Book Image

Building Python Web APIs with FastAPI

By : Abdulazeez Abdulazeez Adeshina
Book Image

Building Python Web APIs with FastAPI

By: Abdulazeez Abdulazeez Adeshina

Overview of this book

RESTful web services are commonly used to create APIs for web-based applications owing to their light weight and high scalability. This book will show you how FastAPI, a high-performance web framework for building RESTful APIs in Python, allows you to build robust web APIs that are simple and intuitive and makes it easy to build quickly with very little boilerplate code. This book will help you set up a FastAPI application in no time and show you how to use FastAPI to build a REST API that receives and responds to user requests. You’ll go on to learn how to handle routing and authentication while working with databases in a FastAPI application. The book walks you through the four key areas: building and using routes for create, read, update, and delete (CRUD) operations; connecting the application to SQL and NoSQL databases; securing the application built; and deploying your application locally or to a cloud environment. By the end of this book, you’ll have developed a solid understanding of the FastAPI framework and be able to build and deploy robust REST APIs.
Table of Contents (14 chapters)
Part 1: An Introduction to FastAPI
Part 2: Building and Securing FastAPI Applications
Part 3: Testing And Deploying FastAPI Applications

Chapter 7: Securing FastAPI Applications

In the last chapter, we looked at how to connect a FastAPI application to a SQL and NoSQL database. We successfully implemented database methods and updated the existing routes to enable interactions between the application and the database. However, the planner application continues to allow anybody to add an event as opposed to only authenticated users. In this chapter, we will secure the application using JSON Web Token (JWT) and restrict some event operations to only authenticated users.

Securing an application involves the addition of security measures to restrict access to application functionalities from unauthorized entities to prevent hacks or illegal modifications of the application. Authentication is the process of verifying the credentials passed by an entity and authorization simply means giving an entity permission to perform designated actions. When credentials have been verified, the entity is then authorized to carry out...