Checklist:

• [ ] Clear separation of concerns
• [ ] Domain logic separated from controllers
• [ ] Business logic not inside routes
• [ ] Business logic not inside models
• [ ] Reusable services implemented
• [ ] Event-driven where appropriate
• [ ] Scalability considered
• [ ] Maintainability prioritized

Recommended Structure:

app/
├── Http/
│   ├── Controllers/
│   ├── Middleware/
│   └── Requests/
├── Services/
├── Repositories/
├── Jobs/
├── Events/
├── Listeners/
├── Policies/
├── DTOs/
├── Actions/
└── Exceptions/

Checklist:

• [ ] Thin controllers
• [ ] Single responsibility
• [ ] Validation delegated to FormRequest
• [ ] Business logic moved to Service/Action
• [ ] Consistent response format

Bad:

public function store(Request $request)
{
    // validation
    // business logic
    // database logic
    // external api call
}

Good:

public function store(CreateOrderRequest $request)
{
    return $this->orderService->create(
        $request->validated()
    );
}

Checklist:

• [ ] Complex business logic in Service
• [ ] Reusable logic centralized
• [ ] Services unit tested
• [ ] No duplicated business logic

Example:

OrderService
PaymentService
InventoryService
NotificationService

Checklist:

• [ ] One action = one use case
• [ ] Easy to test
• [ ] Easy to reuse

Example:

CreateOrderAction
CancelOrderAction
ProcessRefundAction

Checklist:

• [ ] FormRequest used
• [ ] Validation rules centralized
• [ ] Authorization handled

Good:

class CreateOrderRequest extends FormRequest
{
    public function rules()
    {
        return [
            'email' => 'required|email'
        ];
    }
}

Bad:

if (!$request->email) {
   ...
}

Checklist:

• [ ] All schema changes via migration
• [ ] No manual database changes
• [ ] Rollback supported
• [ ] Indexes defined
• [ ] Foreign keys reviewed

Example:

$table->index('email');
$table->foreignId('user_id');

Checklist:

• [ ] No N+1 queries
• [ ] Eager loading used
• [ ] Index usage verified
• [ ] Pagination used

Bad:

foreach ($users as $user) {
    echo $user->orders;
}

Good:

User::with('orders')->get();

Checklist:

• [ ] Relationships defined properly
• [ ] Mass assignment protected
• [ ] Hidden fields configured
• [ ] Casting configured
• [ ] Accessors/Mutators used correctly

Example:

protected $fillable = [
    'name',
    'email'
];

protected $hidden = [
    'password'
];

Checklist:

• [ ] Consistent endpoints
• [ ] Proper HTTP verbs
• [ ] Proper status codes
• [ ] Versioning strategy

Examples:

GET     /api/v1/orders
POST    /api/v1/orders
GET     /api/v1/orders/{id}
PUT     /api/v1/orders/{id}
DELETE  /api/v1/orders/{id}

Checklist:

• [ ] Consistent structure
• [ ] Error handling standardized

Example:

{
  "success": true,
  "data": {}
}

Error:

{
  "success": false,
  "message": "Validation failed"
}

Checklist:

• [ ] Authentication