FastAPI Summary

Short
1. Open a bash terminal in the project folder
2. Activate the Virtual Environment
```
. venv/Scripts/activate  
```
3. Run a server
```
uvicorn main:app --reload
```
4. Check using documentation by running in the browser
  
  http://127.0.0.1:8000/docs
5. Run in the browser
  
  http://127.0.0.1:8000

New Project Creation

Open a VS Code bash terminal in the project folder

Create `requirements.txt` file

```
  fastapi
  uvicorn
```

  # FastAPI
  fastapi

  # Local server
  uvicorn

  # Validation of values
  pydantic

  # For uploading files
  python-multipart

  # For static files (used for uploaded files)
  aiofiles 
  
  # For database
  sqlalchemy

  # For hashing password
  passlib
  bcrypt

  #for loading environment variables
  python-dotenv

  # Used for authentication
  python-jose

Create .gitignore file
```
venv/
__pycache__/      
```

Create main.py file

  from fastapi import FastAPI

  app = FastAPI()

  @app.get("/")
  def index():
    return {'message': "Hello World!!!"}

Install Virtual Environment
```
python -m venv venv  
```

Install all at once
```
  pip install -r requirements.txt
```

Activate the Virtual Environment
```
. venv/Scripts/activate  
```
Expected result in the terminal:
```
  (venv)  
```
Note: if there are some problems, make sure Git and GitBash are installed in the computer.

Run a server
```
uvicorn main:app --reload
```

Check using documentation

http://127.0.0.1:8000/docs

Run in the browser

http://127.0.0.1:8000

Installation
1. Install Python
  
  https://www.python.org/downloads/
2. Install in the virtual environment
  1. Create a folder fastapi-practice
  2. Create .gitignore file with the following content
```
venv/
__pycache__/               
              
```
  3. Open a terminal on fastapi-practice folder
  4. Create Virtual Environment
    
    Perform in the bash terminal:
    
    python -m venv venv
    
    OR
    
    python3 -m venv venv
  5. Activate Virtual Environment
    
    Perform in the bash terminal:
    
    . venv/Scripts/activate
    
    Expected result on the terminal: (venv) <-- a folder name
  6. Check Virtual Environment was Activated
```
  which python
```
    In case everything OK, it shows a folder of the virtual environment and not the general computer folder of Python installation
    
    If it shows general computer folder of Python installation, means there is a problem.
  7. Install fastAPI
    pip install fastapi
  8. Install and run a server
    1. Install a server
      to make endpoints available on a local machine
      
      pip install uvicorn
      uvicorn --version
    2. Create an main.py - on the same level as venv folder
```
      from fastapi import FastAPI

      app = FastAPI()

      @app.get("/")
      def index():
        return {'message': "Hello World!!!"}
```
    3. Run a server
      uvicorn main:app --reload
    4. See in a browser
      http://127.0.0.1:8000

Install using requirements.txt file
- Activate Virtual Environment
```
. venv/Scripts/activate  
```
- requirements.txt
  
  On the same level as main.py create requirements.txt
```
  fastapi
  uvicorn
  sqlalchemy  
```
- Install all at once
```
  pip install -r requirements.txt
```
- Save versions of installed packages
```
  pip freeze > current_requirements.txt
```

FastAPI's Features
- Automatic documentation
- Uses Python 3
- Automatic validation of the type of parameters
  - Pydantic is used to validate the values
- Security and authentication are integrated
- Dependency injection
- Testing - 100% coverage

FastAPI's Automatic Documentation
- Access Swagger Documentation
  
  http://127.0.0.1:8000/docs
  1. Press on "Try it out" button
  2. Press on Execute
- Access ReDoc Documentation
  
  http://127.0.0.1:8000/redoc
Use JSON Formatter extension for Chrome to see error messages in a nice way

REST APIs methods

GET method

Path parameters

Example

    @app.get("/blog/{id}")
    def get_blog(id):
      return {'message': f"Blog with id {id}"}

Order of the operations @app.get... is important

Works fine

  @app.get("/blog/all")
  def get_all_blog():
    return {'message': "All blogs provided"}

  @app.get("/blog/{id}")
  def get_blog(id: int):
    return {'message': f"Blog with id {id}"}

Error on /blog/all

  @app.get("/blog/{id}")
  def get_blog(id: int):
    return {'message': f"Blog with id {id}"}


  @app.get("/blog/all")
  def get_all_blog():
    return {'message': "All blogs provided"}

Predefined values in path

Example:

  from enum import Enum

  class BlogType(str, Enum):
    short = 'short'
    story = 'story'
    howto = 'howto'
    
  @app.get("/blog/type/{type}")
  def get_blog_type(type: BlogType):
    return {'message': f"Blog type {type}"}

Query parameters

Simple Example

Code:

    @app.get("/blog/all")
    def get_blogs(page: int, page_size: int):
      return {'message': f"All {page_size} blogs on page {page}"}

Run in browser
http://127.0.0.1:8000/blog/all?page=2&page_size=10

Check using documentation
http://127.0.0.1:8000/docs

Default values

Code

    @app.get("/blog/all")
    def get_blogs(page = 1, page_size = 10):
      return {'message': f"All {page_size} blogs on page {page}"}

Run in browser
http://127.0.0.1:8000/blog/all

Check using documentation
http://127.0.0.1:8000/docs

Optional parameters

Code

    from typing import Optional

    @app.get("/blog/all")
    def get_blogs(page = 1, page_size: Optional[int] = None):
      return {'message': f"All {page_size} blogs on page {page}"}

Run in browser
http://127.0.0.1:8000/blog/all

Check using documentation
http://127.0.0.1:8000/docs

Query and Path parameters

Code

@app.get("/blog/{id}/comments/{comment_id}")
def get_comment(id: int, comment_id: int, valid: bool = True, username: Optional[str] = None):
  return {'message': f"Blog_id {id}, comment_id {comment_id}, valid {valid}, username {username}"}

Run in browser
http://127.0.0.1:8000/blog/5/comments/10/?valid=False&username=guest

Check using documentation
http://127.0.0.1:8000/docs

POST method

What is done

Read request body as JSON
Data validation
Data type conversion of body request and response
Pydantic BaseModel is used to convert a JSON to a model we use in FastAPI

Also it returns result in a JSON format

Request Body

Example

routers/blog/blog_post.py

    from fastapi import APIRouter
    from models.blog.blog_model import BlogModel

    router = APIRouter(
        prefix='/blog',
        tags=['blog']
    )

    @router.post("/")
    def create_blog(blog: BlogModel):
      title = blog.title
      return {"data": blog}

models/blog/blog_model.py

from typing import List, Optional
from pydantic import BaseModel

class BlogModel(BaseModel):
  title: str
  content: str
  number_of_comments: int
  is_published: Optional[bool]
  tags: List[str] = []  # default value is [],     "tags": ['tag1', 'tag2']

Path and Query Parameters

# Example: POST: http://127.0.0.1:8000/blog/25?version=3
@router.post("/{id}")
def create_blog(blog: BlogModel, id: int, version: int = 1):
  return {
    "id": id,
    "blog": blog,
    "version": version
    }

Parameters Metadata

Information displayed in the documentation
Using the Query, Path and Body imports

Add title and description in the documentation

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                     comment_id: int = Query(None,
                     title='Id of the comment',         <-- not implemented yet
                     description='Some description of comment_id'
                   )):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id
  }

Add alias

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int = Query(None,
                     title='Id of the comment',
                     description='Some description of comment_id',
                     alias='commentId'        <-----
                   )):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id
  }

Add deprecation

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int = Query(None,
                     title='Id of the comment',
                     description='Some description of comment_id',
                     alias='commentId',
                     deprecated=True
                   )):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id
  }

Validator

Default value

When default value exists, the parameter becomes optional.

from fastapi import APIRouter, Query, Body, Path
from typing import List, Optional
from models.blog.blog_model import BlogModel

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int = Query(None,
                     title='Id of the comment',
                     description='Some description of comment_id',
                     alias='commentId',
                     deprecated=True
                   ),
                   content: str = Body('hi, how are you?')  # optional parameter
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "content": content
  }

Required value

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int = Query(None,
                     title='Id of the comment',
                     description='Some description of comment_id',
                     alias='commentId',
                     deprecated=True
                   ),                  
                   content: str = Body(...) # same as content: str = Body(Ellipsis)
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "content": content
  }

Require minimum length

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int,
                   content: str = Body(..., 
                                       min_length=10
                                       )
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "content": content
  }

Require maximum length

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int,
                   content: str = Body(..., 
                                       min_length=10,
                                       max_length=12
                                       )
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "content": content
  }

Regex - regular expression validation

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int,
                   content: str = Body(..., 
                                       min_length=10,
                                       max_length=50,
                                       regex='^[a-z\s]*$'
                                       )
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "content": content
  }

Multiple values in query parameters

Request

#Example: POST http://127.0.0.1:8000/blog/1/comment?comment_id=2&ver=1.0&ver=1.1

@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int,
                   content: str = Body(..., 
                                       min_length=10,
                                       max_length=50,
                                       regex='^[a-z\s]*$'
                                       ),
                   ver: Optional[List[str]] = Query(None)  <----                                    
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "content": content,
      "ver": ver
  }

Response

{
  "id": 1,
  "blog": {
    "title": "string",
    "content": "string",
    "is_published": true,
    "number_of_comments": 0
  },
  "comment_id": 2,
  "content": "rwhlxapmoajqlfttukakpntpti",
  "ver": [
    "1.0",
    "1.1"
  ]
}

Multiple values in query parameters with default values

Request

#Example: POST http://127.0.0.1:8000/blog/1/comment?comment_id=2&ver=2.0&ver=2.1
@router.post('{id}/comment')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int,
                   content: str = Body(..., 
                                       min_length=10,
                                       max_length=50,
                                       regex='^[a-z\s]*$'
                                       ),
                   # ver: Optional[List[str]] = Query(None)                                      
                   ver: Optional[List[str]] = Query(['1.0', '1.1', '1.2'])
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "content": content,
      "ver": ver
  }

Response

{
  "id": 1,
  "blog": {
    "title": "string",
    "content": "string",
    "is_published": true,
    "number_of_comments": 0
  },
  "comment_id": 2,
  "content": "ssssssssss",
  "ver": [
    "1.0",
    "1.1",
    "1.2",
    "2.0"
  ]
}

Number Validators

Greater than
```
  comment_id: int = Path(None, gt=5)
```

Greater than or equal to
```
  comment_id: int = Path(None, ge=5)
```

Less than
```
  comment_id: int = Path(None, lt=5)
```

Less than or equal to
```
  comment_id: int = Path(None, le=5)
```

Example

Example: POST http://127.0.0.1:8000/blog1/comment/6?ver=1.0&ver=1.1&ver=1.2

from fastapi import APIRouter, Query, Body, Path
from typing import List, Optional
from models.blog.blog_model import BlogModel

@router.post('{id}/comment/{comment_id}')
def create_comment(blog: BlogModel, id: int, 
                   comment_id: int = Path(None, gt=5, le=10), # <----
                   comment_title: int = Query(None,
                              title='Id of the comment',
                              description='Some description of comment_id'
                            ),
                   content: str = Body(..., 
                                       min_length=10,
                                       max_length=50,
                                       regex='^[a-z\s]*$'
                                       ),                                      
                   ver: Optional[List[str]] = Query(['1.0', '1.1', '1.2'])
                   ):
  return {
      "id": id,
      "blog": blog,
      "comment_id": comment_id,
      "comment_title": comment_title,
      "content": content,
      "ver": ver
  }

Complex Subtype

List, set, dict, tuple, custom model subtypes

Example

from typing import List, Dict, Optional
from pydantic import BaseModel

class Image(BaseModel):
  url: str
  alias: str

class BlogModel(BaseModel):
  title: str
  content: str
  number_of_comments: int
  is_published: Optional[bool]
  tags: List[str] = []  # default value is []
  some_data: Dict[str, str] = {}  # {'key': 'val1'}
  image: Optional[Image] = None

Status Code

from fastapi import FastAPI, Response, status

@app.get("/blog/{id}", status_code=status.HTTP_200_OK)
def get_blog(id: int, response: Response):
  if id > 5:
    response.status_code = status.HTTP_404_NOT_FOUND
    return {'error': f'Blog {id} not found'}
  else:
    response.status_code = status.HTTP_200_OK
    return {'message': f"Blog with id {id}"}

Summary and Description

Used for documentation

Examples

Way # 1

  @app.get(
    "/blog/all",
    tags=['blog'],
    summary="Retrieve all blogs",
    description="This API call simulates fetching all blogs"
    )
  def get_blogs(page=1, page_size: Optional[int] = None):
    return {'message': f"All {page_size} blogs on page {page}"}

Way # 2

  @app.get("/blog/{id}/comments/{comment_id}", tags=['blog', 'comment'])
  def get_comment(id: int, comment_id: int, valid: bool = True, username: Optional[str] = None):
    """
      Simulates retrieving a comment of a blog
      - **id** mandatory path parameter
      - **comment_id** mandatory path parameter
      - **valid** optional query parameter
      - **username** optional query parameter
    """
    return {'message': f"Blog_id {id}, comment_id {comment_id}, valid {valid}, username {username}"}

Response description

Info about the output

    @app.get(
      "/blog/all",
      tags=['blog'],
      summary="Retrieve all blogs",
      description="This API call simulates fetching all blogs",
      response_description="The list of available blogs"        <---
      )
    def get_blogs(page=1, page_size: Optional[int] = None):
      return {'message': f"All {page_size} blogs on page {page}"}

Routes

Advantages

Separate operations into multiple files
Share a prefix between multiple operations
Share tags

Example

See project # 463/3

main.py

from fastapi import FastAPI
from routers.blog import blog_get
from routers.blog import blog_post

app = FastAPI()
app.include_router(blog_get.router)
app.include_router(blog_post.router)

@app.get("/")
def index():
  return {'message': "Hello World!!!"}

routers/blog/blog_get.py

from fastapi import APIRouter, Response, status
from typing import Optional

router = APIRouter(
  prefix='/blog', 
  tags=['blog']     <-- tags for all paths
)

@router.get(
    "/all",
    summary="Retrieve all blogs",
    description="This API call simulates fetching all blogs",
    response_description="The list of available blogs"
)
def get_blogs(page=1, page_size: Optional[int] = None):
  return {'message': f"All {page_size} blogs on page {page}"}

routers/blog/blog_post.py

    from fastapi import APIRouter

    router = APIRouter(
        prefix='/blog',
        tags=['blog']
    )

    @router.post("/")
    def create_blog():
      pass

Dependency injection

Example #1

blog_post.py file

  def required_functionality():
    return {'message': 'Learning FastAPI is important'}

blog_get.py file

from fastapi import Depends
...
from routers.blog.blog_post import required_functionality

@router.get("/all")
def get_blogs(page=1, page_size: Optional[int] = None, req_parameter: dict = Depends(required_functionality)):
  return {
    'message': f"All {page_size} blogs on page {page}",
    'info': req_parameter
    }

FastAPI and SQL database - sqlite

Based on Complete FastAPI masterclass from scratch 2023 on Udemy by Catalin Stefan

Step	Folder in the project	File
Open TablePlus software on the PC
Prepare requirements.txt	root	requirements.txt fastapi uvicorn sqlalchemy passlib bcrypt
Install Packages	root	deactivate . venv/Scripts/activate pip install -r requirements.txt uvicorn main:app --reload http://127.0.0.1:8000/docs
Database definition	db\	database.py
Model definition Creation of a user in the database	db\models\	db_user_model.py
Create database	root	main.py
Schema definition	schemas\user\	user_schema.py
ORM functionality	db\models\	db_user.py
API functionality	routers\user\	user.py
Delete db file if structure of tables was changed. Run server again to create a new *.db file.	root	fastapi-practice.db

Files

db\database.py

from sqlalchemy import create_engine
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import sessionmaker

SQLALCHEMY_DATABASE_URL = "sqlite:///./fastapi-practice.db"   <-- name of db file

engine = create_engine(
    SQLALCHEMY_DATABASE_URL, connect_args={"check_same_thread": False}
)
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)

Base = declarative_base()

def get_db():
  db = SessionLocal()
  # try to provide the db, close it at the end 
  try:
    yield db
  finally:
    db.close()

db\models\db_user_model.py

from sqlalchemy.sql.sqltypes import Integer, String, Boolean
from db.database import Base
from sqlalchemy import Column


class DbUser(Base):
  __tablename__ = 'users'
  id = Column(Integer, primary_key=True, index=True) # id = Column(Integer, primary_key=True, index=True) # will be automatically incremented when we add a new line in the table
  username = Column(String)
  email = Column(String)
  password = Column(String)

main.py

from fastapi import FastAPI
from routers.user import user
from routers.blog import blog_get
from routers.blog import blog_post
from db.models.user import db_user_modal
from db.database import engine

app = FastAPI()
app.include_router(user.router)
app.include_router(blog_get.router)
app.include_router(blog_post.router)

@app.get("/")
def index():
  return {'message': "Hello World!!!"}

db_user_modal.Base.metadata.create_all(engine)

schemas\user\user_schema.py

from pydantic import BaseModel
from typing import List, Dict, Optional

class UserBase(BaseModel):
  username: str
  email: str
  password: str  

class UserDisplay(BaseModel):  # what will be returned by API
  username: str
  email: str
  class Config():
    # allows the system automatically to return database data type (DbUser) into format we provided in UserDisplay class
    orm_mode = True   # object relational mapping - map what we have in the database to this class

db\db_user.py

from sqlalchemy.orm.session import Session
from schemas.user.user_schema import UserBase
from db.models.user.db_user_modal import DbUser
from db.hash import Hash

# Creation of a user in the database

def create_user(db: Session, request: UserBase):
  new_user = DbUser(
    username = request.username,
    email = request.email,
    password = Hash.bcrypt(request.password)
  )
  db.add(new_user)
  db.commit()             # actually send the operation to the database
  db.refresh(new_user)    # will get user info with the id created in the database
  
  return new_user

# Read all users from the database

def get_all_users(db: Session):
  return db.query(DbUser).all()

# Read one user from the database

from fastapi import HTTPException, status
...  
def get_user(db: Session, id: int):
  # Example of several filters:
  # db.query(DbUser).filter(DbUser.id == id).filter(DbUser.email == email).first()
  user = db.query(DbUser).filter(DbUser.id == id).first()
  if not user:
    raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
                        detail=f'User with id {id} not found')
  return user

# Update user

def update_user(db: Session, id: int, request: UserBase):
  user = db.query(DbUser).filter(DbUser.id == id)
  user.update({
      DbUser.username: request.username,
      DbUser.email: request.email,
      DbUser.password: Hash.bcrypt(request.password)
  })
  db.commit()
  return 'OK'

# Delete user

from fastapi import HTTPException, status

...

def delete_user(db: Session, id: int):
  user = db.query(DbUser).filter(DbUser.id == id).first()
  if not user:
    raise HTTPException(
      status_code = status.HTTP_404_NOT_FOUND,
      detail = f'User with id {id} not found'
      )  
  db.delete(user)
  db.commit()
  return {'message': 'OK'}

routers\user\user.py

from fastapi import APIRouter, Response, status, Depends
from sqlalchemy.orm import Session
from typing import List
from schemas.user.user_schema import UserBase
from schemas.user.user_schema import UserDisplay
from db.database import get_db
from db import db_user

router = APIRouter(
    prefix='/user',
    tags=['user']
)

# Create a user

@router.post('/', response_model=UserDisplay)
def create_user(request: UserBase, db: Session = Depends(get_db)):
  return db_user.create_user(db, request)

# Read all users

@router.get('/', response_model=List[UserDisplay])
def get_all_users(db: Session = Depends(get_db)):
  return db_user.get_all_users(db)

# Read one user

@router.get('/{id}', response_model=UserDisplay)
def get_user(id: int, db: Session = Depends(get_db)):
  return db_user.get_user(db, id)

# Update user

@router.post('/{id}')
def update_user(id: int, request: UserBase, db: Session = Depends(get_db)):
  return db_user.update_user(db, id, request)

# Delete user

@router.delete('/{id}')
def delete_user(id: int, db: Session = Depends(get_db)):
  return db_user.delete_user(db, id)

Start server
```
  . venv/Scripts/activate  
  uvicorn main:app --reload
```
As a result a new file named fastapi-practice.db will be created in the project's root folder. The name is specified in db\database.py file.

Run TablePlus
- Press on Create a new connection
- Choose SQLite
- Press on Select SQLite database file *.db. Specify the *.db created in the project
- Give a name to SQLite Connection
- Press on Connect button
- Press on the table and see the structure of the table

Test using docs

http://127.0.0.1:8000/docs

Error Handling

Exceptions

Notify a client of an error
Raising an exception anywhere stops code from running

  raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
  detail=f"User with id {id} not found")

Custom Exceptions

exceptions.py

class StoryException(Exception):  <---
  def __init__(self, name: str):
    self.name = name

db\db_user.py

from exceptions import StoryException
...
# Creation of a user in the database
def create_user(db: Session, request: UserBase):
if request.username.startswith("myuser"):
  raise StoryException("Here some text of the exception")  <---
new_user = DbUser(
  username = request.username,
  email = request.email,
  password = Hash.bcrypt(request.password)
)
db.add(new_user)
db.commit()           # actually send the operation to the database
db.refresh(new_user)  # will get user info with the id created in the database

return new_user

main

from fastapi import FastAPI, Request
from fastapi.responses import JSONResponse
from routers.user import user

...

from db.models.user import db_user_modal
from db.database import engine
from exceptions import StoryException  <---

app = FastAPI()
app.include_router(user.router)
...

@app.get("/")
def index():
return {'message': "Hello World!!!"}

@app.exception_handler(StoryException)    <---
def story_exception_handler(request: Request, exc: StoryException):
return JSONResponse(
  status_code = 418,
  content={'detail': exc.name}
)

db_user_modal.Base.metadata.create_all(engine)

Custom Exception Handler

main.py

from fastapi.responses import JSONResponse, PlainTextResponse  
...

@app.get("/")
def index():
  return {'message': "Hello World!!!"}

...

# Intercept all the exceptions        <----
@app.exception_handler(HTTPException)
def custom_handler(request: Request, exc: StoryException):
  return PlainTextResponse(str(exc), status_code=400)

db_user_modal.Base.metadata.create_all(engine)

Custom Response

Why?

Add parameters: Headers, cookies
different types of response:
- files
- html
- streaming
- plain text
- xml
Complex decisional logic
On the same end point return xml or streaming based on entry parameter
Better documentation

Example #1

routers\product\product.py

    from fastapi import APIRouter
    from fastapi.responses import Response

    router = APIRouter(
        prefix='/product',
        tags=['product']
    )

    products = ['watch', 'camera', 'phone']

    @router.get("/all")
    def get_all_products():
      # return products
      # Example of returning data as a plain text
      data = " ".join(products)
      # response is: watch camera phone
      return Response(content=data, media_type="text/plain")

main.py

    ...
    from routers.product import product

    app = FastAPI()
    app.include_router(product.router)

Example #2 - continue of example # 1

product.py

from fastapi.responses import Response, HTMLResponse, PlainTextResponse

@router.get("/{id}", responses={
    200: {
        "content": {
            "text/html": {
              "example": "Product>"                   
            },
        },
        "description": "Return the HTML for an object"
    },
    404: {
        "content": {
            "text/plain": {
                "example": "Product not found"
            },
        },
        "description": "A clear text error message"
    }
})
def get_product(id: int):
  if id > len(products):
   # Example: return a plain text instead of HTML
   result = "Product not found"
   return PlainTextResponse(status_code=404, content=result, media_type="text/plain")
  else:   
    product = products[id]
    result = f"""
        <head>
            <style>
                .product{{
                    width: px;
                    height: 30px;
                    border: 2px inset green;
                    background-color: lightblue;
                    text-align: center;
                }}
            </style>        
        </head>
        <body>
        <div class="product">{product}</div>
        </body>        
    """
    return HTMLResponse(content=result, media_type="text/html")

Custom Headers
- Custom Request Headers
  - ```
        @router.get('/')
        def fun(custom_header: Optional [str] = Header(None))
      
```
- Automatic conversion between _ and -
- List of Headers with the same name and a different values
  - ```
        @router.get('/')
        def fun(custom_header: Optional [List[str]] = Header(None))
      
```
  - How to see custom header
    1. Press on F12 in Chrome
    2. Open a Network tab
    3. Fill in the documentation custom header value
    4. Press on Execute
    5. Select the request and press on it
    6. Press on Headers tab
    7. Under Request Headers see the value of custom-header that was set
- Custom Response Headers
  - ```
    def get_all_users(response: Response):
      response.headers['c-custom-header'] = 'abc'
```
- Example
```
  from fastapi import APIRouter, Header
  from fastapi.responses import Response, HTMLResponse, PlainTextResponse
  from typing import List, Optional  
```
```
  ...
  @router.get("/withheader")
  def get_products(
      response: Response,
      custom_header: Optional[List[str]]=Header(None)
      ):
      response.headers['custom_response_header'] = ", ".join(custom_header)
      return products  
```

Cookies

Optional - install Chrome Extension "EditThisCookie"

Store information on the browser
Can accept str, list, dict, models ect

Snippet

  response.set_cookie(key="test_cookie", value='test_cookie_value')

  test_cookie: Optional[str] = Cookie(None)

Example

product.py

from fastapi import APIRouter, Header, Cookie
from fastapi.responses import Response, HTMLResponse, PlainTextResponse
from typing import List, Optional
...

  
@router.get("/all")
def get_all_products():
  # return products
  # Example of returning data as a plain text
  data = " ".join(products)
  # response is: watch camera phone
  response = Response(content=data, media_type="text/plain")
  response.set_cookie(key="test_cookie", value="test_cookie_value")
  return response

@router.get("/withheader")
def get_products(
    response: Response,
    custom_header: Optional[List[str]] = Header(None),
    test_cookie: Optional[str] = Cookie(None)
    ):
    if custom_header:
        response.headers['custom_response_header'] = ", ".join(custom_header)
    return {
        'data': products,
        'custom_header': custom_header,
        'my_cookie': test_cookie
    }

Form Data

application/x-www-form-urlencoded
python-multipart package is required

Snippet

  from fastapi import APIRouter, Header, Form, Cookie

  def create_product(name: str = Form(...)):

product.py

from fastapi import APIRouter, Header, Form, Cookie

@router.post('/new')
def create_product(product_name: str = Form(...)):
  products.append(product_name)
  return products

CORS

CORS - Cross Origin Resource Sharing
localhost:3000 <--> localhost:8000

Snippet

  app.add_middleware(
    CORSMiddleware,
    allow_origins=['http://127.0.0.1:3000'],
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
  )

main.py

from fastapi.middleware.cors import CORSMiddleware
...
origins = [
  'http://127.0.0.1:3000'  # should not contain '/' at the end
]

# Should be at the end
app.add_middleware(
    CORSMiddleware,
    allow_origins = origins,
    allow_credentials = True,
    allow_methods = ["*"], # GET, POST, ...
    allow_headers = ["*"]  # everything
)

Authentication

Authentication

OAuth2 with username and password

python-jose package is required

Securing an endpoint

routers\blog.py

from fastapi import APIRouter, Response, status, Depends
from auth.oauth2 import get_current_user
...

# Get specific blog based on currently logged in user
@router.get("/{id}", status_code=status.HTTP_200_OK)
def get_blog(id: int, response: Response, current_user: UserBase = Depends(get_current_user)):
  # TODO - return user without the password by creating a new class for the response setting response_class= . Search for response_class=FileResponse 
  return {
      'data': f"Blog with id {id}",      
      'current_user': current_user
  }

How to generate a unique secret key

In the terminal
```
  openssl rand -hex 32
```

Getting access token

auth\oauth2.py

from fastapi.security import OAuth2PasswordBearer
from fastapi.param_functions import Depends
from typing import Optional
from datetime import datetime, timedelta
from jose import jwt

# token end point should be the same in 
# auth\authentication.py
# @router.post('/token')
oauth2_schema = OAuth2PasswordBearer(tokenUrl="token")

# Generate a unique key for current API in the terminal by running:
# openssl rand -hex 32
API_PRIVATE_SECRET_KEY = '89407c7339a6c00544e51af1101c4abb4aea2a31157ca5f7dfd87da02a628107'
ALGORITHM = 'HS256'
ACCESS_TOKEN_EXPIRE_MINUTES = 30


def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):
  to_encode = data.copy()
  if expires_delta:
    expire = datetime.utcnow() + expires_delta
  else:
    expire = datetime.utcnow() + timedelta(minutes=15)
  to_encode.update({"exp": expire})
  encoded_jwt = jwt.encode(to_encode, API_PRIVATE_SECRET_KEY, algorithm=ALGORITHM)
  return encoded_jwt

auth\authentication.py

from fastapi import APIRouter, HTTPException, status
from fastapi.param_functions import Depends
from fastapi.security import OAuth2PasswordRequestForm
from sqlalchemy.orm.session import Session
from db.database import get_db
from db.models.user.db_user_modal import DbUser
from db.hash import Hash
from auth import oauth2

router = APIRouter(
  tags=['authentication']
)

@router.post('/token')
def get_token(request: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
  user = db.query(DbUser).filter(DbUser.username == request.username).first()
  if not user:
    raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Invalid credentials")
  if not Hash.verify(user.password, request.password):
    raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
                      detail="Incorrect password")
  access_token = oauth2.create_access_token(data={'sub: user.username'})
  
  return {
      'access_token': access_token,
      'token_type': 'bearer',
      'user_id': user.id,
      'username': user.username
  }

def get_current_user(token: str = Depends(oauth2_schema), db: Session = Depends(get_db)):
  credentials_exception = HTTPException(
    status_code=status.HTTP_401_UNAUTHORIZED,
    detail='Could not validate credentials',
    headers={"WWW-Authenticate": "Bearer"}    
  )
  try:
    payload = jwt.decode(token, API_PRIVATE_SECRET_KEY, algorithms=[ALGORITHM])
    username: str = payload.get("sub")
    if username is None:
      raise credentials_exception
  except JWTError:
    raise credentials_exception
  user = db_user.get_user_by_username(db, username)  
  if user is None:
    raise credentials_exception
  return user

main.py

from auth import authentication
from routers.user import user

app = FastAPI()
app.include_router(authentication.router)
app.include_router(user.router)

db\db_user.py

# Read one user with specified username from the database
def get_user_by_username(db: Session, username: str):
  # Example of several filters:
  # db.query(DbUser).filter(DbUser.id == id).filter(DbUser.email == email).first()
  user = db.query(DbUser).filter(DbUser.username == username).first()
  if not user:
    raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
                        detail=f'User with username {username} not found')
  return user

How to test

Use "Authorize" button to fill the form with username and password

User Authentication
- Verify token
- Retrieve user associated with this token
- Secure more endpoints

Working with Files

Full Example for uploading an image

`main.py`

from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from fastapi.staticfiles import StaticFiles  
from database.database import engine
from database.models.post import db_post_model
from routers.post import post

app = FastAPI()
app.include_router(post.router)

origins = [
    # should not contain '/' at the end
    'http://127.0.0.1:3000'
]
app.add_middleware(
    CORSMiddleware,
    allow_origins = origins,
    allow_credentials = True,
    allow_methods = ["*"],  # GET, POST, ...
    allow_headers=["*"]     # everything
)

app.mount('/images', StaticFiles(directory='uploads'),
          name='images')

db_post_model.Base.metadata.create_all(engine)

`routers\post\post.py`

import string
import random
import shutil
from fastapi import APIRouter, UploadFile, File, Depends

@router.post('/image')
def upload_image(image: UploadFile = File(...)):
  letters = string.ascii_letters
  # generate 6 random letters from this collection
  rand_letters = ''.join(random.choice(letters) for i in range(6))
  random_string = f'_{rand_letters}.'
  # setting the maxsplit parameter to 1, will return a list with 2 elements
  # Example: original image name is cat.jpg
  # final image name is cat_BtFbgZ.jpg
  filename = random_string.join(image.filename.rsplit('.', 1))
  path = f'uploads/{filename}'
  
  # Store the file in the path
  # Override the file if it exist, create the file if it doesn't exist
  with open(path, "w+b") as buffer:
    shutil.copyfileobj(image.file, buffer)

  # return a filename full path
  return {
    'filename': path,
    'type': image.content_type
    }

Input and response

Input file
```
  cat.jpg  
  
```

Response body

  {
    "filename": "uploads/cat_ZFeKbI.jpg",
    "type": "image/jpeg"
  }

In the browser open
http://127.0.0.1:8000/images/cat_ZFeKbI.jpg

Small File

Snippet - used for small file that can be used in memory

      def get_file(file: bytes = File(...))

Received as bytes
Stored in memory

Code

file\file.py

    from fastapi import APIRouter, File, Header, Form, Cookie
    from fastapi.responses import Response, HTMLResponse, PlainTextResponse
    from typing import List, Optional

    router = APIRouter(
        prefix='/file',
        tags=['file']
    )

    # Assumptions
    # - the file contains a text
    # - the file small because it's stored in memory
    @router.post('/smallfile')
    def get_file(file: bytes = File(...)):
      content = file.decode('utf-8')
      lines = content.split('\n')
      return {'lines': lines}

main.py

    from routers.file import file

    app = FastAPI()
    app.include_router(file.router)

Upload file - small and large

Provides more functionality
Stored in memory up to a certain size, then on disk
Python file like object

Snippet

      def get_upload_file(upload_file: UploadFile = File(...))

Code

file\file.py

    from fastapi import APIRouter, File, UploadFile  
    import shutil # to play around files on local machine

    # Create 'uploaded_files' folder in the root of the project.
    # All uploaded file will go to this folder
    @router.post('/uploadfile')
    def get_uploadfile(upload_file: UploadFile = File(...)):
      path = f"uploaded_files/{upload_file.filename}"
      with open(path, "w+b") as buffer: # override the file if it exist, create the file if it doesn't exist
        shutil.copyfileobj(upload_file.file, buffer)

      return {
          'filename': path,
          'type': upload_file.content_type
      }

    # Just for testing
    @router.post('/uploadfile')
    def get_uploadfile(upload_file: UploadFile = File(...)):
      return {
          'filename': upload_file.filename
      }

Making files statically available

aiofiles package is required
Have pic.jpg in uploaded_files folder

Code

file\file.py

    # Create 'uploaded_files' folder in the root of the project.
    # All uploaded file will go to this folder
    @router.post('/uploadfile')
    def get_uploadfile(upload_file: UploadFile = File(...)):
      path = f"uploaded_files/{upload_file.filename}"
      with open(path, "w+b") as buffer: # override the file if it exist, create the file if it doesn't exist
        shutil.copyfileobj(upload_file.file, buffer)

      return {
          'filename': path,
          'type': upload_file.content_type
      }

main.py

    from fastapi.staticfiles import StaticFiles

    app.add_middleware(
        CORSMiddleware,
        allow_origins = origins,
        allow_credentials = True,
        allow_methods = ["*"],  # GET, POST, ...
        allow_headers=["*"]     # everything
    )

    app.mount('/files', StaticFiles(directory="uploaded_files"),
              name='files')

In the browser open http://127.0.0.1:8000/files/pic.jpg

Downloading files

Snippet

      @router.get("/download/{name}", response_class=FileResponse)
      def download_file(name: str):
        ...
        return path

file\file.py

    # Allow to download file located in uploaded_files
    # TODO - check downloading Excel files
    @router.get('/download/{name}', response_class=FileResponse)
    def get_file(name: str):
      path = f"uploaded_files/{name}"
      return path

Deployment
- Free hosting with deta

Debugging
- Stop local server that runs in the terminal
- In the Visual Code go to View -> Command Pallet
- Type: debug
- Select: Debug Restart
- Select fastAPI
- It will start a server
- Put a break point

Testing - TODO

Install requests and pytest packages

test_main.py

    import requests

    def test_get_all_blogs():
    response = requests.get('http://127.0.0.1:8000/blog/all')
    assert response.status_code == 200

Run
Open a new terminal in the project's folder and run
```
      pytest
    
```

Logging

Code

logger\custom_log.py

    def log(tag="", log_level="", message=""):
      with open("log.txt", "a+") as log:  # create a file if doesn't exists
        log.write(f"{tag}: {log_level} {message} \n")

routers\product\product.py

    from logger.custom_log import log  

    @router.get("/all")
    def get_all_products():
      ...
      log("MyAPI", "INFO", "Call to get all products")
      return response

see log.txt at the root folder of the project.

Concurrency - Async Await

Functionality can be asynchronous.
await means the process can be paused
async defines a function with suspendable points

routers\product\product.py

    import time

    async def time_consuming_functionality():
      time.sleep(5) # sleep 5 seconds
      return 'ok'

    @router.get("/all")
    async def get_all_products():
      await time_consuming_functionality()
      data = " ".join(products)
      response = Response(content=data, media_type="text/plain")  
      return response

Middleware

Functions that intercepts the request and provides the response
Processing before and after a request

Snippet

    @app.middleware("http")
    async def add_middleware(request: Request, call_next):
      ...
      response = await call_next(request)
      ...
      return response

main.py

    import time
    ...  
    db_user_modal.Base.metadata.create_all(engine)

    # Add duration time of each request as part of header
    @app.middleware("http")
    async def add_middleware(request: Request, call_next):
      start_time = time.time()   # give current time
      response = await call_next(request)
      duration = time.time() - start_time
      response.headers['duration'] = str(duration) # duration in seconds
      return response

    origins = [
        'http://127.0.0.1:3000'   # should not contain '/' at the end
    ]

Background task

Functionality to run after the call has been completed
Can have access to request and response

Snippet

      @router.get("/{id}")
      def read_item(id: str, bt: BackgroundTasks):
      bt.add_task(some_functionality, params)

routes\product\product.py

    from fastapi import APIRouter, BackgroundTasks  
    from logger.custom_log import log

...

    def log_product_call(message: str):
      log("MyAPI", "INFO", message)

...

    @router.get("/{id}", responses={
    ...
    })
    def get_product(
        id: int, 
        bt: BackgroundTasks
      ):
      message = f"Product with id {id} was requested"
      bt.add_task(log_product_call, message)
    ...

Web sockets and chat client
TODO

Dependencies

Dependency injection

Shared functionality
Database / resource connection
Authentication
Minimize code duplication

Snippet

      def get_items(headers = Depends(common_func)):
        return {
          'headers': headers
        }

Code

main.py

    from routers.dependencies import dependencies

...

    app = FastAPI()
    app.include_router(dependencies.router)

routers\dependencies\dependencies.py

    from fastapi import APIRouter
    from fastapi.requests import Request
    from fastapi.param_functions import Depends


    router = APIRouter(
        prefix='/dependencies',
        tags=['dependencies']
    )

routers\dependencies\dependencies.py

Example # 1

    # Retrieve the request that is being call  
    def convert_header(request: Request):
      out_headers = []
      for key, value in request.headers.items():
        out_headers.append(f"{key} -- {value}")
      return out_headers

    # request is gonna be automatically passed to get_items because it is an end point
    # and end point receive a request by default
    # as a result, the request will be passed as a parameter
    # to convert_header
    @router.get('')
    def get_items(headers=Depends(convert_header)):
      return {
          'items': ['a', 'b', 'c'],
          'headers': headers
      }


    @router.post('')
    def create_item(headers=Depends(convert_header)):
      return {
        'result': 'New item created',
        'headers': headers
      }

Example # 2

    def convert_header(request: Request, separator: str = '--'):
      out_headers = []
      for key, value in request.headers.items():
        out_headers.append(f"{key} {separator} {value}")
      return out_headers


    @router.get('')
    def get_items(separator: str = '--', headers=Depends(convert_header)):
      return {
          'items': ['a', 'b', 'c'],
          'headers': headers
      }


    @router.post('')
    def create_item(headers=Depends(convert_header)):
      return {
        'result': 'New item created',
        'headers': headers
      }

Class Dependencies

Any callable can be a dependency

routers\dependencies\dependencies.py

    from fastapi import APIRouter
    from fastapi.requests import Request
    from fastapi.param_functions import Depends

    class Account:
      def __init__(self, name: str, email: str):
        self.name = name
        self.email = email
        
    # Creates an account and retrieves an information of the account
    @router.post('/user')
    def create_user(name: str, email: str, password: str, account: Account = Depends()):
    # Same as
    # def create_user(name: str, email: str, password: str, account: Account = Depends(Account)):
      # account - perform whatever operations
      return {
        'name': account.name,
        'email': account.email
      }

Multi level Dependencies

routers\dependencies\dependencies.py

    def convert_params(request: Request, separator: str):
      query = []
      for key, value in request.query_params.items():
        query.append(f"{key} {separator} {value}")
      return query


    def convert_header(request: Request, separator: str = '--', query = Depends(convert_params)):
      out_headers = []
      for key, value in request.headers.items():
        out_headers.append(f"{key} {separator} {value}")
      return {
      'headers': out_headers,
      'query': query
      }
      
    @router.get('')
    def get_items(separator: str = '--', headers=Depends(convert_header)):
      return {
          'items': ['a', 'b', 'c'],
          'headers': headers
      }

Global Dependencies

Apply to *all endpoint
- router
- app

Snippet

    router = APIRouter(
        prefix='/dependencies',
        tags=['dependencies'],
        dependencies=[Depends(common_functionality)]
    )

Attach dependencies to some router

logger\custom_log.py

    from fastapi.requests import Request

    def log(tag="MyApp", log_level="INFO", message="", request: Request = None):
      with open("log.txt", "a+") as log:  # create a file if doesn't exists
        log.write(f"{tag}: {log_level} {message} \n")
        log.write(f"\t{request.url} \n")

routers\dependencies\dependencies.py

    from fastapi import APIRouter
    from fastapi.requests import Request
    from fastapi.param_functions import Depends
    from logger.custom_log import log

    router = APIRouter(
        prefix='/dependencies',
        tags=['dependencies'],
        dependencies=[Depends(log)]
    )

Attach dependencies to all routers in the app

main.py

    app = FastAPI(dependencies=[Depends(common_functionality)])

Get versions of Packages
- Install freeze package
```
    pip install freeze  
  
```
- Run the package to show versions of the installed packages
```
    pip freeze
  
```
- Update requirements-dev.txt
  For example:
```
  fastapi==0.94.1  
  
```

Solving problems
- Check which Python is used
```
  which python
```
  If it shows general computer folder of Python installation, means there is a problem.
  
  In case everything OK, it shows a folder of the virtual environment and not the general computer folder of Python installation
- Reinstall virtual environment
  - Delete venv folder
  - type in the terminal
```
  deactivate
```
  - Install virtual environment
```
python -m venv venv  
```
- Activate the Virtual Environment
```
. venv/Scripts/activate    
```
- Check which Python is used
```
    which python
  
```
  It should show a folder of the virtual environment and not the general computer folder of Python installation.
- Install all requirements
```
  pip install -r requirements.txt
```

Complete FastAPI masterclass from scratch 2023

FastAPI Summary

Short

Open a bash terminal in the project folder

Activate the Virtual Environment

Run a server

Check using documentation by running in the browser

Run in the browser

New Project Creation

Open a VS Code bash terminal in the project folder

Create requirements.txt file

Create .gitignore file

Create main.py file

Install Virtual Environment

Install all at once

Activate the Virtual Environment

Run a server

Check using documentation

Run in the browser

Installation

Install Python

Install in the virtual environment

Create Virtual Environment

Activate Virtual Environment

Check Virtual Environment was Activated

Install using requirements.txt file

Activate Virtual Environment

requirements.txt

Install all at once

Save versions of installed packages

FastAPI's Features

Automatic documentation

Uses Python 3

Automatic validation of the type of parameters

Security and authentication are integrated

Dependency injection

Testing - 100% coverage

FastAPI's Automatic Documentation

Access Swagger Documentation

Access ReDoc Documentation

REST APIs methods

GET method

Path parameters

Works fine

Error on /blog/all

Predefined values in path

Query parameters

Simple Example

Default values

Optional parameters

Query and Path parameters

POST method

What is done

Request Body

Example

Path and Query Parameters

Parameters Metadata

Add title and description in the documentation

Add alias

Add deprecation

Validator

Default value

Required value

Require minimum length

Require maximum length

Regex - regular expression validation

Multiple values in query parameters

Request

Response

Multiple values in query parameters with default values

Request

Response

Number Validators

Greater than

Greater than or equal to

Less than

Less than or equal to

Example

Complex Subtype

Example

Status Code

Create `requirements.txt` file

Create `.gitignore` file

Create `main.py` file

`Check Virtual Environment was Activated`

`main.py`

`routers\post\post.py`