privateevent/laravel

Auto-generated, beautifully styled API documentation page for Laravel apps. Zero-config, scans routes/api.php, reads PHPDoc and FormRequest rules.

Maintainers

Package info

github.com/uprod-team/laravel-apidox

pkg:composer/privateevent/laravel

Statistics

Installs: 1

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v0.1.1 2026-05-11 14:20 UTC

Requires

Requires (Dev)

MIT 99383512a4888c7295279a4ee57ebaf44361800c

  • Laurent Guyard <l.guyard.woop@n2xlabs.com>

documentationrestapidocslaravelwebhookssanctum

This package is auto-updated.

Last update: 2026-05-11 14:21:42 UTC

README

Latest Stable Version Tests Total Downloads License

Auto-generated, beautifully styled API documentation page for Laravel apps.

Apidox scans your routes/api.php, reads your controller PHPDoc and FormRequest rules, and renders a clean, opinionated, Trust & Authority style documentation page β€” ready to share with API consumers.

Zero config. Install, hit /developers, ship.

composer require privateevent/laravel

That's it. Visit https://yourapp.test/developers and your API is documented.

Why

Tools like Scribe, L5-Swagger, or Laravel Knuckles are powerful but heavy: they require annotations, generate static files, or rely on OpenAPI YAML.

Apidox takes the opposite approach:

  • Runtime. No build step, no static files. The page reflects your current routes.
  • Convention over configuration. PHPDoc summary β†’ endpoint summary. FormRequest rules β†’ body params table.
  • Zero CSS dependencies. Embedded ~10KB stylesheet, no Tailwind required in the host project.
  • Trust & Authority design. Navy + sky-blue, Lexend headings, monospace code blocks, sticky TOC.

Features

  • πŸ” Route auto-discovery β€” Scans routes/api.php (configurable prefix)
  • πŸ“ PHPDoc parsing β€” /** ... */ summary + description on controller methods
  • βœ… FormRequest introspection β€” Reads rules() to build a parameters table
  • πŸ”’ Auth detection β€” Recognizes auth:sanctum, auth:api, etc.
  • 🚦 Rate limit detection β€” Extracts throttle:60,1 from route middleware
  • πŸͺ Webhooks section β€” Configurable, with HMAC signature verification code samples
  • 🎨 Embedded CSS β€” Zero dependencies, ~10KB
  • πŸ›£ Custom route β€” Default /developers, change via config
  • 🌐 i18n-friendly β€” All copy in views (publishable)
  • πŸ“¦ Laravel 9 β†’ 13 Β· PHP 8.0 β†’ 8.4

Installation

composer require privateevent/laravel

Optional β€” publish config to customize:

php artisan vendor:publish --tag=apidox-config

Optional β€” publish views to fully override:

php artisan vendor:publish --tag=apidox-views

Configuration

The default config (config/apidox.php after publishing) is documented inline. Highlights:

return [
    'route' => '/developers',        // null to disable
    'middleware' => ['web'],

    'branding' => [
        'name' => env('APP_NAME', 'API'),
        'title' => 'Documentation dΓ©veloppeurs',
        'tagline' => 'IntΓ©grez nos endpoints REST dans votre application.',
    ],

    'base_url' => env('APP_URL').'/api/v1',

    'scan' => [
        'prefixes' => ['api/v1', 'api'],
        'exclude_uris' => ['_ignition/*', 'telescope/*'],
    ],

    'auth' => [
        'type' => 'bearer',
        'header_name' => 'Authorization',
        'instructions' => 'Contact us to get a token.',
    ],

    'webhooks' => [
        'enabled' => true,
        'events' => [
            'resource.created' => 'Sent when a new resource is created.',
        ],
        'signature_header' => 'X-Webhook-Signature',
        'signature_algorithm' => 'sha256',
    ],

    'rate_limit' => '60 requests per minute per token',
    'support' => ['email' => 'api@yourcompany.com'],
];

Documenting your endpoints

PHPDoc summary

The first line of your method's /** ... */ becomes the endpoint summary. The rest (until the first @tag) becomes the description.

class WidgetController
{
    /**
     * Create a new widget.
     *
     * Creates a widget owned by the authenticated user. The widget is
     * immediately visible in the catalog.
     */
    public function store(StoreWidgetRequest $request)
    {
        // ...
    }
}

FormRequest rules β†’ params table

When your controller method type-hints a FormRequest subclass, Apidox reads its rules() and renders a parameters table with type inference (integer, boolean, string (email), enum, file, …).

class StoreWidgetRequest extends FormRequest
{
    public function rules(): array
    {
        return [
            'name' => 'required|string|max:120',
            'color' => 'required|in:red,blue,green',
            'quantity' => 'integer|min:1',
        ];
    }
}

Renders as:

Field Type Required Rules
name string oui required|string|max:120
color enum oui required|in:red,blue,green
quantity integer non integer|min:1

Auth & rate-limit detection

Apidox reads your route middleware automatically:

Route::middleware(['auth:sanctum', 'throttle:60,1'])
    ->post('/api/v1/widgets', [WidgetController::class, 'store']);

The endpoint card shows badges: Auth: Bearer (Sanctum) Β· Rate: 60,1.

Webhooks

Set apidox.webhooks.enabled = true and list your events:

'webhooks' => [
    'enabled' => true,
    'events' => [
        'invoice.paid' => 'Fired when an invoice payment is confirmed.',
        'user.signed_up' => 'Fired on successful registration.',
    ],
    'signature_header' => 'X-MyApp-Signature',
    'signature_algorithm' => 'sha256',
],

The Webhooks section renders with code samples for HMAC signature verification.

Customizing the page

Two levels of customization:

  1. Light β€” change config (route, branding, auth instructions, support email).
  2. Heavy β€” php artisan vendor:publish --tag=apidox-views then edit resources/views/vendor/apidox/index.blade.php.

The CSS can also be overridden by publishing the assets and editing public/vendor/apidox/apidox.css.

Testing

composer install
composer test

License

MIT. See LICENSE.