You're reading from Building Python Microservices with FastAPI Build secure, scalable, and structured Python microservices from design concepts to infrastructure

Product type Paperback

Published in Aug 2022

Publisher Packt

ISBN-13 9781803245966

Length 420 pages

Edition 1st Edition

Languages

Python

Tools

FastAPI

Concepts

Microservices

Author (1):

Sherwin John C. Tragura

View More author details

Table of Contents (17) Chapters

Preface

1. Part 1: Application-Related Architectural Concepts for FastAPI microservice development

2. Chapter 1: Setting Up FastAPI for Starters FREE CHAPTER

3. Chapter 2: Exploring the Core Features

4. Chapter 3: Investigating Dependency Injection

5. Chapter 4: Building the Microservice Application

6. Part 2: Data-Centric and Communication-Focused Microservices Concerns and Issues

7. Chapter 5: Connecting to a Relational Database

8. Chapter 6: Using a Non-Relational Database

9. Chapter 7: Securing the REST APIs

10. Chapter 8: Creating Coroutines, Events, and Message-Driven Transactions

11. Part 3: Infrastructure-Related Issues, Numerical and Symbolic Computations, and Testing Microservices

12. Chapter 9: Utilizing Other Advanced Features

13. Chapter 10: Solving Numerical, Symbolic, and Graphical Problems

14. Chapter 11: Adding Other Microservice Features

15. Index

Why subscribe?

16. Other Books You May Enjoy

Implementing Basic and Digest authentication

The Basic and Digest authentication schemes are the easiest authentication solutions that we can use to secure API endpoints. Both schemes are alternative authentication mechanisms that can be applied to small and low-risk applications without requiring complex configuration and coding. Let us now use these schemes to secure our prototype.

Using Basic authentication

The most straightforward way to secure the API endpoint is the Basic authentication approach. However, this authentication mechanism must not be applied to high-risk applications because the credentials, commonly a username and password, sent from the client to the security scheme provider are in the Base64-encoded format, which is vulnerable to many attacks such as brute force, timing attacks, and sniffing. Base64 is not an encryption algorithm but simply a way of representing the credentials in ciphertext format.