Sign In Start Free Trial

Book Overview & Buying
Table Of Contents

Python API Development Fundamentals

By : Chan, Ray Chung , Jack Huang

3 (7)

Python API Development Fundamentals

3 (7)

By: Chan, Ray Chung , Jack Huang

Overview of this book

Python is a flexible language that can be used for much more than just script development. By knowing the Python RESTful APIs work, you can build a powerful backend for web applications and mobile applications using Python. You'll take your first steps by building a simple API and learning how the frontend web interface can communicate with the backend. You'll also learn how to serialize and deserialize objects using the marshmallow library. Then, you'll learn how to authenticate and authorize users using Flask-JWT. You'll also learn how to enhance your APIs by adding useful features, such as email, image upload, searching, and pagination. You'll wrap up the whole book by deploying your APIs to the cloud. By the end of this book, you'll have the confidence and skill to leverage the power of RESTful APIs and Python to build efficient web applications.

Preface

Preface

About the Book

Free Chapter

1. Your First Step

1. Your First Step

Introduction

Understanding API

RESTful API

HTTP Protocol

HTTP Methods and CRUD

The JSON Format

HTTP Status Codes

Open API

The Flask Web Framework

Building a Simple Recipe Management Application

Using curl or httpie to Test All the Endpoints

Postman

Summary

2. Starting to Build Our Project

2. Starting to Build Our Project

Introduction

What is Flask-RESTful?

Virtual Environment

Creating a Recipe Model

Configuring Endpoints

Making HTTP Requests to the Flask API using curl and httpie

Summary

3. Manipulating a Database with SQLAlchemy

3. Manipulating a Database with SQLAlchemy

Introduction

Databases

SQL

ORM

Defining Our Models

Password Hashing

Summary

4. Authentication Services and Security with JWT

4. Authentication Services and Security with JWT

Introduction

JWT

Flask-JWT-Extended

Designing the Methods in the Recipe Model

Refresh Tokens

The User Logout Mechanism

Summary

5. Object Serialization with marshmallow

5. Object Serialization with marshmallow

Introduction

Serialization versus Deserialization

marshmallow

A Simple Schema

UserSchema Design

RecipeSchema Design

The PATCH Method

Summary

6. Email Confirmation

6. Email Confirmation

Introduction

Mailgun

User Account Activation Workflow

HTML Format Email

Summary

7. Working with Images

7. Working with Images

Introduction

Building the User Avatar Function

Flask-Uploads

Image Resizing and Compression

Introduction to Pillow

Summary

8. Pagination, Searching, and Ordering

8. Pagination, Searching, and Ordering

Introduction

Pagination

Paginated APIs

Recipe Searching

Sorting and Ordering

Summary

9. Building More Features

9. Building More Features

Introduction

Caching

Flask-Caching

API Rate Limiting

Flask-Limiter

Summary

10. Deployment

10. Deployment

Introduction

Deployment

Comparing SaaS, PaaS, and IaaS

The Heroku Platform

Configuration Handling in Smilecook

Heroku Application

Heroku Add-Ons

Setting Up Environment Variables for the Heroku App

Setting Up Variables in Postman

Setting up the Front-end Interface to Work with the Smilecook API

Summary

Appendix

Appendix

1: Your First Step

2: Starting to Build Our Project

3: Manipulating a Database with SQLAlchemy

4: Authenticated Services and Security with JWTs

5: Validating APIs Using marshmallow

6: Email Confirmations

7: Working with Images

8: Pagination, Searching, and Ordering

9: Building More Features

10: Deployment

The User Logout Mechanism

The Flask-JWT-Extended package supports the logout function. The way it works is to put the token into a blacklist when the user is logged out. A blacklist is basically a blocklist; it is an access control mechanism. Things (for example, emails, tokens, IDs, and so on) on the list will be denied access. With the blacklist in place, the application can use token_in_blacklist_loader to verify whether the user has logged out or not:

Figure 4.16: The user logout mechanism using a blacklist

In the next exercise, we want you to try implementing this logout function. It will test your understanding of the login and logout flow.

Exercise 31: Implementing the Logout Function

In this exercise, we will implement the logout function. We will first declare a black_list to store all the logged-out access tokens. Later, when the user wants to visit the access-controlled API endpoints, we will first check whether the access token is still valid...

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Python API Development Fundamentals

Search

Your notes and bookmarks