Laravel makes building APIs straightforward, but following best practices ensures your API is secure, maintainable, and performant. Here are some patterns I've found useful when building production-ready APIs.
Use API Resources for Responses
API Resources give you control over how your models are transformed into JSON responses:
// app/Http/Resources/UserResource.php
class UserResource extends JsonResource
{
public function toArray($request)
{
return [
'id' => $this->id,
'name' => $this->name,
'email' => $this->email,
'created_at' => $this->created_at->toISOString(),
];
}
}
// In your controller
public function show(User $user)
{
return new UserResource($user);
}
public function index()
{
return UserResource::collection(User::paginate());
}Validate with Form Requests
Keep your controllers clean by moving validation logic to Form Request classes:
// app/Http/Requests/StoreUserRequest.php
class StoreUserRequest extends FormRequest
{
public function rules()
{
return [
'name' => 'required|string|max:255',
'email' => 'required|email|unique:users',
'password' => 'required|min:8|confirmed',
];
}
}
// In your controller
public function store(StoreUserRequest $request)
{
$user = User::create($request->validated());
return new UserResource($user);
}Conclusion
Following these patterns keeps your Laravel API code organized and maintainable. Use Resources for consistent responses, Form Requests for validation, and always version your API endpoints. Your future self will thank you.