, design specifications, and implementation guidelines. Use when designing user interfaces, creating design systems, building component libraries, implementing responsive designs, ensuring accessibility compliance, or when users mention UI design, UX design, interface design, design systems, user experience, or frontend design patterns.
168keycloak-administration
Provides comprehensive KeyCloak administration guidance including realm management, user/group administration, client configuration, authentication flows, identity brokering, authorization policies, security hardening, and troubleshooting. Covers SSO configuration, SAML/OIDC setup, role-based access control (RBAC), user federation (LDAP/AD), social login integration, multi-factor authentication (MFA), and high availability deployments. Use when configuring KeyCloak, setting up SSO, managing realms and clients, troubleshooting authentication issues, implementing RBAC, or when users mention "KeyCloak", "SSO", "OIDC", "SAML", "identity provider", "IAM", "authentication flow", "user federation", "realm configuration", or "access management".
165oracle-cloud
Provides comprehensive Oracle Cloud Infrastructure (OCI) guidance including compute instances, networking (VCN, load balancers, VPN), storage (block, object, file), database services (Autonomous Database, MySQL, NoSQL), container orchestration (OKE), identity and access management (IAM), resource management, cost optimization, and infrastructure as code (Terraform OCI provider, Resource Manager). Produces infrastructure code, deployment scripts, configuration guides, and architectural diagrams. Use when designing OCI architecture, provisioning cloud resources, migrating to Oracle Cloud, implementing OCI security, setting up OCI databases, deploying containerized applications on OKE, managing OCI resources, or when users mention "Oracle Cloud", "OCI", "Autonomous Database", "VCN", "OKE", "OCI Terraform", "Resource Manager", "Oracle Cloud Infrastructure", or "OCI migration".
82requirement-review
Conducts comprehensive requirements review including completeness validation, clarity assessment, consistency checking, testability evaluation, and standards compliance. Produces detailed review reports with findings, gaps, conflicts, and improvement recommendations. Use when reviewing requirements documents (BRD, SRS, user stories), validating acceptance criteria, assessing requirements quality, identifying gaps and conflicts, or ensuring standards compliance (IEEE 830, INVEST criteria). Trigger when users mention "review requirements", "validate requirements", "check requirements quality", "find requirement issues", or "assess BRD/SRS quality".
52architecture-design-review
Conducts comprehensive architecture design reviews including system design validation, architecture pattern assessment, quality attributes evaluation, technology stack review, and scalability analysis. Produces detailed review reports with findings, recommendations, and risk assessments. Use when reviewing software architecture designs, validating architecture decisions, assessing system scalability, evaluating technology choices, or when users mention architecture review, design assessment, technical review, or architecture validation.
41