SFCC Development MCP Server

sfra-controllers.mdc•13.5 KiB

---
description: Enhanced SFRA controller development patterns and best practices with 26+ SFRA documents
globs: cartridges/**/controllers/*.js
alwaysApply: false
---

# Enhanced SFRA Controller Development

Use this rule when creating or modifying SFRA controllers. Now with access to 26+ SFRA documents and smart categorization.

## 🚀 Enhanced MCP Tools Sequence

**BEFORE writing ANY SFRA controller code:**

### Phase 1: Explore SFRA Architecture
1. `mcp_sfcc-dev_get_sfra_categories` - Discover all 7 SFRA documentation categories
2. `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "core" - Get core SFRA classes
3. `mcp_sfcc-dev_get_best_practice_guide` with guideName: "sfra_controllers" - Get comprehensive controller patterns

### Phase 2: Research Specific Functionality
4. `mcp_sfcc-dev_get_sfra_document` with documentName: "server" - Server class methods and routing
5. `mcp_sfcc-dev_get_sfra_document` with documentName: "request" - Request object capabilities
6. `mcp_sfcc-dev_get_sfra_document` with documentName: "response" - Response object methods

### Phase 3: Model-Specific Research (based on controller type)
**For Product Controllers:**
- `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "product"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "product-full"

**For Cart/Checkout Controllers:**
- `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "order"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "cart"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "billing"

**For Customer Controllers:**
- `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "customer"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "account"

### Phase 4: Security and Advanced Features
7. `mcp_sfcc-dev_search_best_practices` with query: "security" - Security patterns
8. `mcp_sfcc-dev_search_sfra_documentation` with query: [specific functionality] - Find relevant patterns

## 📂 SFRA Documentation Categories (26+ documents)

### Available Categories:
- **Core** (5 docs): server, request, response, querystring, render
- **Product** (5 docs): product-full, product-bundle, product-tile, product-search, product-line-items
- **Order** (6 docs): cart, order, billing, shipping, payment, totals
- **Customer** (2 docs): account, address
- **Pricing** (3 docs): price-default, price-range, price-tiered
- **Store** (2 docs): store, stores
- **Other** (3+ docs): categories, content, locale

## MCP-Enhanced Development Workflows

### Workflow 1: Product Controller Development
```
1. mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
2. mcp_sfcc-dev_get_sfra_documents_by_category with category: "product"
3. mcp_sfcc-dev_get_sfra_document with documentName: "product-full"
4. mcp_sfcc-dev_search_sfra_documentation with query: "variation"
5. mcp_sfcc-dev_get_best_practice_guide with guideName: "sfra_controllers"
```

### Workflow 2: Cart/Checkout Controller Development
```
1. mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
2. mcp_sfcc-dev_get_sfra_documents_by_category with category: "order"
3. mcp_sfcc-dev_get_sfra_document with documentName: "cart"
4. mcp_sfcc-dev_get_sfra_document with documentName: "billing"
5. mcp_sfcc-dev_search_sfra_documentation with query: "payment"
```

### Workflow 3: Customer Management Controller Development
```
1. mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
2. mcp_sfcc-dev_get_sfra_documents_by_category with category: "customer"
3. mcp_sfcc-dev_get_sfra_document with documentName: "account"
4. mcp_sfcc-dev_search_sfra_documentation with query: "address"
```

## Enhanced MCP-Guided Controller Template

```javascript
'use strict';

/**
 * [Controller Name] Controller
 * Purpose: [Brief description of controller functionality]
 *
 * Implementation based on Enhanced SFRA Documentation:
 * - mcp_sfcc-dev_get_sfra_categories (discovered 7 categories)
 * - mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
 * - mcp_sfcc-dev_get_sfra_document with documentName: "server"
 * - mcp_sfcc-dev_get_sfra_document with documentName: "request"
 * - mcp_sfcc-dev_get_sfra_document with documentName: "response"
 * - mcp_sfcc-dev_get_best_practice_guide with guideName: "sfra_controllers"
 * - mcp_sfcc-dev_search_best_practices with query: "security"
 */

var server = require('server');
var Logger = require('dw/system/Logger').getLogger('controllers', 'ControllerName');

// Middleware imports (patterns from enhanced SFRA documentation)
var cache = require('*/cartridge/scripts/middleware/cache');
var csrfProtection = require('*/cartridge/scripts/middleware/csrf');
var userLoggedIn = require('*/cartridge/scripts/middleware/userLoggedIn');
var consentTracking = require('*/cartridge/scripts/middleware/consentTracking');
var pageMetaData = require('*/cartridge/scripts/middleware/pageMetaData');

/**
 * Show endpoint - Display page
 * Patterns from mcp_sfcc-dev_get_sfra_document with documentName: "server"
 * Security from mcp_sfcc-dev_search_best_practices with query: "security"
 */
server.get('Show',
    cache.applyDefaultCache,                    // Caching pattern from SFRA best practices
    consentTracking.consent,                   // Consent tracking from middleware docs
    pageMetaData.computedPageMetaData,         // Page metadata from SFRA patterns
    function (req, res, next) {
        try {
            // Request handling patterns from mcp_sfcc-dev_get_sfra_document "request"
            var queryString = req.querystring;
            var form = req.form;
            var currentCustomer = req.currentCustomer;

            // Input validation (patterns from MCP security guide)
            var validationResult = validateInputs(queryString, form);
            if (!validationResult.valid) {
                Logger.error('Validation failed in ControllerName-Show: {0}', validationResult.error);
                res.setStatusCode(400);
                res.render('error/notfound');
                return next();
            }

            // Business logic using appropriate models
            // Use patterns from category-specific SFRA documents:
            // - Product controllers: mcp_sfcc-dev_get_sfra_document "product-full"
            // - Cart controllers: mcp_sfcc-dev_get_sfra_document "cart"
            // - Customer controllers: mcp_sfcc-dev_get_sfra_document "account"
            var viewData = buildViewData(req);

            // Response patterns from mcp_sfcc-dev_get_sfra_document "response"
            var responseData = sanitizeForTemplate(viewData);

            Logger.info('ControllerName-Show executed successfully');
            res.render('template/templateName', responseData);

        } catch (error) {
            Logger.error('Error in ControllerName-Show: {0}', error.message);
            Logger.debug('Stack trace: {0}', error.stack);

            res.setStatusCode(500);
            res.render('error/servererror');
        }

        next();
    }
);

/**
 * AJAX endpoint example
 * Patterns from enhanced SFRA documentation and security best practices
 */
server.post('UpdateData',
    server.middleware.https,                    // HTTPS enforcement from security patterns
    csrfProtection.validateAjaxRequest,       // CSRF protection from security guide
    userLoggedIn.validateLoggedInAjax,        // Authentication from security patterns
    function (req, res, next) {
        try {
            // AJAX request handling from mcp_sfcc-dev_get_sfra_document "request"
            var requestData = req.form;
            var customer = req.currentCustomer;

            // Validation for AJAX requests
            if (!validateAjaxInput(requestData)) {
                Logger.warn('Invalid AJAX input in ControllerName-UpdateData');
                res.json({
                    success: false,
                    error: 'Invalid input data'
                });
                return next();
            }

            // Process the request using appropriate SFRA models
            var result = processUpdate(requestData, customer);

            // Response patterns from mcp_sfcc-dev_get_sfra_document "response"
            res.json({
                success: true,
                data: sanitizeForJson(result)
            });

            Logger.info('ControllerName-UpdateData completed successfully');

        } catch (error) {
            Logger.error('Error in ControllerName-UpdateData: {0}', error.message);

            res.json({
                success: false,
                error: 'Internal server error'
            });
        }

        next();
    }
);

/**
 * Controller extension example
 * Using patterns from mcp_sfcc-dev_get_best_practice_guide "sfra_controllers"
 */
server.extend(module.superModule);

server.append('Show', function (req, res, next) {
    try {
        // Get existing view data from base controller
        var viewData = res.getViewData();

        // Add custom data using patterns from relevant SFRA model documentation
        viewData.customData = enhanceWithCustomLogic(viewData);

        // Security: Ensure no sensitive data exposure
        viewData = sanitizeCustomData(viewData);

        res.setViewData(viewData);

    } catch (error) {
        Logger.error('Error in ControllerName extension: {0}', error.message);
        // Don't break the chain, let base functionality continue
    }

    next();
});

// Helper functions following SFRA patterns from enhanced documentation

/**
 * Input validation using security patterns from MCP best practices
 */
function validateInputs(queryString, form) {
    // Validation logic based on mcp_sfcc-dev_search_best_practices "security"
    return {
        valid: true, // Implement actual validation
        error: null
    };
}

/**
 * Build view data using appropriate SFRA models
 * Model selection based on controller type and MCP research
 */
function buildViewData(req) {
    // Use patterns from category-specific SFRA documentation:
    // - mcp_sfcc-dev_get_sfra_documents_by_category "product" for product data
    // - mcp_sfcc-dev_get_sfra_documents_by_category "order" for cart/checkout data
    // - mcp_sfcc-dev_get_sfra_documents_by_category "customer" for account data

    var viewData = {};

    // Implement based on controller purpose and SFRA model documentation

    return viewData;
}

/**
 * Sanitize data for template rendering
 * Security patterns from mcp_sfcc-dev_search_best_practices "security"
 */
function sanitizeForTemplate(data) {
    // Implement sanitization based on security best practices
    return data;
}

/**
 * Sanitize data for JSON responses
 * Patterns from SFRA response documentation and security guide
 */
function sanitizeForJson(data) {
    // Remove sensitive fields, format for JSON
    return data;
}

module.exports = server.exports();
```

## 🔒 Enhanced Security Patterns

Based on `mcp_sfcc-dev_search_best_practices` with query: "security":

### Input Validation
```javascript
// Use patterns from security best practices guide
function validateInput(input, expectedType, maxLength) {
    // Implement comprehensive validation
}
```

### CSRF Protection
```javascript
// Always use CSRF protection for state-changing operations
server.post('Action', csrfProtection.validateRequest, function(req, res, next) {
    // Implementation
});
```

### Output Sanitization
```javascript
// Sanitize all output to prevent XSS
function sanitizeOutput(data) {
    // Remove script tags, validate HTML, encode special characters
}
```

## 🚀 Performance Patterns

From enhanced SFRA documentation and best practices:

### Caching Strategies
```javascript
// Use appropriate cache middleware from SFRA patterns
server.get('Show',
    cache.applyPromotionSensitiveCache,  // For promotion-dependent content
    // or cache.applyDefaultCache,       // For static content
    // or cache.applyInventorySensitiveCache, // For inventory-dependent content
    function(req, res, next) {
        // Controller logic
    }
);
```

### Lazy Loading
```javascript
// Load heavy modules only when needed
server.get('Show', function(req, res, next) {
    var HeavyModel = require('*/cartridge/models/heavyModel'); // Load when needed
    // Use the model
});
```

## 📋 Enhanced Development Checklist

Before deploying any SFRA controller:

- [ ] Used `mcp_sfcc-dev_get_sfra_categories` to understand available documentation
- [ ] Consulted category-specific SFRA documents for relevant models
- [ ] Retrieved `mcp_sfcc-dev_get_best_practice_guide` with "sfra_controllers"
- [ ] Applied security patterns from `mcp_sfcc-dev_search_best_practices` "security"
- [ ] Researched core SFRA classes: server, request, response
- [ ] Used appropriate middleware based on SFRA patterns
- [ ] Implemented proper error handling and logging
- [ ] Applied input validation and output sanitization
- [ ] Used appropriate caching strategies
- [ ] Tested all routes and error conditions
- [ ] Verified CSRF protection for POST endpoints
- [ ] Confirmed proper authentication for protected routes

## 🎯 Controller Type-Specific Guidelines

### Product Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "product"
Key docs: product-full, product-bundle, product-tile, product-search

### Cart/Checkout Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "order"
Key docs: cart, order, billing, shipping, payment, totals

### Customer Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "customer"
Key docs: account, address

### Content Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "other"
Key docs: categories, content, locale

Remember: Always use the enhanced MCP tools to get current, accurate information about SFRA patterns and best practices!

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/taurgis/sfcc-dev-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

sfra-controllers.mdc•13.5 KiB

---
description: Enhanced SFRA controller development patterns and best practices with 26+ SFRA documents
globs: cartridges/**/controllers/*.js
alwaysApply: false
---

# Enhanced SFRA Controller Development

Use this rule when creating or modifying SFRA controllers. Now with access to 26+ SFRA documents and smart categorization.

## 🚀 Enhanced MCP Tools Sequence

**BEFORE writing ANY SFRA controller code:**

### Phase 1: Explore SFRA Architecture
1. `mcp_sfcc-dev_get_sfra_categories` - Discover all 7 SFRA documentation categories
2. `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "core" - Get core SFRA classes
3. `mcp_sfcc-dev_get_best_practice_guide` with guideName: "sfra_controllers" - Get comprehensive controller patterns

### Phase 2: Research Specific Functionality
4. `mcp_sfcc-dev_get_sfra_document` with documentName: "server" - Server class methods and routing
5. `mcp_sfcc-dev_get_sfra_document` with documentName: "request" - Request object capabilities
6. `mcp_sfcc-dev_get_sfra_document` with documentName: "response" - Response object methods

### Phase 3: Model-Specific Research (based on controller type)
**For Product Controllers:**
- `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "product"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "product-full"

**For Cart/Checkout Controllers:**
- `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "order"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "cart"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "billing"

**For Customer Controllers:**
- `mcp_sfcc-dev_get_sfra_documents_by_category` with category: "customer"
- `mcp_sfcc-dev_get_sfra_document` with documentName: "account"

### Phase 4: Security and Advanced Features
7. `mcp_sfcc-dev_search_best_practices` with query: "security" - Security patterns
8. `mcp_sfcc-dev_search_sfra_documentation` with query: [specific functionality] - Find relevant patterns

## 📂 SFRA Documentation Categories (26+ documents)

### Available Categories:
- **Core** (5 docs): server, request, response, querystring, render
- **Product** (5 docs): product-full, product-bundle, product-tile, product-search, product-line-items
- **Order** (6 docs): cart, order, billing, shipping, payment, totals
- **Customer** (2 docs): account, address
- **Pricing** (3 docs): price-default, price-range, price-tiered
- **Store** (2 docs): store, stores
- **Other** (3+ docs): categories, content, locale

## MCP-Enhanced Development Workflows

### Workflow 1: Product Controller Development
```
1. mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
2. mcp_sfcc-dev_get_sfra_documents_by_category with category: "product"
3. mcp_sfcc-dev_get_sfra_document with documentName: "product-full"
4. mcp_sfcc-dev_search_sfra_documentation with query: "variation"
5. mcp_sfcc-dev_get_best_practice_guide with guideName: "sfra_controllers"
```

### Workflow 2: Cart/Checkout Controller Development
```
1. mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
2. mcp_sfcc-dev_get_sfra_documents_by_category with category: "order"
3. mcp_sfcc-dev_get_sfra_document with documentName: "cart"
4. mcp_sfcc-dev_get_sfra_document with documentName: "billing"
5. mcp_sfcc-dev_search_sfra_documentation with query: "payment"
```

### Workflow 3: Customer Management Controller Development
```
1. mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
2. mcp_sfcc-dev_get_sfra_documents_by_category with category: "customer"
3. mcp_sfcc-dev_get_sfra_document with documentName: "account"
4. mcp_sfcc-dev_search_sfra_documentation with query: "address"
```

## Enhanced MCP-Guided Controller Template

```javascript
'use strict';

/**
 * [Controller Name] Controller
 * Purpose: [Brief description of controller functionality]
 *
 * Implementation based on Enhanced SFRA Documentation:
 * - mcp_sfcc-dev_get_sfra_categories (discovered 7 categories)
 * - mcp_sfcc-dev_get_sfra_documents_by_category with category: "core"
 * - mcp_sfcc-dev_get_sfra_document with documentName: "server"
 * - mcp_sfcc-dev_get_sfra_document with documentName: "request"
 * - mcp_sfcc-dev_get_sfra_document with documentName: "response"
 * - mcp_sfcc-dev_get_best_practice_guide with guideName: "sfra_controllers"
 * - mcp_sfcc-dev_search_best_practices with query: "security"
 */

var server = require('server');
var Logger = require('dw/system/Logger').getLogger('controllers', 'ControllerName');

// Middleware imports (patterns from enhanced SFRA documentation)
var cache = require('*/cartridge/scripts/middleware/cache');
var csrfProtection = require('*/cartridge/scripts/middleware/csrf');
var userLoggedIn = require('*/cartridge/scripts/middleware/userLoggedIn');
var consentTracking = require('*/cartridge/scripts/middleware/consentTracking');
var pageMetaData = require('*/cartridge/scripts/middleware/pageMetaData');

/**
 * Show endpoint - Display page
 * Patterns from mcp_sfcc-dev_get_sfra_document with documentName: "server"
 * Security from mcp_sfcc-dev_search_best_practices with query: "security"
 */
server.get('Show',
    cache.applyDefaultCache,                    // Caching pattern from SFRA best practices
    consentTracking.consent,                   // Consent tracking from middleware docs
    pageMetaData.computedPageMetaData,         // Page metadata from SFRA patterns
    function (req, res, next) {
        try {
            // Request handling patterns from mcp_sfcc-dev_get_sfra_document "request"
            var queryString = req.querystring;
            var form = req.form;
            var currentCustomer = req.currentCustomer;

            // Input validation (patterns from MCP security guide)
            var validationResult = validateInputs(queryString, form);
            if (!validationResult.valid) {
                Logger.error('Validation failed in ControllerName-Show: {0}', validationResult.error);
                res.setStatusCode(400);
                res.render('error/notfound');
                return next();
            }

            // Business logic using appropriate models
            // Use patterns from category-specific SFRA documents:
            // - Product controllers: mcp_sfcc-dev_get_sfra_document "product-full"
            // - Cart controllers: mcp_sfcc-dev_get_sfra_document "cart"
            // - Customer controllers: mcp_sfcc-dev_get_sfra_document "account"
            var viewData = buildViewData(req);

            // Response patterns from mcp_sfcc-dev_get_sfra_document "response"
            var responseData = sanitizeForTemplate(viewData);

            Logger.info('ControllerName-Show executed successfully');
            res.render('template/templateName', responseData);

        } catch (error) {
            Logger.error('Error in ControllerName-Show: {0}', error.message);
            Logger.debug('Stack trace: {0}', error.stack);

            res.setStatusCode(500);
            res.render('error/servererror');
        }

        next();
    }
);

/**
 * AJAX endpoint example
 * Patterns from enhanced SFRA documentation and security best practices
 */
server.post('UpdateData',
    server.middleware.https,                    // HTTPS enforcement from security patterns
    csrfProtection.validateAjaxRequest,       // CSRF protection from security guide
    userLoggedIn.validateLoggedInAjax,        // Authentication from security patterns
    function (req, res, next) {
        try {
            // AJAX request handling from mcp_sfcc-dev_get_sfra_document "request"
            var requestData = req.form;
            var customer = req.currentCustomer;

            // Validation for AJAX requests
            if (!validateAjaxInput(requestData)) {
                Logger.warn('Invalid AJAX input in ControllerName-UpdateData');
                res.json({
                    success: false,
                    error: 'Invalid input data'
                });
                return next();
            }

            // Process the request using appropriate SFRA models
            var result = processUpdate(requestData, customer);

            // Response patterns from mcp_sfcc-dev_get_sfra_document "response"
            res.json({
                success: true,
                data: sanitizeForJson(result)
            });

            Logger.info('ControllerName-UpdateData completed successfully');

        } catch (error) {
            Logger.error('Error in ControllerName-UpdateData: {0}', error.message);

            res.json({
                success: false,
                error: 'Internal server error'
            });
        }

        next();
    }
);

/**
 * Controller extension example
 * Using patterns from mcp_sfcc-dev_get_best_practice_guide "sfra_controllers"
 */
server.extend(module.superModule);

server.append('Show', function (req, res, next) {
    try {
        // Get existing view data from base controller
        var viewData = res.getViewData();

        // Add custom data using patterns from relevant SFRA model documentation
        viewData.customData = enhanceWithCustomLogic(viewData);

        // Security: Ensure no sensitive data exposure
        viewData = sanitizeCustomData(viewData);

        res.setViewData(viewData);

    } catch (error) {
        Logger.error('Error in ControllerName extension: {0}', error.message);
        // Don't break the chain, let base functionality continue
    }

    next();
});

// Helper functions following SFRA patterns from enhanced documentation

/**
 * Input validation using security patterns from MCP best practices
 */
function validateInputs(queryString, form) {
    // Validation logic based on mcp_sfcc-dev_search_best_practices "security"
    return {
        valid: true, // Implement actual validation
        error: null
    };
}

/**
 * Build view data using appropriate SFRA models
 * Model selection based on controller type and MCP research
 */
function buildViewData(req) {
    // Use patterns from category-specific SFRA documentation:
    // - mcp_sfcc-dev_get_sfra_documents_by_category "product" for product data
    // - mcp_sfcc-dev_get_sfra_documents_by_category "order" for cart/checkout data
    // - mcp_sfcc-dev_get_sfra_documents_by_category "customer" for account data

    var viewData = {};

    // Implement based on controller purpose and SFRA model documentation

    return viewData;
}

/**
 * Sanitize data for template rendering
 * Security patterns from mcp_sfcc-dev_search_best_practices "security"
 */
function sanitizeForTemplate(data) {
    // Implement sanitization based on security best practices
    return data;
}

/**
 * Sanitize data for JSON responses
 * Patterns from SFRA response documentation and security guide
 */
function sanitizeForJson(data) {
    // Remove sensitive fields, format for JSON
    return data;
}

module.exports = server.exports();
```

## 🔒 Enhanced Security Patterns

Based on `mcp_sfcc-dev_search_best_practices` with query: "security":

### Input Validation
```javascript
// Use patterns from security best practices guide
function validateInput(input, expectedType, maxLength) {
    // Implement comprehensive validation
}
```

### CSRF Protection
```javascript
// Always use CSRF protection for state-changing operations
server.post('Action', csrfProtection.validateRequest, function(req, res, next) {
    // Implementation
});
```

### Output Sanitization
```javascript
// Sanitize all output to prevent XSS
function sanitizeOutput(data) {
    // Remove script tags, validate HTML, encode special characters
}
```

## 🚀 Performance Patterns

From enhanced SFRA documentation and best practices:

### Caching Strategies
```javascript
// Use appropriate cache middleware from SFRA patterns
server.get('Show',
    cache.applyPromotionSensitiveCache,  // For promotion-dependent content
    // or cache.applyDefaultCache,       // For static content
    // or cache.applyInventorySensitiveCache, // For inventory-dependent content
    function(req, res, next) {
        // Controller logic
    }
);
```

### Lazy Loading
```javascript
// Load heavy modules only when needed
server.get('Show', function(req, res, next) {
    var HeavyModel = require('*/cartridge/models/heavyModel'); // Load when needed
    // Use the model
});
```

## 📋 Enhanced Development Checklist

Before deploying any SFRA controller:

- [ ] Used `mcp_sfcc-dev_get_sfra_categories` to understand available documentation
- [ ] Consulted category-specific SFRA documents for relevant models
- [ ] Retrieved `mcp_sfcc-dev_get_best_practice_guide` with "sfra_controllers"
- [ ] Applied security patterns from `mcp_sfcc-dev_search_best_practices` "security"
- [ ] Researched core SFRA classes: server, request, response
- [ ] Used appropriate middleware based on SFRA patterns
- [ ] Implemented proper error handling and logging
- [ ] Applied input validation and output sanitization
- [ ] Used appropriate caching strategies
- [ ] Tested all routes and error conditions
- [ ] Verified CSRF protection for POST endpoints
- [ ] Confirmed proper authentication for protected routes

## 🎯 Controller Type-Specific Guidelines

### Product Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "product"
Key docs: product-full, product-bundle, product-tile, product-search

### Cart/Checkout Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "order"
Key docs: cart, order, billing, shipping, payment, totals

### Customer Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "customer"
Key docs: account, address

### Content Controllers
Research: `mcp_sfcc-dev_get_sfra_documents_by_category` "other"
Key docs: categories, content, locale

Remember: Always use the enhanced MCP tools to get current, accurate information about SFRA patterns and best practices!