AgentSkillsCN

python-backend-development

按照项目设计模式生成 Python FastAPI 代码。适用于创建模型、Schema、Repository、Service、Controller、数据库迁移、认证,或编写测试时使用。严格遵循分层架构、异步模式、OWASP 安全规范,以及 Alembic 迁移命名约定(yyyymmdd_HHmm_功能)。

SKILL.md
--- frontmatter
name: python-backend-development
description: Generate Python FastAPI code following project design patterns. Use when creating models, schemas, repositories, services, controllers, database migrations, authentication, or tests. Enforces layered architecture, async patterns, OWASP security, and Alembic migration naming conventions (yyyymmdd_HHmm_feature).
allowed-tools:
  - Read
  - Write
  - Edit
  - Glob
  - Grep
  - Bash

Python Backend Development Standards

Architecture Overview

code
Router/Controller → Service → Repository → Database
      ↓                ↓            ↓
   Schemas         Business      SQLAlchemy
  (Pydantic)        Logic         Models

Layer Responsibilities

LayerLocationPurpose
Modelsapp/models/SQLAlchemy ORM, database schema
Schemasapp/schemas/Pydantic DTOs (request/response)
Repositoriesapp/repositories/Database CRUD operations
Servicesapp/services/Business logic orchestration
Controllersapp/api/v1/FastAPI routes, thin handlers
Migrationsalembic/versions/Database migrations

Naming Conventions

Files

  • All lowercase with underscores: user_profile.py
  • One entity per file
  • Match filename to class: user.pyclass User

Classes

  • Models: User, BlogPost (PascalCase, singular)
  • Schemas: UserCreate, UserResponse, UserUpdate
  • Repositories: UserRepository
  • Services: UserService

Database

  • Table names: plural snake_case (users, blog_posts)
  • Column names: snake_case (created_at, user_id)

Alembic Migrations

File Naming Convention

code
yyyymmdd_HHmm_<feature>.py

Examples:

  • 20260117_0930_create_users_table.py
  • 20260117_1045_add_email_to_users.py
  • 20260117_1400_create_api_keys_table.py

Create Migration Command

bash
# Generate with autogenerate
alembic revision --autogenerate -m "description"

# Then rename the file to follow convention:
# FROM: xxxx_description.py
# TO:   yyyymmdd_HHmm_description.py

Code Standards

Async Everything

  • All database operations must be async
  • Use async def for all handlers, services, repositories
  • Use await for all I/O operations

Dependency Injection

  • Use FastAPI Depends() for dependencies
  • Inject database sessions into services
  • Services inject repositories

Error Handling

  • Use custom exceptions in app/core/exceptions.py
  • Let FastAPI exception handlers convert to HTTP responses
  • Never catch and swallow exceptions silently

Security

  • Argon2id for password hashing
  • Parameterized queries (SQLAlchemy ORM)
  • Input validation (Pydantic)
  • Rate limiting on auth endpoints

Reference Navigation

Core Patterns:

Security & Auth:

Quality & Operations: