API REST avec Flask et Python

This course is structured in a specific way to make it as easy as possible for you to get exactly what you want out of it.

This lecture looks at maximising your time's value by making the course as efficient as possible for you.

Installing Python is very simple! Follow these steps and you'll be up and running in no time.

Installing Python is very simple! Follow these steps and you'll be up and running in no time.

This is a short introductory video to this section. I'm really excited to guide you through this Python refresher course!

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

Let's look at variables in Python. Variables are just names for values, which we can reuse and reset.

Python is a dynamic typed language, which means variables don't need be constrained to a specific type.

We've published all our coding exercises for this section in a new, easier to use platform, as well as on WeCours. That way you can write your code in whichever platform you find easier!

The solution to the "Variables" Python coding exercise.

In this lecture we look at three essential data structures in Python: lists, tuples, and sets.

A list is an ordered collection of items.

A tuple is an immutable ordered collection of items.

A set is an unordered collection of unique items.

In this fascinating video, we look at advanced set operations: calculating items which are in two sets, or items which are in one set but not another.

The solution to the "Lists, tuples, and sets" Python coding exercise.

This video explores how to create programs which can change depending on some input. For example, we might ask the user if they want to continue or not.

This makes use of boolean comparisons, such as:

• 1 == 1 (which is True)
• 5 > 5 (which is False)

The boolean comparisons we have available in Python are many:

• ==
• !=
• >, <, <=, >=
• is
• is not
• in
• not in

Loops allow us to repeat things over and over. This video explores two different types of loop in Python: for loop and while loop.

The solution to the "Flow control" Python coding exercise.

List comprehension is a relatively unique thing to Python.

It allows us to succinctly use a for loop inside a list to generate values. These values then end up in the list.

For example, [x for x in range(10)] generates a list [0, 1, 2, 3, 4, 5, 6, 7, 8, 9].

Dictionaries are an extremely useful thing in Python.

They are akin to sets, but instead of being a set of unique values, they are a set of unique keys, and each has a value associated with it.

In this video, let's look at methods in Python by creating some examples. Creating methods is simple, you just need the one keyword: def.

The solution to the "Method" Python coding exercise.

The solution to the "Dictionaries and students" Python coding exercise.

*args and **kwargs are truly fascinatingly confusing. For eons, they have annoyed Python learners.

To this I say no more!

They're just a way of passing arguments.

Objects are the natural progression from dictionaries. Instead of just holding data, objects hold another special type of data: methods.

A method is a function which operates on the object calling it. Thus, an object can use its own values to calculate outputs of methods. Very cool.

The solution to the "Classes and objects" Python coding exercise.

In many instances, we don't want our methods to be solely referencing the object which calls them. Sometimes, we want to reference the class of the object. Other times, we don't need either the object or the class.

@classmethod and @staticmethod are two decorators (looking at that shortly!) which extend the capabilities of methods.

The solution to the "@classmethod and @staticmethod" Python coding exercise.

Classes in Python can also inherit from one another. This essentially means that a class contains all of the properties and methods of the class it inherits from—but with the added bonus that it can have more.

Not only we can pass values from one method to another, but we can also pass functions.

This is not used very often, but it can sometimes yield very powerful methods in very few lines of code.

One of the most confusing aspects of Python for learners is the concept of decorators.

These are things we can place on top of function definitions which allow us to extend the function by executing code before and after the function.

They are extremely powerful when used well!

In this video we look at advanced decorators in Python, which is decorators that take arguments.

This amplifies the decorator's usefulness, although also makes them slightly more contrived.

What is an API? How do you interact with them? What's the difference between a client and a provider?

Answers to all these questions are in this short lecture and the linked blog post!

Installing Flask is a necessary first step. Fortunately, installing things in Python is really simple.

All we have to do is execute pip3.5 install Flask, and that will use the Python Package Index to download the package and install it for us.

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

Already we can create our first web server application! This is an application that returns some data when called using a GET request (such as through a web browser).

In this lecture we look at how HTTP works and what the verbs mean. They're going to be extremely important when we come to think of REST APIs.

In this lecture we look at the principles behind REST.

REST APIs are only APIs that follow and comply with the REST principles.

Two of the main REST principles are:

• That it is resource-based
• That it is stateless

Now that we know about HTTP and REST, we can create our application endpoints (the routes), so we can return different data depending on which endpoint is called.

In this video we extend the application by returning a list of stores.

In this video we implement the other missing endpoints in the application. We now have a complete web server application!

Although the focus of the course is not on creating applications to interact with our API, it's useful to know how the API will be called from within a web application.

Normally, APIs are called to retrieve data to create elements on a page, or to do things like authentication, saving to database, or delegate processing to the server.

Testing your API is essential. Without testing, you cannot be sure that your API works. Therefore, you cannot tell your users to use your API! What if it breaks?

In this video we look at Postman, a great tool to test APIs.

A very nice piece of software that we can use with Python is the virtualenv.

This allows us to have a different Python installation for every project, which means no shared libraries and context.

This is nice because libraries evolve over time. Something that worked in Flask-RESTful a year ago may not work today, so it makes sense to keep each project separate.

Or else, if we created a project last year and today we update Flask-RESTful, things may not work as expected!

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

In this video we create our first Flask-RESTful app, which includes our first Resource (remember REST APIs work with resources, instead of just data?).

In this video we explore the concept of test-first API design—akin to Test Driven Development.

It's important to first understand what we want our API to do, before we start writing any code. After all, it's easy to get bogged down on technical details and forget to actually write things that we want to use!

In this video we create our Item resource, which represents the actions we can perform on a store item.

In this video we look at the ItemList, which represents the actions we can perform on a collection of items; and also at creating items and putting them in an in-memory database.

In this video we look at refactoring the code and making it better. This is extremely important in programming. Every now and then, stop and look at what you've written. Then, make it nicer without changing what it does.

This is a sure way of making sure your code is always readable and maintainable—which means you or other people will find it easy to work with and improve later on.

Ah, a key focus of the course!

Authentication is something virtually every API needs in one way or another.

In this video we look at part 1 of authentication, which includes another Flask extension: Flask-JWT.

Part 2 of the authentication videos. Here we complete the authentication process and test it with Postman.

In this video we implement the DELETE HTTP verb, which is very simple with Flask-RESTful.

Now we can delete items from our in-memory database.

In this video we implement the PUT HTTP verb. One of the key definitions of PUT is that it has to be idempotent.

To be idempotent means that if we call the same endpoint 5 times in a row, only the first call will exert a change in the server.

We can use it to create an item, or to update an item if it already exists.

Very often we want to limit the data we accept in our requests. Using reqparse it becomes very easy to do this, and it's built into Flask-RESTful!

In this final video we look once again at our code, and making it nicer and more efficient.

Something that often works is to look at code duplication, and trying to remove duplication.

In this short video we look at setting up our project for this section and installing the required libraries (which, to interact with a SQLite database, happens to be none!).

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

In this video we look at running a local SQLite database and interacting with it from our Python code.

In this video we look at logging our users in by using sample data stored in our database.

This entails retrieving our user's data using SQL, which we can do by using a SELECT statement.

In this video we look at signing our users up to our app by writing their details to a database. This includes creating a /register endpoint to handle the incoming data.

In this video we take a quick look at preventing duplicate usernames—a good example of things you have to think about when doing API design.

In this video we look at retrieving items from a database. Similar to getting our users to log in, but this time accessing our items table.

Naturally, retrieving items only is not enough!

In this video we look at creating items and writing them to the database, which means that our API is now usable by other applications if they want to store and retrieve data from our database.

In this video we look at implementing item deletion, which involves deleting the appropriate row from the table.

Warning: it's easy to delete all data from the table, so be careful!

In this video we look at refactoring (improving) the code so that the insertion of items is not coupled to the endpoint responsible for inserting.

This will be essential for when the PUT method is implemented.

In this video we look at implementing the PUT HTTP verb, and this entails either creating or updating an existing item.

In this video, we retrieve a list of items from the database and also perform final Postman testing.

Everything works!

A great little PDF on advanced configuration, including modifying the authentication URL, key, and various handlers.

This lecture has a link to all the Python code we'll write in this section. Use it to check your code as you write it, or to refresh your memory!

In this lecture we look at installing all the requirements and getting set up.

In this lecture we start discussing Python packages, and how we can create them. We then move some files around to make the project more maintainable by logically grouping our files and classes.

In this video we create User and Item models. We discuss the difference between a model and a resource, as this is essential in order to design our programs well.

In this video we quickly test using Postman that our refactoring has not broken the API! This is extremely important, as it is easy to forget to test and then end up with a bunch of untested changes.

If something breaks, you won't know where to start fixing it!

In this video we look at advanced Postman usage: tests and environments.

This is extremely useful as it quickly lets us re-use existing text with environment variables.

Tests allow us to quick gauge whether an endpoint call has been successful or not. For example, if it took too long, returned an incorrect error code, didn't return the appropriate values, etc...

In this video we tell SQLAlchemy about our tables and columns, which includes defining the data types and primary key.

In this video we greatly simplify the ItemModel by using methods that SQLAlchemy gives us. We also look into the query builder, which is a key part of SQLAlchemy, and that allows us to easily build SQL queries just by using Python code.

In this video we implement the UserModel, which also simplifies it greatly.

In this video we massively simplify the ItemList resource by virtue of using SQLAlchemy.

Instead of a massive code spew, we can reduce our ItemList to a single line of concise and readable code.

In this video we look at the before_first_request decorator, which Flask has.

It allows us to run a method before the first request to the API is processed.

In this video, we create the tables before the first request so that we no longer need to create them manually.

In this video we demonstrate how quick and easy it can be to create new models for our API to use. Here we create a StoreModel, which also includes a relationship to the ItemModel.

Modelling relationships with SQLAlchemy is also surprisingly concise.

In this video we create the Store and StoreList resources, which is quick since they are similar to the Item and ItemList resources.

In this video we finalise testing our API using Postman, to make sure that all changes work appropriately.

I encourage you to test your API continuously, so you never write code that you don't know if it works or not.

In this video we look at installing Git.

In this illuminating video, we look at what a Git repository really is (hint: a few hidden files and folders).

In this part 1, we look at how the first few interactions with our local Git repository might go. It includes initialising the repository and adding files to the staging area.

In this second part of the Git workflow, we look at committing our code and pushing it to a remote repository, hosted on GitHub.

In this video we look at using SSH keys for security, and how we can set up GitHub with our SSH key.

In this video we look at what a README file is, and why you want one in your repository. It is particularly important for others wanting to use or contribute to your project.

This lecture contains a link to the Python code we'll write and use in this section. Use it to check for mistakes as you write your code, or to refresh your memory!

In this lecture we look into setting up the DigitalOcean account and server. As per the video, to receive your two free months of a DigitalOcean server, you can use this link: https://m.do.co/c/d54c088544ed

In this lecture we look at installing PostgreSQL in Ubuntu 16.04.

Installing PostgreSQL is not difficult due to Ubuntu's package manager: apt.

Using apt-get, we can easily install PostgreSQL and have it running immediately!

In this lecture we create a new UNIX user in our Ubuntu server, and give it a password.

In this lecture we set up our new user with a PostgreSQL database, and give it appropriate permissions (including permissions to use a password with the md5 format).

In this lecture we install nginx and set up the connection from nginx to the uWSGI process.

In this lecture we install uWSGI and set it up to run our REST API. This is the last step in the deployment!

In this lecture we verify our API works with the new deployment, and talk about next steps—such as using Varnish to improve performance.

This lecture quickly introduces security in REST APIs and what we'll be looking at in this section.

This lecture contains an e-book, which you can access to learn about enabling SSL (HTTPS) in REST APIs.

This lecture covers finding and purchasing our domain name.

This lecture covers setting up Cloudflare and its various options.

This lecture is all about understanding what the Domain Name System is and how it works. Interesting stuff!

In this lecture we set our DNS records so that our server is accessible through our domain name. We also look into a few different types of DNS records.

Before continuing with SSL, make sure your domain name is working and you can connect to the API!

In this lecture we create the SSL certificate. Cloudflare can provide us with a valid certificate, which is very handy.

In this lecture we configure our nginx installation to use the SSL certificate. It's just a matter of copying over the certificate and key, and changing some nginx config!

Verify your knowledge of domains and security in this quiz.

In this section we have looked at security in REST APIs in the form of SSL encryption of traffic between our clients and servers.

This means it's nearly impossible to snoop on the traffic and extract things like emails and passwords that are being sent via HTTPS requests.

A unique offer for those who finish the course, including where to go next with your learning of Python and REST API development.