✔️ Discover Flask, a lightweight framework to build a Python backend.
✔️ Interact with a MySQL database
✔️ Build a basic todo list & authentication system
In this workshop, you'll lean how to use Flask to easily create a REST API performing operations on a database.
💡 A quick documentation about REST API.
All the required information to install the workshop's dependencies are given in the SETUP.md
Now that everything is installed, let's create a basic Flask application.
Don't worry, Flask is designed for a quick and simple start 😉
- Create a file
app.py, in which you will initialize Flask with a basic route:- It should listen on the
/endpoint - Use the
GETmethod only - Respond with
Hello world
- It should listen on the
To test your route, you can use flask run to launch the server and open your browser at http://localhost:5000.
💡 Several options can be provided to
flask runto customize it's behavior (the debug mode can be useful to reload the server when your file changes).
You can also run your app from your Python file with specific parameters and launch it withpython app.py😉
Congratulations, you have successfully created your first endpoint 🥳
The next step is to add a route to register users.
When starting your mysql server with docker compose in the setup, an SQL file was run and created a database with 2 tables, user and todo.
To interact with it, you need a basic database.py file. It creates the connection with the DB for you, your job will be to add methods to perform SQL queries and use them in your app.
If you take a look at database.py, you'll notice that we are loading several database config variables from the environment. You have to create a .env file and add the corresponding values.
Some of the values can be found in the
dbfolder.
Flask will automatically load the
.envfile for you 😉
Once you are done, create a /register endpoint using the POST method. Every call must provide 2 JSON params: an email and a password.
💡 You can access the params using the request object
After retrieving these parameters, add a create_user method in database.py to insert them in the user table.
💡 The official documentation of the mysql connector will be useful to discover how to perform queries.
You will also need to write some SQL, here's a small cheatsheet to help you getting starting with SQL 🚀
Test your route using postman, and don't forget to add some error handling in case your insertion failed.
Now that we are able to create users, the next logical step is to retrieve a registered user.
But wait, didn't we forget something in the previous step?
In a real-world scenario, storing the password without any form of encryption is a really bad practice: any person who manages to access our database could log as any user
Update your previous code to hash the password before storing it 🔒
You can use bcrypt to generate the hash and check it later
Alright, we can now move on to the next route:
Create a /login endpoint with the same characteristics than /register, but this time you will check if the data given matches an user in your table.
💡 Don't forget what you did just before: the stored password in now hashed 😉
The user part is functional, congratulations!
Now let's add another simple endpoint to interact with another table of our database:
The goal is to create a todo for an user by POSTing on the /todos route.
As always, don't forget to handle errors and display a success message at the end 😉
Creating todos is great, but being able to retrieve them is better!
For this, you'll use the same endpoint /todos but with the GET method.
Instead of duplicating your decorators with the only change being the method, you should use flask_restful to handle this case in a cleaner way 🚀
💡 You can return an array of strings corresponding to the todos' content, we don't need the other fields
- Use an ORM like SQLAlchemy for easier database interactions
- Add a real authentication using JWT and restrict access to
/todos
 Toni Da rodda |
 Reza Rahemtola |
|---|
🚀 Don't hesitate to follow us on our different networks, and put a star 🌟 on
PoC'srepositories.