# 5. API Specification 基于技术栈中选择的REST API风格,创建OpenAPI 3.0规范: ## OpenAPI 3.0规范(修订) ```yaml openapi: 3.0.0 info: title: shadcn管理后台API version: 1.0.0 description: 基于Hono框架的RESTful API,支持用户认证和权限管理 servers: - url: http://localhost:8080/api description: 本地开发环境(8080端口) - url: https://your-domain.com:8080/api description: 生产环境(8080端口) components: securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT schemas: User: type: object properties: id: type: string format: uuid email: type: string format: email name: type: string role: type: string enum: [admin, user] status: type: string enum: [active, inactive, suspended] createdAt: type: string format: date-time updatedAt: type: string format: date-time AuthResponse: type: object properties: user: $ref: '#/components/schemas/User' token: type: string expiresIn: type: integer ErrorResponse: type: object properties: error: type: object properties: code: type: string message: type: string details: type: object paths: /auth/login: post: summary: 用户登录 tags: [认证] requestBody: required: true content: application/json: schema: type: object properties: email: type: string format: email password: type: string responses: '200': description: 登录成功 content: application/json: schema: $ref: '#/components/schemas/AuthResponse' '401': description: 认证失败 content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' /auth/register: post: summary: 用户注册 tags: [认证] requestBody: required: true content: application/json: schema: type: object properties: email: type: string format: email password: type: string name: type: string responses: '201': description: 注册成功 content: application/json: schema: $ref: '#/components/schemas/AuthResponse' '400': description: 请求参数错误 content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' /users: get: summary: 获取用户列表 tags: [用户管理] security: - bearerAuth: [] parameters: - name: page in: query schema: type: integer default: 1 - name: limit in: query schema: type: integer default: 20 responses: '200': description: 用户列表 content: application/json: schema: type: object properties: users: type: array items: $ref: '#/components/schemas/User' total: type: integer page: type: integer limit: type: integer '401': description: 未授权 content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' ``` ## 基于hono/client的RPC方式 **后端API路由定义:** ```typescript // apps/api/src/routes/index.ts export const app = new Hono() .route('/auth', authRoutes) .route('/users', userRoutes); export type AppType = typeof app; ``` **前端类型安全调用:** ```typescript // apps/admin/src/lib/api-client.ts import { hc } from 'hono/client'; import type { AppType } from '@api/routes'; // 直接从后端导入类型 export const apiClient = hc('http://localhost:8080'); // 类型安全的API调用 const response = await apiClient.auth.login.$post({ json: { email: 'user@example.com', password: 'password123' } }); const data = await response.json(); // 自动类型推断 ``` ## Zod Schema独立配置 **共享Zod Schema定义:** ```typescript // packages/shared/src/schemas/index.ts export const userSchema = { create: z.object({ email: z.string().email('请输入有效的邮箱地址'), name: z.string().min(1, '姓名不能为空'), password: z.string().min(6, '密码至少6位'), role: z.enum(['admin', 'user']).default('user'), }), update: z.object({ email: z.string().email('请输入有效的邮箱地址').optional(), name: z.string().min(1, '姓名不能为空').optional(), role: z.enum(['admin', 'user']).optional(), status: z.enum(['active', 'inactive', 'suspended']).optional(), }).partial(), }; ```