backend-implementation-patterns
Production-ready backend API implementation patterns including REST, GraphQL, authentication, error handling, and data validation
Best use case
backend-implementation-patterns is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Production-ready backend API implementation patterns including REST, GraphQL, authentication, error handling, and data validation
Teams using backend-implementation-patterns should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/backend-implementation-patterns/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How backend-implementation-patterns Compares
| Feature / Agent | backend-implementation-patterns | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Production-ready backend API implementation patterns including REST, GraphQL, authentication, error handling, and data validation
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Backend Implementation Patterns
Production-ready patterns for building robust, scalable backend APIs.
## API Design Patterns
### RESTful Endpoints
```typescript
// Resource-based routing
app.get('/api/users', getUsers); // List
app.get('/api/users/:id', getUserById); // Get
app.post('/api/users', createUser); // Create
app.put('/api/users/:id', updateUser); // Update
app.delete('/api/users/:id', deleteUser); // Delete
// Nested resources
app.get('/api/users/:id/posts', getUserPosts);
app.post('/api/users/:id/posts', createUserPost);
```
### Request/Response Pattern
```typescript
interface APIResponse<T> {
success: boolean;
data?: T;
error?: {
code: string;
message: string;
details?: any;
};
meta?: {
page?: number;
limit?: number;
total?: number;
};
}
async function handleRequest<T>(
handler: () => Promise<T>
): Promise<APIResponse<T>> {
try {
const data = await handler();
return { success: true, data };
} catch (error) {
return {
success: false,
error: {
code: error.code || 'INTERNAL_ERROR',
message: error.message,
}
};
}
}
```
### Validation Layer
```typescript
import { z } from 'zod';
const CreateUserSchema = z.object({
email: z.string().email(),
name: z.string().min(2).max(100),
age: z.number().int().min(18).optional(),
});
app.post('/api/users', async (req, res) => {
const validation = CreateUserSchema.safeParse(req.body);
if (!validation.success) {
return res.status(400).json({
success: false,
error: {
code: 'VALIDATION_ERROR',
message: 'Invalid request data',
details: validation.error.errors
}
});
}
const user = await userService.create(validation.data);
res.status(201).json({ success: true, data: user });
});
```
## Authentication Patterns
### JWT Authentication
```typescript
import jwt from 'jsonwebtoken';
// Generate token
function generateToken(userId: string) {
return jwt.sign(
{ userId },
process.env.JWT_SECRET!, // allow-secret
{ expiresIn: '7d' }
);
}
// Middleware
async function authenticateToken(req, res, next) {
const token = req.headers.authorization?.split(' ')[1]; // allow-secret
if (!token) {
return res.status(401).json({
success: false,
error: { code: 'UNAUTHORIZED', message: 'Missing token' }
});
}
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET!); // allow-secret
req.userId = decoded.userId;
next();
} catch (error) {
return res.status(401).json({
success: false,
error: { code: 'INVALID_TOKEN', message: 'Invalid or expired token' }
});
}
}
```
## Error Handling
### Custom Error Classes
```typescript
class AppError extends Error {
constructor(
public statusCode: number,
public code: string,
message: string,
public details?: any
) {
super(message);
this.name = 'AppError';
}
}
class NotFoundError extends AppError {
constructor(resource: string) {
super(404, 'NOT_FOUND', `${resource} not found`);
}
}
class ValidationError extends AppError {
constructor(details: any) {
super(400, 'VALIDATION_ERROR', 'Validation failed', details);
}
}
```
### Error Handling Middleware
```typescript
app.use((error, req, res, next) => {
console.error('Error:', error);
if (error instanceof AppError) {
return res.status(error.statusCode).json({
success: false,
error: {
code: error.code,
message: error.message,
details: error.details
}
});
}
res.status(500).json({
success: false,
error: {
code: 'INTERNAL_ERROR',
message: 'An unexpected error occurred'
}
});
});
```
## Data Access Layer
### Repository Pattern
```typescript
interface Repository<T> {
find Find(filters: any): Promise<T[]>;
findById(id: string): Promise<T | null>;
create(data: Partial<T>): Promise<T>;
update(id: string, data: Partial<T>): Promise<T>;
delete(id: string): Promise<void>;
}
class UserRepository implements Repository<User> {
async findById(id: string): Promise<User | null> {
return db.user.findUnique({ where: { id } });
}
async create(data: Partial<User>): Promise<User> {
return db.user.create({ data });
}
// ... other methods
}
```
## Rate Limiting
```typescript
import rateLimit from 'express-rate-limit';
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // 100 requests per window
message: { success: false, error: { code: 'RATE_LIMIT', message: 'Too many requests' }}
});
app.use('/api/', limiter);
```
## Integration Points
Complements:
- **api-design-patterns**: For API structure
- **postgres-advanced-patterns**: For data layer
- **security-implementation-guide**: For security
- **tdd-workflow**: For testing
---
## Related Skills
### Complementary Skills (Use Together)
- **[api-design-patterns](../api-design-patterns/)** - Design your API structure before implementing
- **[postgres-advanced-patterns](../postgres-advanced-patterns/)** - Advanced database patterns for the data layer
- **[testing-patterns](../testing-patterns/)** - Write tests for your API endpoints
- **[deployment-cicd](../deployment-cicd/)** - Deploy your backend services
### Alternative Skills (Similar Purpose)
- **[nextjs-fullstack-patterns](../nextjs-fullstack-patterns/)** - If building with Next.js App Router
### Prerequisite Skills (Learn First)
- **[api-design-patterns](../api-design-patterns/)** - Understanding API design helps structure implementationsRelated Skills
webhook-integration-patterns
Designs reliable webhook systems with proper delivery guarantees, retry logic, signature verification, and idempotent processing for event-driven integrations.
vector-search-patterns
Implement vector similarity search with embedding generation, index selection, and hybrid retrieval strategies. Covers ChromaDB, pgvector, FAISS, and RAG pipeline design. Triggers on vector search, embeddings, semantic search, or RAG architecture requests.
testing-patterns
Write effective tests across the stack—unit, integration, E2E, and visual regression. Covers testing philosophy, framework selection, mocking strategies, and CI integration. Triggers on testing, test coverage, TDD, or quality assurance requests.
session-lifecycle-patterns
Manage AI agent session lifecycles with structured phases (FRAME, SHAPE, BUILD, PROVE), context preservation across sessions, handoff protocols, and session metadata tracking. Triggers on session management, agent lifecycle, or multi-session workflow requests.
security-implementation-guide
Comprehensive security patterns for authentication, authorization, input validation, and common vulnerability prevention
responsive-design-patterns
Mobile-first responsive design patterns with breakpoints, fluid layouts, and adaptive components
resilience-patterns
Build fault-tolerant systems with circuit breakers, retries with backoff, bulkheads, timeouts, and graceful degradation. Covers distributed system failure modes and recovery strategies. Triggers on reliability engineering, fault tolerance, or distributed system resilience requests.
redis-patterns
Use Redis effectively for caching, pub/sub messaging, rate limiting, distributed locks, and session storage. Covers data structure selection, expiration strategies, and cluster patterns. Triggers on Redis usage, caching architecture, or pub/sub messaging requests.
realtime-websocket-patterns
Implement real-time features with WebSockets, Server-Sent Events, and long polling. Covers connection management, room-based messaging, presence tracking, and scaling strategies. Triggers on WebSocket implementation, real-time communication, or live update feature requests.
react-three-fiber-patterns
Build interactive 3D experiences in React using react-three-fiber (R3F), drei helpers, and shader integration. Covers scene composition, performance optimization, and animation patterns. Triggers on R3F development, React + Three.js, or declarative 3D scene requests.
python-packaging-patterns
Structure Python projects for distribution with pyproject.toml, src layouts, dependency management, and publishing workflows. Covers packaging tools (hatch, setuptools, flit, poetry), versioning strategies, and editable installs. Triggers on Python project setup, packaging configuration, or dependency management requests.
python-backend-pack
Curated bundle of essential Python backend development skills. Includes FastAPI patterns, packaging, database migrations, CLI design, and Redis caching. Use when building Python API services or backend systems.