You're reading from Building Python Microservices with FastAPI Build secure, scalable, and structured Python microservices from design concepts to infrastructure

Product type Paperback

Published in Aug 2022

Publisher Packt

ISBN-13 9781803245966

Length 420 pages

Edition 1st Edition

Languages

Python

Tools

FastAPI

Concepts

Microservices

Author (1):

Sherwin John C. Tragura

View More author details

Table of Contents (17) Chapters

Preface

1. Part 1: Application-Related Architectural Concepts for FastAPI microservice development

2. Chapter 1: Setting Up FastAPI for Starters FREE CHAPTER

3. Chapter 2: Exploring the Core Features

4. Chapter 3: Investigating Dependency Injection

5. Chapter 4: Building the Microservice Application

6. Part 2: Data-Centric and Communication-Focused Microservices Concerns and Issues

7. Chapter 5: Connecting to a Relational Database

8. Chapter 6: Using a Non-Relational Database

9. Chapter 7: Securing the REST APIs

10. Chapter 8: Creating Coroutines, Events, and Message-Driven Transactions

11. Part 3: Infrastructure-Related Issues, Numerical and Symbolic Computations, and Testing Microservices

12. Chapter 9: Utilizing Other Advanced Features

13. Chapter 10: Solving Numerical, Symbolic, and Graphical Problems

14. Chapter 11: Adding Other Microservice Features

15. Index

Why subscribe?

16. Other Books You May Enjoy

Securing the REST APIs

Building microservices means exposing the entire application to the worldwide web. For every request-response transaction, the client accesses the endpoint of the API publicly, which poses potential risks to the application. Unlike web-based applications, API services have weak mechanisms to manage user access using login controls. Thus, this chapter will provide several ways to protect the API services created using the FastAPI framework.

There is no such thing as perfect security. The main goal is to establish policies and solutions related to the confidentiality, integrity, and availability of these services. The confidentiality policy requires tokens, encryption and decryption, and certificates as mechanisms to make some APIs private. On the other hand, the integrity policy involves maintaining the data exchange as authentic, accurate, and reliable by using a "state" and hashed codes during the authentication and authorization process. The availability...