Skip to content

behai-nguyen/fastapi_learning

Repository files navigation

fastapi_learning

Documentation of my FastAPI learning process. I document what I find necessary.

Posts are listed in the Related post(s) section below. Each entry includes the link to the actual post, the git clone command for the target code revision, and an excerpt from the post.

The Code After Tag v0.4.0 Requires Python 3.12.4

To install Python 3.12.4, please refer to the following post: Installing Python 3.12.4 as an Additional Interpreter on Ubuntu 22.10 and Windows 10.

Preparing a New Virtual Environment venv Using Python 3.12.4

Simply remove the existing virtual environment venv and recreate it using the following command:

▶️Windows 10: F:\fastapi_learning>C:\PF\Python312\python.exe -m venv venv
▶️Ubuntu 22.10: behai@hp-pavilion-15:~/fastapi_learning$ /usr/local/bin/python3.12 -m venv venv

Verify the version of the Python interpreter in venv:

▶️Windows 10: (venv) F:\fastapi_learning>venv\Scripts\python.exe --version
▶️Ubuntu 22.10: (venv) behai@hp-pavilion-15:~/fastapi_learning$ ./venv/bin/python --version

Installing Third Party Packages

Run Time Packages

▶️Windows 10: (venv) F:\fastapi_learning>venv\Scripts\pip.exe install -e .
▶️Ubuntu 22.10: (venv) behai@hp-pavilion-15:~/fastapi_learning$ ./venv/bin/pip install -e .

Development Dependency Packages (for testing and development)

▶️Windows 10: (venv) F:\fastapi_learning>venv\Scripts\pip.exe install -e .[dev]
▶️Ubuntu 22.10: (venv) behai@hp-pavilion-15:~/fastapi_learning$ ./venv/bin/pip install -e .[dev]

Related post(s)

  1. Python FastAPI: Some Further Studies on OAuth2 Security
git clone -b v0.1.0 https://github.com/behai-nguyen/fastapi_learning.git

FastAPI provides excellent tutorials that thoroughly introduce the framework. Two sections on security, namely Tutorial - User Guide Security and Advanced User Guide Security, have sparked further questions, which we are discussing in this post. Hopefully, this discussion will lead to a better understanding of how FastAPI security works.

  1. Python FastAPI: Integrating OAuth2 Security with the Application's Own Authentication Process
git clone -b v0.2.0 https://github.com/behai-nguyen/fastapi_learning.git

In the first post, we explore some aspects of OAuth2 authentication, focusing on the /token path as illustrated in an example from the Simple OAuth2 with Password and Bearer section of the Tutorial - User Guide Security. In this subsequent post, we implement our own custom preliminary login process, leveraging the /token path. This means that both the Swagger UI Authorize button and our application's login button utilise the same server code.

  1. Python FastAPI: Implementing Persistent Stateful HTTP Sessions with Redis Session Middleware and Extending OAuth2PasswordBearer for OAuth2 Security
git clone -b v0.3.0 https://github.com/behai-nguyen/fastapi_learning.git

In the second post of our FastAPI learning series, we implemented a placeholder for the application's own authentication process. In this post, we will complete this process by implementing persistent server-side HTTP sessions using the starsessions library and its Redis store store, as well as extending the OAuth2PasswordBearer class.

  1. Python FastAPI: Complete Authentication Flow with OAuth2 Security
git clone -b v0.4.0 https://github.com/behai-nguyen/fastapi_learning.git

In the third post, we implemented persistent stateful HTTP sessions. In this post, we will complete the application’s authentication UI flow. For the existing /auth/token and /admin/me routes, we will add functionality to conditionally return either HTML or JSON. Based on this new functionality, we will implement two new routes: /api/login and /api/me. These routes will only return JSON, and their endpoint handlers will be the same as those of the aforementioned routes respectively.

  1. Python FastAPI: Implementing Non-Blocking Logging with Built-In QueueHandler and QueueListener Classes
git clone -b v0.5.0 https://github.com/behai-nguyen/fastapi_learning.git

Continuing with our Python FastAPI learning series, this post explores the implementation of non-blocking logging using Python’s built-in QueueHandler and QueueListener classes.

  1. Python FastAPI: Implementing SSL/HTTPS and CORS
git clone -b v0.6.0 https://github.com/behai-nguyen/fastapi_learning.git

In this installment of our Python FastAPI learning series, we explore the implementation of SSL/HTTPS for localhost and also the enabling of Cross-Origin Resource Sharing, or CORS.

  1. Python FastAPI: Enabling Database Support
git clone -b v0.7.0 https://github.com/behai-nguyen/fastapi_learning.git

Continuing with our Python FastAPI learning series, in this installment, we enable database support for MySQL, PostgreSQL, and MariaDB. We will not add any new functionality; instead, the existing authentication process will check user information from a proper database instead of mock hard-coded data. We will also add a business logic layer responsible for data validation, enforcing business rules, etc.

  1. Python FastAPI: Fixing a Bug in the Authentication Process
git clone -b v0.8.0 https://github.com/behai-nguyen/fastapi_learning.git

In the fourth post of our Python FastAPI learning series, we introduced a bug in the authentication process. In this post, we describe the bug and discuss how to fix it.

  1. Python FastAPI: Implementing JSON Web Token
git clone -b v0.9.0 https://github.com/behai-nguyen/fastapi_learning.git

Continuing with our Python FastAPI learning series, we will implement proper JSON Web Token (JWT) authentication as discussed in the official tutorial, with a few minor tweaks of our own.

  1. Python FastAPI: Implementing OAuth2 Scopes Part 01
git clone -b v0.10.0 https://github.com/behai-nguyen/fastapi_learning.git

In this part of our Python FastAPI learning series, we implement OAuth2 scopes. Our implementation is based on the advanced official tutorial on OAuth2 scopes, with some variations of our own.

  1. Python FastAPI: OAuth2 Scopes Part 02 - UI Elements and User-Assigned Scopes
git clone -b v0.11.0 https://github.com/behai-nguyen/fastapi_learning.git

In the previous post, we implemented OAuth2 scopes for endpoint handler methods. This post extends that implementation to include UI elements — components that send HTTP requests to the server application.

  1. Python FastAPI: OAuth2 Scopes Part 03 - New CRUD Endpoints and User-Assigned Scopes
git clone -b v0.12.0 https://github.com/behai-nguyen/fastapi_learning.git

Continuing with the FastAPI OAuth2 scopes topic, in this installment of our Python FastAPI learning series, we will implement seven (7) new routes that perform CRUD operations on the employees table. These new routes require scopes that we have implemented but have not used so far: user:write, admin:read, and admin:write. Please recall that we proposed this implementation in the last post.

  1. Python FastAPI: Finishing Off the Pending Items, Code Cleanup, and Improvements
git clone -b v0.13.0 https://github.com/behai-nguyen/fastapi_learning.git

In the last post of this Python FastAPI learning series, we concluded with a list of to-do items. In this post, we will address these issues. Additionally, we are performing some code cleanup and improvements.

Implemented routes

Route Method Scopes Response
1 /auth/token (/api/login) POST None JSON, HTML
2 /auth/login (/) GET None HTML
3 /admin/me (/api/me) GET user:read JSON, HTML
4 /auth/home GET None HTML
5 / (/auth/login) GET None HTML
6 /auth/logout POST None HTML
7 /api/me (/admin/me) GET user:read JSON, HTML
8 /api/login (/auth/token) POST None JSON, HTML
9 /emp/search GET admin:read HTML
10 /emp/search/{partial-last-name}/{partial-first-name} GET, POST admin:read HTML, JSON
11 /emp/admin-get-update/{emp_no} GET admin:read HTML, JSON
12 /emp/own-get-update/{emp_no} GET user:read HTML, JSON
13 /emp/admin-save POST admin:write JSON
14 /emp/user-save POST user:write JSON
15 /emp/new GET admin:write HTML

License

MIT license and the GPL license.

About

Documentation of my FastAPI learning process.

Resources

Stars

Watchers

Forks

Packages

No packages published