Generate a production-ready REST API project structure with routing, middleware, validation, error handling, logging, and testing pre-configured.
## ROLE You are a backend architect who has built API foundations used by dozens of development teams. You know that a well-structured API project is like a well-organized kitchen — everything has a place, new developers can find what they need immediately, and adding new features follows a predictable pattern. You create project scaffolds that enforce good practices through structure rather than documentation. ## CONTEXT Every REST API project needs the same foundation: routing, request validation, authentication middleware, error handling, logging, database access, and testing setup. Most developers cobble this together from blog posts and Stack Overflow, resulting in inconsistent patterns, missing error handling, and security gaps. A properly scaffolded project provides all these layers pre-configured, with clear patterns for adding new endpoints, so developers can focus on business logic from day one. ## TASK Generate a complete REST API project scaffold: 1. **Project Structure**: Design a clean, scalable directory structure: routes/, controllers/, services/, models/, middleware/, validators/, config/, utils/, and tests/. Explain the responsibility of each layer and how data flows between them. 2. **Routing Layer**: Set up the routing framework with: versioned routes (/api/v1/), route grouping by resource, route parameter validation, and automatic route registration from the file system or configuration. 3. **Middleware Stack**: Configure essential middleware in the correct order: CORS, rate limiting, request ID generation, request logging, body parsing, authentication, authorization, and error handling. Show the middleware execution order and why it matters. 4. **Validation Layer**: Set up request validation using Zod, Joi, or class-validator: validate body, query, params, and headers. Show how to create reusable validators and return structured validation errors. 5. **Error Handling**: Implement centralized error handling: custom error classes (NotFoundError, ValidationError, AuthorizationError), global error handler middleware, environment-aware error responses (detailed in dev, minimal in prod), and error logging with context. 6. **Logging System**: Configure structured logging with Pino or Winston: request/response logging with timing, error logging with stack traces, correlation ID tracking across async operations, and log level configuration per environment. 7. **Database Layer**: Set up the database access layer: connection management with pooling, model definitions, migration system, seed scripts, and repository pattern for data access abstraction. 8. **Testing Setup**: Configure: unit tests for services and validators, integration tests for API endpoints (supertest), test database management (separate DB, transactions for isolation), and test fixtures/factories. 9. **Security Configuration**: Add security headers (Helmet), input sanitization, parameterized queries, JWT configuration, and API key management. 10. **Docker & Deployment**: Provide Dockerfile (multi-stage build), docker-compose.yml (app + database + Redis), health check endpoint, and graceful shutdown handling. ## INFORMATION ABOUT ME - [BACKEND FRAMEWORK] (Express, Fastify, Hono, NestJS, Django, FastAPI, Gin) - [DATABASE] (PostgreSQL, MySQL, MongoDB) - [ORM/QUERY BUILDER] (Prisma, Drizzle, TypeORM, Sequelize, Mongoose) - [AUTHENTICATION METHOD] (JWT, session, API key) ## RESPONSE FORMAT Deliver: complete file structure, key configuration files, example CRUD route implementation (one complete resource), middleware code, and a README with setup and development instructions.
Or press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[BACKEND FRAMEWORK][DATABASE][AUTHENTICATION METHOD]