rest-patterns
REST Patterns
Quick reference for RESTful API design patterns and HTTP semantics.
HTTP Methods
| Method | Purpose | Idempotent | Cacheable |
|---|---|---|---|
| GET | Retrieve resource(s) | Yes | Yes |
| POST | Create new resource | No | No |
| PUT | Replace entire resource | Yes | No |
| PATCH | Partial update | Maybe | No |
| DELETE | Remove resource | Yes | No |
Essential Status Codes
| Code | Name | Use |
|---|---|---|
| 200 | OK | Success with body |
| 201 | Created | POST success (add Location header) |
| 204 | No Content | Success, no body |
| 400 | Bad Request | Invalid syntax |
| 401 | Unauthorized | Not authenticated |
| 403 | Forbidden | Not authorized |
| 404 | Not Found | Resource doesn't exist |
| 422 | Unprocessable | Validation error |
| 429 | Too Many Requests | Rate limited |
| 500 | Server Error | Internal failure |
Resource Design
GET /users # List
POST /users # Create
GET /users/{id} # Get one
PUT /users/{id} # Replace
PATCH /users/{id} # Update
DELETE /users/{id} # Delete
# Query parameters
GET /users?page=2&limit=20 # Pagination
GET /users?sort=created_at:desc # Sorting
GET /users?role=admin # Filtering
Security Checklist
- HTTPS/TLS only
- OAuth 2.0 or JWT for auth
- Validate all inputs
- Rate limit per client
- CORS headers configured
- No sensitive data in URLs
- Use
no-storefor sensitive responses
Common Mistakes
| Mistake | Fix |
|---|---|
| Verbs in URLs | /getUsers → /users |
| Deep nesting | Flatten or use query params |
| 200 for errors | Use proper 4xx/5xx |
| No pagination | Always paginate collections |
| Missing rate limits | Protect against abuse |
Quick Reference
| Task | Pattern |
|---|---|
| Paginate | ?page=2&limit=20 |
| Sort | ?sort=field:asc |
| Filter | ?status=active |
| Sparse fields | ?fields=id,name |
| Include related | ?include=orders |
When to Use
- Designing new API endpoints
- Choosing HTTP methods and status codes
- Implementing caching headers
- Setting up rate limiting
- Structuring error responses
Additional Resources
For detailed patterns, load:
./references/status-codes.md- Complete status code reference with examples./references/caching-patterns.md- Cache-Control, ETag, CDN patterns./references/rate-limiting.md- Rate limiting strategies and headers./references/response-formats.md- Errors, versioning, bulk ops, HATEOAS
More from neversight/skills.sh_feed
python-async-patterns
Python asyncio patterns for concurrent programming. Triggers on: asyncio, async, await, coroutine, gather, semaphore, TaskGroup, event loop, aiohttp, concurrent.
25tmux-processes
Patterns for running long-lived processes in tmux. Use when starting dev servers, watchers, tilt, or any process expected to outlive the conversation.
6tamagui-best-practices
Provides Tamagui patterns for config v4, compiler optimization, styled context, and cross-platform styling. Must use when working with Tamagui projects (tamagui.config.ts, @tamagui imports).
3python-typing-patterns
Python type hints and type safety patterns. Triggers on: type hints, typing, TypeVar, Generic, Protocol, mypy, pyright, type annotation, overload, TypedDict.
2using-xtool
This skill should be used when building iOS apps with xtool (Xcode-free iOS development), creating xtool projects, adding app extensions, or configuring xtool.yml. Triggers on "xtool", "SwiftPM iOS", "iOS on Linux", "iOS on Windows", "Xcode-free", "app extension", "widget extension", "share extension". Covers project setup, app extensions, and deployment.
2explain
Deep explanation of complex code, files, or concepts. Routes to expert agents, uses structural search, generates mermaid diagrams. Triggers on: explain, deep dive, how does X work, architecture, data flow.
1