litestar-openapi
OpenAPI
Execution Workflow
- Decide whether OpenAPI should be enabled, restricted, or disabled for the app.
- Set app-level
OpenAPIConfigfor title, version, docs endpoints, servers, tags, and render plugins. - Add route-level metadata deliberately:
summary,description,response_description,tags,security,operation_id,raises, andinclude_in_schema. - Use schema-generation customization only when default model generation is insufficient.
- Choose UI render plugins and endpoint paths intentionally for each environment.
- Validate that generated docs match real request, auth, and metrics behavior.
Core Rules
- Keep documentation truthful to runtime behavior.
- Centralize OpenAPI config at app construction.
- Use route-level metadata only where it improves clarity or correctness.
- Disable schema generation with
openapi_config=Noneonly when docs must not be exposed. - Keep request, response, security, and metrics documentation aligned with the skills that own those runtime behaviors.
- Prefer current render-plugin configuration over legacy controller-style customization paths.
More from alti3/litestar-skills
litestar-responses
Build Litestar responses with typed return values, explicit Response containers, layered response classes, headers, cookies, status-code control, redirects, files, streams, server-sent events, ASGI app returns, and background tasks. Use when shaping outbound HTTP behavior, correcting response contracts, or choosing the right Litestar response primitive. Do not use for request parsing, validation, or authentication policy design.
22litestar-logging
Configure Litestar logging with `LoggingConfig`, `queue_listener`, exception logging policy, selective stack-trace suppression, standard logging, picologging, Structlog, and custom logging config subclasses. Use when establishing or refactoring application logging behavior, request-level logs, or production-safe error logging in Litestar. Do not use for metrics/tracing instrumentation or exception-response contract design.
22litestar-authentication
Implement Litestar authentication with custom authentication middleware, built-in security backends, JWT and session flows, route inclusion and exclusion rules, and typed auth context on `Request` / `ASGIConnection`. Use when establishing identity, issuing or validating credentials, or attaching authenticated user context in Litestar. Do not use for generic request parsing, broad security audits, or unrelated transport concerns.
22litestar-middleware
Design and apply Litestar middleware for cross-cutting concerns such as CORS, CSRF, allowed-host checks, compression, rate limiting, logging, sessions, request enrichment, policy enforcement, and custom ASGI pipeline control. Use when behavior must wrap broad route sets consistently across the ASGI stack. Do not use for route-specific business rules, simple response mutation better handled by lifecycle hooks, or auth/guard policy work that belongs in security-focused skills.
20litestar-routing
Design and implement Litestar routing with app/router/controller composition, handler decorators, path and parameter modeling, route indexing/reverse lookups, ASGI mounting, and layered route metadata. Use when creating or refactoring endpoint topology and URL contracts. Do not use for purely internal service logic unrelated to HTTP route structure.
18litestar-dto
Configure Litestar DTO behavior for inbound parsing and outbound serialization, including layer-scoped `dto`/`return_dto`, `DTOConfig` policies, `DTOData` update workflows, and custom `AbstractDTO` implementations. Use when API payload contracts differ from internal model structures. Do not use when internal models can be exposed safely without transformation.
18