🚀 Capstone Project: DevXPro – A Next.js-Powered Developer Portfolio and CMS with AI Enhancements

[akash-coded]

🚀 Capstone Project: DevXPro – A Next.js-Powered Developer Portfolio and CMS with AI Enhancements

🔥 Why This Project?

In real-world projects, Next.js is used for performance-driven, scalable, and highly interactive applications. Clients expect:

1. SEO-friendly websites for better reach.
2. Dynamic & static content handling for flexibility.
3. Full-stack capabilities with APIs, databases, and authentication.
4. AI-powered features for smart recommendations.
5. Scalable architecture for enterprise-level demands.
6. Performance optimizations & security for real-world deployments.

This project DevXPro is an AI-enhanced Developer Portfolio & CMS, allowing users to:

• Showcase projects, blogs, and skills dynamically.
• Use AI-powered project recommendations.
• Enable Markdown-based CMS for easy content updates.
• Optimize for SEO, SSR, and ISR.
• Implement multi-user authentication.
• Scale for real-world client needs.

---

🛠️ Tech Stack

• Frontend: Next.js (App Router), Tailwind CSS, Framer Motion
• Backend: Next.js API Routes, Prisma ORM, PostgreSQL
• Authentication: NextAuth.js
• CMS: Markdown & MDX support
• AI Integration: OpenAI API for smart content generation
• Storage: Cloudinary (Image Uploads)
• Caching & Performance: SWR, Redis
• Security: JWT, Rate Limiting
• Deployment: Vercel + PostgreSQL (Supabase)

---

📌 Features Covered

Concept	Implementation in Project
App Router	Server Components, Parallel Routes
Dynamic Routing	[id].js, [...slug].js, [[...slug]].js
SSR, ISR, SSG	Real-world optimizations
Full-stack Next.js	API Routes, Prisma ORM
Authentication	NextAuth with OAuth, JWT
CMS Features	Markdown + MDX Support
AI Integration	GPT-powered project suggestions
Performance Optimization	SWR, Caching, Lazy Loading
Security	Rate Limiting, CSRF Protection
Deployment	Vercel with PostgreSQL

---

📡 2. Backend - API & Database

Using Next.js API Routes + Prisma ORM + PostgreSQL:

• Projects API: GET /api/projects, POST /api/projects
• Blog API: GET /api/blogs, POST /api/blogs
• User Auth API: Secure OAuth & JWT handling

---

🔑 3. Authentication & Role Management

Using NextAuth.js for:

• Google, GitHub OAuth login
• JWT-based session management
• Role-based access: admin, editor, viewer

---

📖 4. AI-Powered Smart Features

• AI-powered Project Suggestions
  • GPT-4 analyzes past projects & skills → suggests new ones.
• Smart Blog Summarization
  • AI generates meta-descriptions & SEO keywords.

---

🚀 5. Real-time CMS with Markdown & MDX

• Headless CMS approach (Markdown + MDX)
• Live Preview of content before publishing
• Image uploads handled via Cloudinary API
• Tagging & Categorization for SEO optimization

---

🚀 6. Performance Optimization & Caching

• Incremental Static Regeneration (ISR) for blogs.
• SWR for data fetching – ensures always fresh content.
• Lazy loading & code splitting for better Lighthouse scores.
• Redis caching for API responses.

---

🔒 7. Security Enhancements

• Rate Limiting using express-rate-limit
• CSRF protection
• JWT-based API authentication
• Environment variable management for secrets

---

📌 Hands-on Coding Examples

🔥 Dynamic Project Pages ([id].js)

import { useRouter } from "next/router";
import { getProjectById } from "@/lib/projects";
export default function ProjectPage({ project }) {
  return <h1>{project.title}</h1>;
}
export async function getStaticPaths() {
  const projects = await getAllProjects();
  return {
    paths: projects.map((p) => ({ params: { id: p.id.toString() } })),
    fallback: "blocking",
  };
}
export async function getStaticProps({ params }) {
  const project = await getProjectById(params.id);
  return { props: { project }, revalidate: 10 };
}

---

🔥 AI-Powered Project Suggestions

import { useState } from "react";
export default function AIProjectSuggester() {
  const [suggestions, setSuggestions] = useState([]);
  async function fetchAIProjects() {
    const res = await fetch("/api/ai-projects");
    const data = await res.json();
    setSuggestions(data);
  }
  return (
    <div>
      <button onClick={fetchAIProjects}>Get AI Project Ideas</button>
      <ul>{suggestions.map((s) => <li key={s}>{s}</li>)}</ul>
    </div>
  );
}

---

🔥 Markdown-Powered CMS

import ReactMarkdown from "react-markdown";
export default function BlogPost({ content }) {
  return <ReactMarkdown>{content}</ReactMarkdown>;
}

---

🚀 Deployment Strategy

• Database: Supabase (PostgreSQL)
• Backend Hosting: Vercel
• Image Storage: Cloudinary
• Monitoring & Logging: Sentry

---

🎯 Final Deliverables

✅ SEO-friendly, AI-powered, full-stack Next.js project
✅ Scalable, real-world architecture
✅ Includes authentication, CMS, AI, & performance optimizations
✅ Handles real-world client use cases
✅ Production-ready & optimized

---

🚀 Summary: Why This is a Game-Changer?

This project simulates a real-world client request: ✅ A portfolio site with a CMS
✅ AI-enhanced features for personalization
✅ Authentication, Security, and Performance optimizations
✅ Handles dynamic & static content with modern Next.js patterns

This is not just another portfolio—it's a full-stack, AI-powered, enterprise-grade Next.js application 💪🔥.

---

🚀 Capstone Project: DevXPro – AI-Powered Developer Portfolio & CMS

🎯 Project Overview

Imagine you're the sole developer responsible for delivering DevXPro, a full-stack, AI-powered developer portfolio and CMS. The client wants a feature-rich application that:

1. Showcases projects & blogs dynamically for developers.
2. Uses AI to suggest projects based on previous work.
3. Supports Markdown-based CMS for easy content management.
4. Handles authentication for multiple user roles.
5. Optimizes performance with ISR, caching, and SWR.
6. Implements real-world security (JWT, rate limiting, CSRF).
7. Deploys efficiently on a scalable cloud infrastructure.

This is not just another portfolio—it's a scalable, real-world, production-ready Next.js application.

---

📌 Phase 1: Project Planning & Architecture

Tech Stack

Before you start coding, ensure you choose the right tech:

• Frontend: Next.js (App Router, Server Components)
• Styling: Tailwind CSS + Framer Motion (for animations)
• Backend: Next.js API Routes with Prisma ORM (PostgreSQL)
• Authentication: NextAuth.js with OAuth & JWT
• CMS: Markdown + MDX Support
• AI Integration: OpenAI API (GPT-4) for smart content generation
• Caching & Performance: SWR, Redis
• Security: Rate Limiting, CSRF, JWT-based protection
• Storage: Cloudinary (for images)
• Deployment: Vercel + Supabase (PostgreSQL)

System Architecture

graph TD;
  User-->Frontend;
  Frontend-->API[Next.js API Routes];
  API-->Database[PostgreSQL (Supabase)];
  API-->Auth[NextAuth.js];
  API-->AI[GPT-4 API for project suggestions];
  API-->CMS[Markdown-based CMS];
  Frontend-->Storage[Cloudinary for Image Uploads];
  Frontend-->Cache[Redis/SWR];
  API-->Security[JWT, Rate Limiting, CSRF Protection];

Loading

---

📌 Phase 2: Implementing the Frontend

✅ Task 1: Building the Homepage (/)

• Features:
  • Fetch featured projects & blogs dynamically.
  • Show an AI-powered project suggestion section.
  • Implement dark mode with Tailwind’s theme support.
  • Use Framer Motion for smooth animations.

Implementation Details

1. Fetch featured projects from the API (/api/projects).
2. Render project cards dynamically.
3. Implement AI-powered project suggestions.
4. Apply lazy loading for images & animations.

Code Implementation

import { useState, useEffect } from "react";
import { fetchProjects } from "@/lib/projects";
import { fetchAIProjects } from "@/lib/ai";

export default function HomePage() {
  const [projects, setProjects] = useState([]);
  const [aiSuggestions, setAiSuggestions] = useState([]);

  useEffect(() => {
    async function loadProjects() {
      setProjects(await fetchProjects());
    }
    async function loadAIProjects() {
      setAiSuggestions(await fetchAIProjects());
    }
    loadProjects();
    loadAIProjects();
  }, []);

  return (
    <div className="container">
      <h1 className="text-4xl font-bold">Welcome to DevXPro</h1>
      <section>
        <h2 className="text-2xl">Featured Projects</h2>
        {projects.map((p) => <ProjectCard key={p.id} project={p} />)}
      </section>
      <section>
        <h2 className="text-2xl">AI-Powered Suggestions</h2>
        {aiSuggestions.map((s, i) => <p key={i}>{s}</p>)}
      </section>
    </div>
  );
}

---

✅ Task 2: Dynamic Project Pages (/projects/[id])

• Features:
  • Fetch project details dynamically from the API.
  • Implement Incremental Static Regeneration (ISR).
  • Show related projects using AI recommendations.

Implementation Details

1. Use getStaticPaths() to generate project pages dynamically.
2. Use getStaticProps() to fetch project data.
3. Enable ISR to regenerate pages every 10 minutes.
4. Add an AI-recommended projects section.

Code Implementation

import { useRouter } from "next/router";
import { getProjectById } from "@/lib/projects";

export default function ProjectPage({ project }) {
  return (
    <div>
      <h1>{project.title}</h1>
      <p>{project.description}</p>
    </div>
  );
}

export async function getStaticPaths() {
  const projects = await getAllProjects();
  return {
    paths: projects.map((p) => ({ params: { id: p.id.toString() } })),
    fallback: "blocking",
  };
}

export async function getStaticProps({ params }) {
  const project = await getProjectById(params.id);
  return { props: { project }, revalidate: 10 };
}

---

📌 Phase 3: Backend API & Database

✅ Task 3: API for Managing Projects (/api/projects)

• Features:
  • Support GET, POST, PUT, DELETE for projects.
  • Protect POST and DELETE routes using JWT authentication.
  • Integrate Prisma ORM with PostgreSQL.

Code Implementation

import { NextApiRequest, NextApiResponse } from "next";
import prisma from "@/lib/prisma";
import { authMiddleware } from "@/lib/auth";

export default async function handler(req: NextApiRequest, res: NextApiResponse) {
  if (req.method === "GET") {
    const projects = await prisma.project.findMany();
    return res.json(projects);
  }
  
  if (req.method === "POST") {
    await authMiddleware(req, res);
    const { title, description } = req.body;
    const project = await prisma.project.create({ data: { title, description } });
    return res.status(201).json(project);
  }

  return res.status(405).json({ error: "Method not allowed" });
}

---

📌 Phase 4: Authentication & Security

✅ Task 4: Implementing Authentication with NextAuth.js

• Features:
  • OAuth login via Google/GitHub.
  • JWT-based session management.
  • Protect admin routes.

Code Implementation

import NextAuth from "next-auth";
import Providers from "next-auth/providers";

export default NextAuth({
  providers: [
    Providers.Google({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET }),
  ],
  secret: process.env.JWT_SECRET,
  session: { jwt: true },
});

---

📌 Phase 5: AI Features

✅ Task 5: AI-Powered Project Recommendations

• Features:
  • Analyze user's past projects.
  • Suggest new project ideas using GPT-4.

Code Implementation

import { Configuration, OpenAIApi } from "openai";
const config = new Configuration({ apiKey: process.env.OPENAI_API_KEY });
const openai = new OpenAIApi(config);

export default async function handler(req, res) {
  const response = await openai.createCompletion({
    model: "gpt-4",
    prompt: `Suggest 3 innovative project ideas for a developer specializing in React and Next.js.`,
    max_tokens: 50,
  });
  res.json(response.data.choices.map((c) => c.text));
}

---

📌 Phase 6: Deployment & Optimization

✅ Task 6: Deployment Strategy

• Database: Supabase (PostgreSQL)
• Hosting: Vercel
• Image Storage: Cloudinary
• Monitoring & Logging: Sentry

---

🎯 Summary

✅ Full-stack, AI-powered Next.js project
✅ Authentication, security, caching, and real-world API handling
✅ CMS with Markdown, dynamic routing, ISR, and AI integrations
✅ Scalable, production-ready, deployable on Vercel

---

🚀 DevXPro: The Ultimate Full-Stack Next.js Capstone Project

Now that we have a clear roadmap and working components, let's dive deeper into the nitty-gritty details. We'll go over best practices, common pitfalls, optimizations, checklists, and hints to ensure that this project is production-grade and ready for real-world deployment.

---

📌 Phase 7: Fine-Tuning the Frontend

✅ Task 7: Optimize UI & User Experience

A developer's portfolio is not just functional but also visually appealing. Clients often request:

• Dark Mode & Theme Toggle: Implement a Tailwind-based theme switcher.
• Smooth Page Transitions: Use Framer Motion for animations.
• Responsive Design: Ensure mobile-first development.
• Lazy Loading Images & Assets: Use next/image with loading="lazy".

💡 Hints for Smooth Animations

• Use framer-motion for page transitions.
• Animate elements on page load:

  import { motion } from "framer-motion";
  const Page = () => {
  
  return (
  
  <motion.div initial={{ opacity: 0 }} animate={{ opacity: 1 }} transition={{ duration: 0.5 }}>
  
  <h1 className="text-4xl">Welcome to DevXPro</h1>
  
  </motion.div>
  
  );
  
  };
  
  

• Animate text while scrolling:

  <motion.h1 whileInView={{ scale: 1.1 }}>Scroll-triggered Animation</motion.h1>
  

---

📌 Phase 8: Implementing Advanced Next.js Features

✅ Task 8: Optimizing Data Fetching

One of the biggest mistakes Next.js developers make is improper data fetching, leading to performance issues. Follow these rules:

Scenario	Method to Use
SEO-sensitive pages (Blogs, Projects)	getStaticProps() + ISR
User-specific data (Auth, Dashboards)	getServerSideProps()
Frequently updating data	SWR with API routes
AI-generated suggestions	Client-side API call

💡 Code Hint: Dynamic Imports for Performance

import dynamic from "next/dynamic";
const HeavyComponent = dynamic(() => import("@/components/HeavyComponent"), { ssr: false });

---

📌 Phase 12: Deployment & Security

✅ Task 12: Secure Deployment Checklist

Before deploying to Vercel, follow these steps:

✔ Sanitize API Inputs (escape() for SQL queries).
✔ Rate-limit APIs (use express-rate-limit).
✔ Use HTTPS & secure cookies.
✔ Avoid hardcoded credentials (use dotenv).
✔ Implement Content Security Policy (CSP).

💡 Code Hint: Secure Headers in next.config.js

module.exports = {
  async headers() {
    return [
      {
        source: "/(.*)",
        headers: [
          { key: "X-Content-Type-Options", value: "nosniff" },
          { key: "Referrer-Policy", value: "no-referrer-when-downgrade" },
        ],
      },
    ];
  },
};

---

🎯 Do's and Don'ts for a Professional Codebase

✅ Do’s

✔ Follow Next.js’s best practices (ISR, SSR, CSR usage).
✔ Use TypeScript for better type safety.
✔ Implement SEO best practices (next/head, schema markup).
✔ Write unit tests (Jest, Cypress).
✔ Keep API calls minimal to reduce latency.
✔ Use Eslint & Prettier for consistent formatting.

---

❌ Don’ts

❌ Store JWTs in localStorage (use httpOnly cookies instead).
❌ Hardcode API keys in frontend (use Next.js environment variables).
❌ Fetch all data on the client-side (use ISR/SSG instead).
❌ Forget error handling (always return JSON { error: "message" }).
❌ Ignore security headers & rate-limiting.

---

🎯 Final Takeaways

🚀 You’re now equipped to build a full-stack, AI-powered, production-grade Next.js application!

• ✅ This project mimics a real-world SaaS application.
• ✅ It implements authentication, CMS, AI features, security, and optimizations.
• ✅ Deployable on Vercel with a solid database and caching layer.

🔥 Next steps? Write unit tests, document your API, and deploy it! 💪
Remember: The difference between an average and a great developer is in the attention to details & optimizations! 🚀

[akash-coded]

INDUSTRIAL CAPSTONE PROJECT DOCUMENT
Project Code: DXPRO-MVP-2024
Version: 1.2
Issued To: [Software Development Vendor]
Delivery Deadline: 7 Calendar Days
GitHub Reference: #49

---

TECHNICAL REQUEST FOR PROPOSAL (RFP)

1. Project Overview

Product Name: DevXPro
Category: AI-Enhanced Developer Portfolio Platform with CMS
Objective: Build a production-ready MVP combining Next.js full-stack capabilities with AI-driven personalization and enterprise-grade security.

2. Key Requirements

Category	Mandatory Features	Acceptance Criteria
Core Functionality	• Dynamic project/blog showcase • Role-based authentication (Admin/Editor/Viewer) • Markdown/MDX CMS with live preview	Functional CRUD operations via UI SSO via Google/GitHub WYSIWYG Markdown editor
AI Features	• GPT-4 project recommendations • Automated SEO meta-generation	Minimum 3 relevant suggestions per query SEO keywords in page metadata
Performance	• ISR for blog pages • Redis caching • Lighthouse score >90	Revalidation ≤10s API response time <300ms
Security	• JWT authentication • CSRF protection • Rate limiting	OWASP Top 10 compliance ≤5 API calls/minute from single IP
Deployment	Vercel-hosted with Supabase PostgreSQL	Zero-downtime deployment CI/CD pipeline

3. Technical Specifications

Frontend:

• Next.js 14 (App Router)
• TypeScript 5.x
• Tailwind CSS + Shadcn UI
• Framer Motion 10.x

Backend:

• Next.js API Routes
• Prisma 5.x + PostgreSQL
• Redis 7.x caching

AI/ML Stack:

• OpenAI GPT-4 API
• LangChain integration

DevOps:

• Vercel Deployment
• Cloudinary Image CDN
• Sentry Monitoring

4. Deliverables

Item	Format	Deadline
Complete Codebase	GitHub Repo with CI/CD	Day 7
System Documentation	README.md with: • Architecture diagram • API spec (OpenAPI 3.0) • Deployment guide	Day 7
Quality Assurance	Jest/Cypress test cases (≥80% coverage)	Day 6
Operational Evidence	Screenshots of: • CMS interface • AI recommendations • Lighthouse audit	Day 7

**5. Timeline & Milestones

gantt
    title DevXPro MVP Timeline
    dateFormat  YYYY-MM-DD
    section Core Development
    Architecture Setup           :a1, 2024-03-01, 1d
    Auth System Implementation   :a2, after a1, 2d
    CMS Development              :a3, after a2, 3d
    AI Integration               :a4, after a3, 2d
    section QA
    Performance Testing          :2024-03-06, 1d
    Security Audit               :2024-03-07, 1d

Loading

6. Compliance Requirements

1. GDPR-compliant data handling
2. MIT License for open-source components
3. PCI-DSS Level 4 security for payment gateways (future scope)
4. Automated vulnerability scanning using Snyk

---

TECHNICAL PROJECT SPECIFICATION

1. System Architecture

flowchart TD
    A[Client] --> B[Next.js Edge Network]
    B --> C[API Routes]
    C --> D[(PostgreSQL)]
    C --> E[Redis Cache]
    C --> F[Cloudinary CDN]
    C --> G[OpenAI API]
    D --> H[SupaBase]
    B --> I[Auth.js Session]
    I --> J[Google OAuth]
    I --> K[GitHub OAuth]

Loading

2. Feature Implementation Matrix

2.1 Authentication Module

Component	Tech Stack	Validation Criteria
OAuth Providers	NextAuth.js	≥2 social logins functional
JWT Management	iron-session	HttpOnly cookies with ≤1hr expiry
Role Management	PostgreSQL ENUM	Admin portal access control

Code Sample - Role Middleware:

export const requireAdmin = (handler: NextApiHandler) => async (
  req: NextApiRequest,
  res: NextApiResponse
) => {
  const session = await getSession({ req });
  if (session?.user.role !== 'ADMIN') {
    return res.status(403).json({ error: 'Access denied' });
  }
  return handler(req, res);
};

2.2 AI Recommendation Engine

Workflow:

1. User views ≥3 projects
2. System analyzes tech stack (Python/JS/Go)
3. GPT-4 suggests complementary projects
4. Redis caches suggestions for 24hrs

Prompt Engineering Guidelines:

As a senior developer with expertise in {USER_SKILLS}, suggest 3 innovative project ideas that:
- Combine {TECH1} and {TECH2}
- Address real-world problems in {DOMAIN}
- Use modern architecture patterns
- Have clear business value

2.3 Performance Optimization

Caching Strategy:

// pages/api/projects/[id].ts
export default async function handler(req, res) {
  const cacheKey = `project:${req.query.id}`;
  const cached = await redis.get(cacheKey);
  
  if (cached) {
    return res.json(JSON.parse(cached));
  }

  const data = await prisma.project.findUnique(...);
  await redis.setex(cacheKey, 3600, JSON.stringify(data));
  res.json(data);
}

ISR Configuration:

// pages/blogs/[slug].tsx
export async function getStaticProps({ params }) {
  const post = await getBlogPost(params.slug);
  return { props: { post }, revalidate: 10 };
}

3. Security Protocol

Threat Mitigation Table:

Risk	Solution	Verification Method
XSS Attacks	DOMPurify sanitization	OWASP ZAP Scan
SQL Injection	Prisma parameterization	Manual Query Audit
Brute Force	Rate limiting (5 req/min)	Load Testing
CSRF	SameSite cookies + CORS	Postman Security Tests

Security Headers Configuration:

// next.config.js
headers: [
  {
    source: '/(.*)',
    headers: [
      { key: 'X-Frame-Options', value: 'DENY' },
      { key: 'Content-Security-Policy', 
        value: "default-src 'self'; script-src 'self' 'unsafe-eval'" }
    ],
  },
]

4. Quality Assurance

Test Matrix:

Test Type	Tools	Coverage Target
Unit Tests	Jest	≥80% Components
E2E Tests	Cypress	All Critical User Journeys
Load Test	k6	100 RPS Sustain
Accessibility	axe-core	WCAG 2.1 AA

Sample Cypress Test:

describe('CMS Workflow', () => {
  it('Creates draft blog post', () => {
    cy.loginAsEditor();
    cy.visit('/cms');
    cy.get('#post-title').type('Next.js Optimization Guide');
    cy.get('#publish-btn').click();
    cy.contains('Draft saved');
  });
});

5. Deployment Checklist

1. Vercel Project Configuration
   • Enable ISR
   • Set ENV variables (DB_URL, OPENAI_KEY)
2. Supabase Setup
   • Create tables via Prisma migration
   • Enable Row Level Security
3. Cloudinary Integration
   • Configure upload presets
   • Set CDN cache invalidation rules
4. Monitoring
   • Sentry error tracking
   • Vercel Analytics

---

ACCEPTANCE CRITERIA

1. Functional MVP meeting all RFP requirements
2. Passing security audit with zero critical vulnerabilities
3. Comprehensive documentation including:
   • System architecture diagram
   • API reference with Postman collection
   • Disaster recovery plan
4. 100% code review coverage
5. Successful deployment to Vercel production environment

Terms & Conditions
• All code must be MIT licensed
• Vendor retains no IP rights
• Penalty clause: 5% daily for delays

Authorized Signature:

---

[Client Representative]
Date: [DD/MM/YYYY]

[Vendor Acknowledgment]

---

[Vendor Representative]
Date: [DD/MM/YYYY]

---

END OF DOCUMENT
This RFP valid for 14 days from issue date

[akash-coded]

EXPANDED FRONT-END TECHNICAL REQUIREMENTS
Next.js 14 Implementation Specification

---

1. Core Next.js Implementation Requirements

1.1 App Router Architecture

flowchart LR
    app/
    --> layout.tsx[(Root Layout)]
    --> page.tsx[(Homepage)]
    --> (auth)/
        --> layout.tsx[(Auth Layout)]
        --> login/
            --> page.tsx
    --> (cms)/
        --> [[...slug]]/
            --> page.tsx
    --> projects/
        --> [id]/
            --> page.tsx

Loading

Mandatory Implementation:

• Implement Parallel Routes for admin dashboard widgets
• Use Intercepting Routes for modal-based project previews
• Route Groups for auth (/(auth)) and CMS (/(cms)) sections
• Dynamic Error Boundaries per route segment
• Suspense Boundaries with skeleton loaders for all data-fetching components

1.2 Server Components Implementation

// app/projects/[id]/page.tsx
export default async function ProjectPage({ params }: { params: { id: string }}) {
  const project = await prisma.project.findUnique({
    where: { id: params.id },
    include: { tags: true }
  });

  return (
    <article>
      <h1>{project.title}</h1>
      <ProjectViewer content={project.content} />
      <AISuggestions projectId={params.id} />
    </article>
  );
}

Key Requirements:

• Minimum 70% Server Components usage
• Direct database access from components via Prisma
• Streaming for long-running AI operations
• Dynamic OG image generation using @vercel/og

---

2. UI Component Catalog

2.1 Core Components

Component	Tech Stack	Key Features
ProjectCard	Tailwind + Framer Motion	Hover scaling, Lazy image load
CMSDashboard	Shadcn UI + Tiptap	Real-time MDX preview, Drag-n-drop
AISuggestionWidget	OpenAI API + LangChain	Context-aware suggestions, Feedback loop
SkillCloud	D3.js + WebGL	3D skill visualization, Zoom interaction

2.2 Animation Implementation

// components/AnimatedCard.tsx
import { motion } from 'framer-motion';

export default function AnimatedCard() {
  return (
    <motion.div
      initial={{ opacity: 0, y: 20 }}
      animate={{ opacity: 1, y: 0 }}
      transition={{ 
        type: "spring",
        stiffness: 100,
        damping: 20 
      }}
    >
      <Card />
    </motion.div>
  );
}

Animation Requirements:

• Page transition animations (Framer Motion)
• Scroll-triggered element reveals
• AI suggestion loading shimmer effects
• Interactive 3D model viewer for projects

---

3. Routing & Data Flow

3.1 Dynamic Routing Matrix

Route Pattern	Implementation	Data Fetching
/projects/[id]	SSG + ISR	getStaticProps + getStaticPaths
/blog/[...slug]	SSR	getServerSideProps
/dashboard/[[...panel]]	Client-side	SWR + React Query
/api/ai/suggestions	Edge Runtime	Vercel Edge Functions

3.2 Data Fetching Strategy

// Implementation matrix for data handling
┌───────────────┬────────────────────┬────────────────────────┐
│  Page Type    │  Data Requirement  │  Next.js Solution      │
├───────────────┼────────────────────┼────────────────────────┤
│ Landing Page  │ CMS Content        │ SSG + ISR              │
│ Project Page  │ User-specific View │ Client-side Fetching   │
│ Admin Dashboard│ Real-time Stats   │ Server Actions         │
│ Blog System   │ Dynamic Comments   │ React Query + WebSockets│
└───────────────┴────────────────────┴────────────────────────┘

---

4. Performance Optimization

4.1 Critical Rendering Path

// next.config.js
module.exports = {
  experimental: {
    optimizePackageImports: [
      '@radix-ui/react-dropdown-menu',
      '@tremor/react'
    ],
    instrumentationHook: true
  },
}

Optimization Requirements:

• Achieve LCP < 1.2s using:
  • Next.js Font Optimization
  • Priority Image Preloading
  • Dynamic Route Prefetching
• Implement Partial Prerendering (Next.js 14.1+ experimental)
• Use Code Splitting for heavy components:

  const HeavyEditor = dynamic(
    () => import('@/components/MDXEditor'),
    { ssr: false, loading: () => <Skeleton /> }
  );

4.2 Image Handling

// components/OptimizedImage.tsx
import Image from 'next/image';

export default function OptimizedImage({ src, alt }) {
  return (
    <Image
      src={src}
      alt={alt}
      width={800}
      height={600}
      placeholder="blur"
      blurDataURL="data:image/png;base64,..."
      quality={85}
      priority={isAboveFold}
    />
  );
}

Image Requirements:

• WebP format conversion using Cloudinary
• Adaptive image sizing based on device
• Lazy loading for below-the-fold images
• AVIF support for modern browsers

---

5. AI Integration Front-End

5.1 Real-Time AI Suggestions

// components/AIRecommendation.tsx
'use client';

export default function AIRecommendation() {
  const { data, error } = useSWR('/api/ai/suggestions', fetcher, {
    revalidateOnFocus: false,
    onSuccess: (data) => {
      localStorage.setItem('lastSuggestions', JSON.stringify(data));
    }
  });

  return (
    <div className="ai-panel">
      <h3>Suggested Projects</h3>
      <div className="suggestions-grid">
        {data?.map((suggestion, index) => (
          <AICard 
            key={index}
            suggestion={suggestion}
            onFeedback={(rating) => handleFeedback(rating)}
          />
        ))}
      </div>
    </div>
  );
}

AI Requirements:

• Context-aware suggestion generation
• Client-side caching with localStorage
• Feedback loop integration
• Loading states for AI operations

---

6. Security Implementation

6.1 Client-Side Security

// middleware.ts
export { default } from "next-auth/middleware";

export const config = {
  matcher: [
    "/cms/:path*",
    "/api/protected/:path*"
  ],
};

// Additional CSP headers
Content-Security-Policy: 
  "default-src 'self';
   script-src 'self' 'unsafe-inline' *.vercel.app;
   style-src 'self' 'unsafe-inline';
   img-src 'self' data: res.cloudinary.com;
   connect-src 'self' *.openai.com"

Security Requirements:

• Strict CSP headers
• XSS protection via DOMPurify
• CSRF tokens for all form submissions
• Rate limiting visible in UI
• Session timeout handling

---

7. Documentation & Testing

7.1 Testing Matrix

// cypress/e2e/cms.cy.ts
describe('CMS Workflow', () => {
  beforeEach(() => {
    cy.loginAsEditor();
  });

  it('Creates new project with AI suggestions', () => {
    cy.visit('/cms/projects/new');
    cy.get('#ai-suggest').click();
    cy.get('.suggestion-card').first().click();
    cy.get('#project-title').should('have.value', 'AI Suggested Project');
  });
});

Testing Requirements:

• 100% coverage for core components
• Visual regression testing
• Lighthouse CI integration
• API contract testing

---

8. Deployment Configuration

8.1 Vercel Specific Settings

# vercel.json
{
  "buildCommand": "npm run build",
  "outputDirectory": ".next",
  "framework": "nextjs",
  "regions": ["fra1"],
  "experimental": {
    "serverComponentsExternalPackages": ["@prisma/client"]
  }
}

Deployment Requirements:

• Zero-downtime deployments
• Preview environments per PR
• Automatic Redis connection pooling
• Health check endpoints
• Logging integration with OpenTelemetry

---

IMPLEMENTATION CHECKLIST
✅ Next.js 14+
✅ Hybrid Rendering (SSG/SSR/ISR)
✅ Server Actions for CMS operations
✅ Edge Runtime for AI endpoints
✅ Component-level error boundaries
✅ Dynamic OG image generation
✅ WebSocket integration for real-time CMS
✅ Automated accessibility testing

[akash-coded]

USER STORIES & TIME ALLOCATION FOR NEXT.JS DEVELOPER
(Total Available Time: 40 Hours)

---

1. Authentication Module

Method: NextAuth.js + iron-session

User Story	Acceptance Criteria	Time (Hrs)	Priority
AS a developer I WANT OAuth integration SO THAT users can sign in via Google/GitHub	✅ SSO implementation ✅ Session persistence ✅ Error handling	3	P0
AS an admin I WANT role-based access control SO THAT CMS access is restricted	✅ Admin/Editor/Viewer roles ✅ Protected API routes	2.5	P0
AS a user I WANT JWT session management SO THAT my login persists securely	✅ HttpOnly cookies ✅ 1-hour expiry	1.5	P1

Total: 7 Hours

---

2. CMS Implementation

Method: Tiptap Editor + Markdown/MDX

User Story	Acceptance Criteria	Time (Hrs)	Priority
AS an editor I WANT real-time Markdown editor SO THAT I can create content	✅ WYSIWYG interface ✅ Image drag-n-drop	4	P0
AS a user I WANT dynamic project pages SO THAT I can view detailed work	✅ ISR revalidation ✅ Related projects section	3	P0
AS a content manager I WANT draft/publish states SO THAT I can stage content	✅ Status toggles ✅ Preview mode	2	P1

Total: 9 Hours

---

3. AI Integration

Method: OpenAI API + LangChain

User Story	Acceptance Criteria	Time (Hrs)	Priority
AS a user I WANT project suggestions SO THAT I discover relevant work	✅ GPT-4 integration ✅ Cached results	5	P0
AS an SEO manager I WANT auto-generated meta tags SO THAT content ranks better	✅ Keyword extraction ✅ Dynamic tags	2	P1
AS a developer I WANT feedback mechanism SO THAT AI improves suggestions	✅ Thumbs up/down system ✅ Local storage tracking	1.5	P2

Total: 8.5 Hours

---

4. Performance Optimization

Method: ISR + Redis + Next.js Image

User Story	Acceptance Criteria	Time (Hrs)	Priority
AS a user I WANT fast page loads SO THAT I don't wait for content	✅ LCP <1.2s ✅ Code splitting	3	P0
AS a dev I WANT Redis caching SO THAT API responses are faster	✅ Cache invalidation ✅ SWR integration	2	P1
AS a mobile user I WANT optimized images SO THAT data usage is low	✅ WebP conversion ✅ Lazy loading	1.5	P1

Total: 6.5 Hours

---

5. Security Implementation

Method: CSP Headers + Rate Limiting

User Story	Acceptance Criteria	Time (Hrs)	Priority
AS a security engineer I WANT CSP headers SO THAT XSS attacks are prevented	✅ Policy enforcement ✅ Nonce generation	1.5	P1
AS an API owner I WANT rate limiting SO THAT DDoS attacks are mitigated	✅ 5 reqs/min rule ✅ UI warnings	1	P1
AS a user I WANT secure forms SO THAT my data is protected	✅ CSRF tokens ✅ Input sanitization	1	P2

Total: 3.5 Hours

---

6. UI/UX Development

Method: Tailwind + Framer Motion

User Story	Acceptance Criteria	Time (Hrs)	Priority
AS a user I WANT smooth animations SO THAT navigation feels modern	✅ Page transitions ✅ Scroll effects	2	P1
AS a dark mode user I WANT theme toggle SO THAT I reduce eye strain	✅ System preference detection ✅ Persisted state	1.5	P2
AS a mobile user I WANT responsive layouts SO THAT I use the app anywhere	✅ Breakpoint testing ✅ Touch optimization	2	P0

Total: 5.5 Hours

---

7. Testing & Documentation

Method: Jest + Cypress + Storybook

User Story	Acceptance Criteria	Time (Hrs)	Priority
AS a QA engineer I WANT component tests SO THAT core features work	✅ 80% coverage ✅ Mocked APIs	2	P1
AS a new dev I WANT setup docs SO THAT I can run the project	✅ Local env guide ✅ Architecture diagram	1.5	P0
AS a user I WANT error boundaries SO THAT failures are graceful	✅ Fallback UIs ✅ Sentry integration	1	P2

Total: 4.5 Hours

---

TIME ALLOCATION SUMMARY

pie
    title Time Distribution
    "Authentication" : 7
    "CMS" : 9
    "AI" : 8.5
    "Performance" : 6.5
    "Security" : 3.5
    "UI/UX" : 5.5
    "Testing" : 4.5

Loading

Critical Path Sequence:

1. Authentication (P0) + CMS (P0) = 16 Hrs
2. AI Suggestions (P0) + Performance (P0) = 11.5 Hrs
3. UI Responsiveness (P0) + Testing (P0) = 6.5 Hrs
4. Security (P1) + Remaining Tasks = 5.5 Hrs

Buffer Time: 0.5 Hrs (For unexpected issues)

Total: 40 Hours

[Rishabh624-coder]

Hi Akash ,
I am submitting my capstone project I was not able to do all the work due to the workload but did complete all the work needed .
capstone.zip
name Rishabh Rai
email 2452404@tcs.com

[RushikeshMeshram]

Hi Akash

I am submitting my final project.
https://github.com/RushikeshMeshram/capstone-developer-portfolio-nextjs