Starter Laravel API — PSR-12, Service Layer, Auditing, Permission

Starter ini menyiapkan kerangka API Laravel yang rapi sesuai PSR-12, memakai pola Service + Interface, API Resource, Form Request, Policy (Spatie Permission), dan Auditing (OwenIt). Contoh master data yang disertakan: Task.

Fitur utama:

• CRUD Task (id, nama_task, deskripsi) via Route::apiResource.
• Validasi terpisah (Form Request) dan serialisasi respons (API Resource).
• Service Layer + Interface untuk logika bisnis yang terpisah dari controller.
• Policy + Spatie Permission untuk otorisasi per-aksi (view/create/update/delete).
• Auditing (owen-it/laravel-auditing) untuk mencatat perubahan Task.
• Standar PSR-12 (via laravel/pint).

Persyaratan

• PHP 8.2+
• MySQL (atau kompatibel)
• Composer
• Node.js (opsional, hanya untuk script Vite/dev)

Setup Cepat

1. Salin file environment dan konfigurasi DB

cp .env.example .env
# edit DB_* pada .env sesuai lingkungan Anda

2. Install dependency backend dan bootstrap aplikasi

composer install
php artisan key:generate
php artisan migrate --force
php artisan db:seed --force

Atau gunakan skrip siap-pakai:

composer setup

3. Jalankan aplikasi

php artisan serve
# akses: http://localhost:8000

Endpoint Task

• GET /api/tasks — daftar task (paginated)
• GET /api/tasks/{id} — detail task
• POST /api/tasks — buat task
• PUT/PATCH /api/tasks/{id} — ubah task
• DELETE /api/tasks/{id} — hapus task

Contoh request membuat Task:

curl -X POST http://localhost:8000/api/tasks \
  -H 'Content-Type: application/json' \
  -d '{
    "nama_task": "Contoh",
    "deskripsi": "Deskripsi contoh"
  }'

Otorisasi & Perizinan

• Policy: App\Policies\TaskPolicy mengatur izin tiap aksi:
  • view/index/show: task.view
  • store: task.create
  • update: task.update
  • destroy: task.delete
• Seeder: DatabaseSeeder akan memanggil PermissionSeeder untuk membuat permissions dan role admin, lalu menugaskannya ke user pertama/terbuat.
• Controller: TaskController memakai authorizeResource sehingga setiap aksi otomatis melalui Policy.

Secara default guard yang dipakai adalah web. Untuk akses berbasis token, Anda dapat mengaktifkan Passport:

1. Tambah guard API di config/auth.php (opsional):

'guards' => [
    'web' => [ 'driver' => 'session', 'provider' => 'users' ],
    'api' => [ 'driver' => 'passport', 'provider' => 'users' ],
],

2. Install kunci Passport (opsional):

php artisan passport:install

3. Lindungi route dengan middleware auth:api jika diperlukan (opsional, routes/api.php).

Auditing

• Paket: owen-it/laravel-auditing.
• Model App\Models\Task mengimplementasikan Auditable sehingga create/update/delete tercatat pada tabel audits.
• Lihat riwayat di tabel audits pada database Anda.

Pola Kode & Struktur

• Service & Interface
  • app/Services/Contracts/TaskServiceInterface.php
  • app/Services/TaskService.php
  • IOC binding: app/Providers/AppServiceProvider.php (bind interface ke implementasi)
• Controller
  • app/Http/Controllers/TaskController.php (inject TaskServiceInterface, pakai authorizeResource)
• Validasi
  • app/Http/Requests/StoreTaskRequest.php
  • app/Http/Requests/UpdateTaskRequest.php
• Resource (serialisasi API)
  • app/Http/Resources/TaskResource.php
• Policy & Permission
  • app/Policies/TaskPolicy.php
  • Seeder: database/seeders/PermissionSeeder.php, database/seeders/DatabaseSeeder.php
• Routing
  • routes/api.php (Route::apiResource('tasks', ...))

Standar Kode (PSR-12)

• Format otomatis dengan Pint:

composer lint

Pengembangan

• Skrip dev (opsional) untuk menjalankan beberapa proses sekaligus:

composer dev

Skrip tersebut akan menjalankan php artisan serve, queue listener, log viewer (pail), dan Vite. Sesuaikan kebutuhan Anda.

Testing

• Jalankan test:

composer test

---

Di bawah ini adalah README standar Laravel.

About Laravel

Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:

• Simple, fast routing engine.
• Powerful dependency injection container.
• Multiple back-ends for session and cache storage.
• Expressive, intuitive database ORM.
• Database agnostic schema migrations.
• Robust background job processing.
• Real-time event broadcasting.

Laravel is accessible, powerful, and provides tools required for large, robust applications.

Learning Laravel

Laravel has the most extensive and thorough documentation and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework.

You may also try the Laravel Bootcamp, where you will be guided through building a modern Laravel application from scratch.

If you don't feel like reading, Laracasts can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.

Laravel Sponsors

We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the Laravel Partners program.

Premium Partners

• Vehikl
• Tighten Co.
• Kirschbaum Development Group
• 64 Robots
• Curotec
• DevSquad
• Redberry
• Active Logic

Contributing

Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the Laravel documentation.

Code of Conduct

In order to ensure that the Laravel community is welcoming to all, please review and abide by the Code of Conduct.

Security Vulnerabilities

If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via taylor@laravel.com. All security vulnerabilities will be promptly addressed.

License

The Laravel framework is open-sourced software licensed under the MIT license.