laravel-api-builder

Overview

The laravel-api-builder agent specializes in creating production-ready REST APIs. It generates versioned endpoints, JSON resources, request validation, OpenAPI documentation, and comprehensive API tests.

What It Creates

Component	Location	Purpose
API Controller	`app/Http/Controllers/Api/V1/`	RESTful endpoints with proper HTTP methods
JSON Resource	`app/Http/Resources/V1/`	Response transformation and formatting
Form Requests	`app/Http/Requests/Api/V1/`	Input validation and authorization
API Routes	`routes/api/v1.php`	Versioned route definitions
OpenAPI Spec	`docs/api/`	Auto-generated API documentation
API Tests	`tests/Feature/Api/V1/`	Pest PHP endpoint tests

API Standards

Generated APIs follow these standards:

JSON:API - Consistent response structure with data, meta, links
RESTful conventions - Proper HTTP methods and status codes
URL versioning - /api/v1/ prefix for all endpoints
HATEOAS links - Self-referential links in responses
Pagination - Cursor or offset-based with meta information

Generated Resource Example

<?php

namespace App\Http\Resources\V1;

use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;

class ProductResource extends JsonResource
{
    public function toArray(Request $request): array
    {
        return [
            'id' => $this->id,
            'type' => 'products',
            'attributes' => [
                'name' => $this->name,
                'slug' => $this->slug,
                'description' => $this->description,
                'price' => [
                    'amount' => $this->price,
                    'currency' => 'USD',
                    'formatted' => '$' . number_format($this->price, 2),
                ],
                'in_stock' => $this->stock_quantity > 0,
                'created_at' => $this->created_at->toIso8601String(),
                'updated_at' => $this->updated_at->toIso8601String(),
            ],
            'relationships' => [
                'category' => new CategoryResource($this->whenLoaded('category')),
                'images' => ImageResource::collection($this->whenLoaded('images')),
            ],
            'links' => [
                'self' => route('api.v1.products.show', $this->id),
            ],
        ];
    }
}

Authentication Support

The agent can configure various authentication methods:

Laravel Sanctum - Token-based API authentication
Passport - OAuth2 implementation
API Keys - Simple key-based access
JWT - JSON Web Token authentication

Rate Limiting

Generated APIs include rate limiting middleware:

// In RouteServiceProvider
RateLimiter::for('api', function (Request $request) {
    return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
});

// High-throughput endpoint
RateLimiter::for('uploads', function (Request $request) {
    return Limit::perMinute(10)->by($request->user()->id);
});

Called By

laravel-architect - When building APIs

Invoked By Commands

/laravel-agent:api:make - Create API resources
/laravel-agent:api:docs - Generate documentation

Guardrails

The API builder follows strict rules:

ALWAYS use versioned routes (/api/v1/)
ALWAYS use JSON Resources for responses
ALWAYS include rate limiting middleware
ALWAYS validate inputs with Form Requests
NEVER expose internal IDs without need
NEVER return sensitive data in responses