🎁 Get the FREE AI Skills Starter Guide β€” Subscribe β†’
BytesAgainBytesAgain
πŸ¦€ ClawHub

Phoenix API Generator

by @gchapim

Generate a full Phoenix JSON API from an OpenAPI spec or natural language description. Creates contexts, Ecto schemas, migrations, controllers, JSON views/renderers, router entries, ExUnit tests with factories, auth plugs, and tenant scoping. Use when building a new Phoenix REST API, adding CRUD endpoints, scaffolding resources, or converting an OpenAPI YAML into a Phoenix project.

Versionv1.0.0
Downloads1,976
Installs2
Stars⭐ 1
TERMINAL
clawhub install phoenix-api-gen

πŸ“– About This Skill


name: phoenix-api-gen description: Generate a full Phoenix JSON API from an OpenAPI spec or natural language description. Creates contexts, Ecto schemas, migrations, controllers, JSON views/renderers, router entries, ExUnit tests with factories, auth plugs, and tenant scoping. Use when building a new Phoenix REST API, adding CRUD endpoints, scaffolding resources, or converting an OpenAPI YAML into a Phoenix project.

Phoenix API Generator

Workflow

From OpenAPI YAML

1. Parse the OpenAPI spec β€” extract paths, schemas, request/response bodies. 2. Map each schema to an Ecto schema + migration. 3. Map each path to a controller action; group by resource context. 4. Generate auth plugs from securitySchemes. 5. Generate ExUnit tests covering happy path + validation errors.

From Natural Language

1. Extract resources, fields, types, and relationships from the description. 2. Infer context boundaries (group related resources). 3. Generate schemas, migrations, controllers, views, router, and tests. 4. Ask the user to confirm before writing files.

File Generation Order

1. Migrations (timestamps prefix: YYYYMMDDHHMMSS) 2. Ecto schemas + changesets 3. Context modules (CRUD functions) 4. Controllers + FallbackController 5. JSON renderers (Phoenix 1.7+ *JSON modules, or *View for older) 6. Router scope + pipelines 7. Auth plugs 8. Tests + factories

Phoenix Conventions

See references/phoenix-conventions.md for project structure, naming, context patterns.

Key rules:

  • One context per bounded domain (e.g., Accounts, Billing, Notifications).
  • Context is the public API β€” controllers never call Repo directly.
  • Schemas live under contexts: MyApp.Accounts.User.
  • Controllers delegate to contexts; return {:ok, resource} or {:error, changeset}.
  • Use FallbackController with action_fallback/1 to handle error tuples.
  • Ecto Patterns

    See references/ecto-patterns.md for schema, changeset, migration details.

    Key rules:

  • Always use timestamps(type: :utc_datetime_usec).
  • Binary IDs: @primary_key {:id, :binary_id, autogenerate: true} + @foreign_key_type :binary_id.
  • Separate create_changeset/2 and update_changeset/2 when create/update fields differ.
  • Validate required fields, formats, and constraints in changesets β€” not in controllers.
  • Multi-Tenancy

    Add tenant_id :binary_id to every tenant-scoped table. Pattern:

    # In context
    def list_resources(tenant_id) do
      Resource
      |> where(tenant_id: ^tenant_id)
      |> Repo.all()
    end

    In plug β€” extract tenant from conn and assign

    defmodule MyAppWeb.Plugs.SetTenant do import Plug.Conn def init(opts), do: opts def call(conn, _opts) do tenant_id = get_req_header(conn, "x-tenant-id") |> List.first() assign(conn, :tenant_id, tenant_id) end end

    Always add a composite index on [:tenant_id, ].

    Auth Plugs

    API Key

    defmodule MyAppWeb.Plugs.ApiKeyAuth do
      import Plug.Conn
      def init(opts), do: opts
      def call(conn, _opts) do
        with [key] <- get_req_header(conn, "x-api-key"),
             {:ok, account} <- Accounts.authenticate_api_key(key) do
          assign(conn, :current_account, account)
        else
          _ -> conn |> send_resp(401, "Unauthorized") |> halt()
        end
      end
    end
    

    Bearer Token

    defmodule MyAppWeb.Plugs.BearerAuth do
      import Plug.Conn
      def init(opts), do: opts
      def call(conn, _opts) do
        with ["Bearer " <> token] <- get_req_header(conn, "authorization"),
             {:ok, claims} <- MyApp.Token.verify(token) do
          assign(conn, :current_user, claims)
        else
          _ -> conn |> send_resp(401, "Unauthorized") |> halt()
        end
      end
    end
    

    Router Structure

    scope "/api/v1", MyAppWeb do
      pipe_through [:api, :authenticated]

    resources "/users", UserController, except: [:new, :edit] resources "/teams", TeamController, except: [:new, :edit] do resources "/members", MemberController, only: [:index, :create, :delete] end end

    Test Generation

    See references/test-patterns.md for ExUnit, Mox, factory patterns.

    Key rules:

  • Use async: true on all tests that don't share state.
  • Use Ecto.Adapters.SQL.Sandbox for DB isolation.
  • Factory module using ex_machina or hand-rolled build/1, insert/1.
  • Test contexts and controllers separately.
  • For controllers: test status codes, response body shape, and error cases.
  • Mock external services with Mox β€” define behaviours, set expectations in test.
  • Controller Test Template

    defmodule MyAppWeb.UserControllerTest do
      use MyAppWeb.ConnCase, async: true

    import MyApp.Factory

    setup %{conn: conn} do user = insert(:user) conn = put_req_header(conn, "authorization", "Bearer #{token_for(user)}") {:ok, conn: conn, user: user} end

    describe "index" do test "lists users", %{conn: conn} do conn = get(conn, ~p"/api/v1/users") assert %{"data" => users} = json_response(conn, 200) assert is_list(users) end end

    describe "create" do test "returns 201 with valid params", %{conn: conn} do params = params_for(:user) conn = post(conn, ~p"/api/v1/users", user: params) assert %{"data" => %{"id" => _}} = json_response(conn, 201) end

    test "returns 422 with invalid params", %{conn: conn} do conn = post(conn, ~p"/api/v1/users", user: %{}) assert json_response(conn, 422)["errors"] != %{} end end end

    JSON Renderer (Phoenix 1.7+)

    defmodule MyAppWeb.UserJSON do
      def index(%{users: users}), do: %{data: for(u <- users, do: data(u))}
      def show(%{user: user}), do: %{data: data(user)}

    defp data(user) do %{ id: user.id, email: user.email, inserted_at: user.inserted_at } end end

    Checklist Before Writing

  • [ ] Migrations use timestamps(type: :utc_datetime_usec)
  • [ ] Binary IDs configured if project uses UUIDs
  • [ ] Tenant scoping applied where needed
  • [ ] Auth plug wired in router pipeline
  • [ ] FallbackController handles {:error, changeset} and {:error, :not_found}
  • [ ] Tests cover 200, 201, 404, 422 status codes
  • [ ] Factory defined for each schema