litestar-exception-handling
Exception Handling
Execution Workflow
- Separate startup and configuration failures from request-time failures.
- Decide whether the failure should be represented by raising
HTTPExceptionor by mapping another exception type through an exception handler. - Choose the narrowest layer that should own the handler: app, router, controller, or route handler.
- Keep the outbound error contract stable: status code, payload shape, media type, and safe detail level.
- Register app-level handlers for
404 Not Foundand405 Method Not Allowedwhen those responses must be customized. - Verify validation and server-failure paths separately so sensitive details do not leak unintentionally.
Core Rules
- Distinguish configuration/startup exceptions from request-handling exceptions.
- Use
HTTPExceptionor its subclasses when the handler should raise an HTTP-aware error directly. - Use exception handlers to translate domain or library exceptions into transport-safe responses.
- Keep error payload schemas stable across handlers and layers.
- Keep documented error behavior aligned with
litestar-openapiroute metadata and security docs. - Redact or replace validation and internal error details when exposing raw messages would leak implementation details.
More from alti3/litestar-skills
litestar-responses
Build Litestar responses with typed return values, explicit Response containers, layered response classes, headers, cookies, status-code control, redirects, files, streams, server-sent events, ASGI app returns, and background tasks. Use when shaping outbound HTTP behavior, correcting response contracts, or choosing the right Litestar response primitive. Do not use for request parsing, validation, or authentication policy design.
22litestar-logging
Configure Litestar logging with `LoggingConfig`, `queue_listener`, exception logging policy, selective stack-trace suppression, standard logging, picologging, Structlog, and custom logging config subclasses. Use when establishing or refactoring application logging behavior, request-level logs, or production-safe error logging in Litestar. Do not use for metrics/tracing instrumentation or exception-response contract design.
22litestar-authentication
Implement Litestar authentication with custom authentication middleware, built-in security backends, JWT and session flows, route inclusion and exclusion rules, and typed auth context on `Request` / `ASGIConnection`. Use when establishing identity, issuing or validating credentials, or attaching authenticated user context in Litestar. Do not use for generic request parsing, broad security audits, or unrelated transport concerns.
22litestar-middleware
Design and apply Litestar middleware for cross-cutting concerns such as CORS, CSRF, allowed-host checks, compression, rate limiting, logging, sessions, request enrichment, policy enforcement, and custom ASGI pipeline control. Use when behavior must wrap broad route sets consistently across the ASGI stack. Do not use for route-specific business rules, simple response mutation better handled by lifecycle hooks, or auth/guard policy work that belongs in security-focused skills.
20litestar-routing
Design and implement Litestar routing with app/router/controller composition, handler decorators, path and parameter modeling, route indexing/reverse lookups, ASGI mounting, and layered route metadata. Use when creating or refactoring endpoint topology and URL contracts. Do not use for purely internal service logic unrelated to HTTP route structure.
18litestar-dto
Configure Litestar DTO behavior for inbound parsing and outbound serialization, including layer-scoped `dto`/`return_dto`, `DTOConfig` policies, `DTOData` update workflows, and custom `AbstractDTO` implementations. Use when API payload contracts differ from internal model structures. Do not use when internal models can be exposed safely without transformation.
18