shield_lock
金大哥
返回 Skill 列表
extension
分类: 开发与工程无需 API Key

api-patterns

API设计原则和决策。REST与GraphQL与tRPC的选择,响应格式,版本控制,分页。

person作者: jakexiaohubgithub
open_in_new仓库download下载资源包

API Patterns

API design principles and decision-making for 2025. Learn to THINK, not copy fixed patterns.

🎯 Selective Reading Rule

Read ONLY files relevant to the request! Check the content map, find what you need.

📑 Content Map

| File | Description | When to Read | |------|-------------|--------------| | api-style.md | REST vs GraphQL vs tRPC decision tree | Choosing API type | | rest.md | Resource naming, HTTP methods, status codes | Designing REST API | | response.md | Envelope pattern, error format, pagination | Response structure | | graphql.md | Schema design, when to use, security | Considering GraphQL | | trpc.md | TypeScript monorepo, type safety | TS fullstack projects | | versioning.md | URI/Header/Query versioning | API evolution planning | | auth.md | JWT, OAuth, Passkey, API Keys | Auth pattern selection | | rate-limiting.md | Token bucket, sliding window | API protection | | documentation.md | OpenAPI/Swagger best practices | Documentation | | security-testing.md | OWASP API Top 10, auth/authz testing | Security audits |

🔗 Related Skills

| Need | Skill | |------|-------| | API implementation | @[skills/backend-development] | | Data structure | @[skills/database-design] | | Security details | @[skills/security-hardening] |

✅ Decision Checklist

Before designing an API:

  • [ ] Asked user about API consumers?
  • [ ] Chosen API style for THIS context? (REST/GraphQL/tRPC)
  • [ ] Defined consistent response format?
  • [ ] Planned versioning strategy?
  • [ ] Considered authentication needs?
  • [ ] Planned rate limiting?
  • [ ] Documentation approach defined?

❌ Anti-Patterns

DON'T:

  • Default to REST for everything
  • Use verbs in REST endpoints (/getUsers)
  • Return inconsistent response formats
  • Expose internal errors to clients
  • Skip rate limiting

DO:

  • Choose API style based on context
  • Ask about client requirements
  • Document thoroughly
  • Use appropriate status codes

Script

| Script | Purpose | Command | |--------|---------|---------| | scripts/api_validator.py | API endpoint validation | python scripts/api_validator.py <project_path> |