AgentSkillsCN

Laravel API

为现代 Laravel 后端制定 REST 与 JSON API 规范。

SKILL.md
--- frontmatter
name: Laravel API
description: REST and JSON API standards for modern Laravel backends.
metadata:
  labels: [laravel, api, rest, json, sanctum]
  triggers:
    files: ['routes/api.php', 'app/Http/Resources/**/*.php']
    keywords: [resource, collection, sanctum, passport, cors]

Laravel API

Priority: P1 (HIGH)

Structure

text
app/
└── Http/
    ├── Resources/      # Data transformation
    └── Controllers/
        └── Api/        # API specific logic

Implementation Guidelines

  • API Resources: Always use Resources/Collections for JSON formatting.
  • RESTful Actions: Follow standard naming (index, store, update).
  • Auth: Use Sanctum for SPAs/Mobile or Passport for OAuth2.
  • Status Codes: Return appropriate HTTP codes (201 Created, 422 Unprocessable).
  • Versioning: Prefix routes with version tags (e.g., api/v1/...).
  • Rate Limiting: Configure RateLimiter to protect public endpoints.

Anti-Patterns

  • Raw Models: No raw model returns: Information leakage risk.
  • Manual JSON: No response()->create(): Use API Resources.
  • Session Auth: No sessions for APIs: Use Tokens (Sanctum).
  • Hardcoded URLs: No static links in JSON: Use HATEOAS or route names.

References