Book Image

Python API Development Fundamentals

By : Jack Chan, Ray Chung, Jack Huang
Book Image

Python API Development Fundamentals

By: Jack Chan, Ray Chung, Jack Huang

Overview of this book

Python is a flexible language that can be used for much more than just script development. By knowing the Python RESTful APIs work, you can build a powerful backend for web applications and mobile applications using Python. You'll take your first steps by building a simple API and learning how the frontend web interface can communicate with the backend. You'll also learn how to serialize and deserialize objects using the marshmallow library. Then, you'll learn how to authenticate and authorize users using Flask-JWT. You'll also learn how to enhance your APIs by adding useful features, such as email, image upload, searching, and pagination. You'll wrap up the whole book by deploying your APIs to the cloud. By the end of this book, you'll have the confidence and skill to leverage the power of RESTful APIs and Python to build efficient web applications.

Related Content you might be interested in

Current Title:

Small book image
Python API Development Fundamentals
Jack Chan | Ray Chung | Jack Huang
Nov, 2019 | 372 pages
Small book image
Hands-On RESTful Python Web Services
Gaston C Hillar
Dec, 2018 | 500 pages
Small book image
Mastering Flask Web Development
Jack Stouffer | Daniel Gaspar
Oct, 2018 | 332 pages
Table of Contents (12 chapters)
Preface
Preface
About the Book
Free Chapter
1
1. Your First Step
1. Your First Step
Introduction
Understanding API
RESTful API
HTTP Protocol
HTTP Methods and CRUD
The JSON Format
HTTP Status Codes
Open API
The Flask Web Framework
Building a Simple Recipe Management Application
Using curl or httpie to Test All the Endpoints
Postman
Summary
2
2. Starting to Build Our Project
2. Starting to Build Our Project
Introduction
What is Flask-RESTful?
Virtual Environment
Creating a Recipe Model
Configuring Endpoints
Making HTTP Requests to the Flask API using curl and httpie
Summary
3
3. Manipulating a Database with SQLAlchemy
3. Manipulating a Database with SQLAlchemy
Introduction
Databases
SQL
ORM
Defining Our Models
Password Hashing
Summary
4
4. Authentication Services and Security with JWT
4. Authentication Services and Security with JWT
Introduction
JWT
Flask-JWT-Extended
Designing the Methods in the Recipe Model
Refresh Tokens
The User Logout Mechanism
Summary
5
5. Object Serialization with marshmallow
5. Object Serialization with marshmallow
Introduction
Serialization versus Deserialization
marshmallow
A Simple Schema
UserSchema Design
RecipeSchema Design
The PATCH Method
Summary
6
6. Email Confirmation
6. Email Confirmation
Introduction
Mailgun
User Account Activation Workflow
HTML Format Email
Summary
7
7. Working with Images
7. Working with Images
Introduction
Building the User Avatar Function
Flask-Uploads
Image Resizing and Compression
Introduction to Pillow
Summary
8
8. Pagination, Searching, and Ordering
8. Pagination, Searching, and Ordering
Introduction
Pagination
Paginated APIs
Recipe Searching
Sorting and Ordering
Summary
9
9. Building More Features
9. Building More Features
Introduction
Caching
Flask-Caching
API Rate Limiting
Flask-Limiter
Summary
10
10. Deployment
10. Deployment
Introduction
Deployment
Comparing SaaS, PaaS, and IaaS
The Heroku Platform
Configuration Handling in Smilecook
Heroku Application
Heroku Add-Ons
Setting Up Environment Variables for the Heroku App
Setting Up Variables in Postman
Setting up the Front-end Interface to Work with the Smilecook API
Summary
Appendix
Appendix
1: Your First Step
2: Starting to Build Our Project
3: Manipulating a Database with SQLAlchemy
4: Authenticated Services and Security with JWTs
5: Validating APIs Using marshmallow
6: Email Confirmations
7: Working with Images
8: Pagination, Searching, and Ordering
9: Building More Features
10: Deployment

4: Authenticated Services and Security with JWTs

Activity 7: Implementing Access Control on the publish/unpublish Recipe Function

Solution

  1. Modify the put method in RecipePublishResource to restrict access to only authenticated users. In resources/token.py, add the @jwt_required decorator on top of the RecipePublishResource.put method. Use the get_jwt_identity() function to identify whether the authenticated user is the owner of the recipe:
        @jwt_required
    def put(self, recipe_id):
        recipe = Recipe.get_by_id(recipe_id=recipe_id)
        if recipe is None:
            return {'message': 'Recipe not found'}, HTTPStatus.NOT_FOUND
        current_user = get_jwt_identity()
        if current_user...
Previous Section
End of Section
Next Section