How to Create RESTful APIs with Flask and Python

RESTful APIs are essential in modern development, allowing different systems to communicate in an efficient and scalable way. Python, with its Flask framework, offers a simple and powerful approach to creating APIs. In this guide, we'll explore how to create a RESTful API using Flask, covering everything from the basics to authentication and consumption with HTTP clients.

What is a RESTful API?

Before we start with the code, it is important to understand what a RESTful API is. API (Application Programming Interface) is a set of rules that allow one software to communicate with another. The REST (Representational State Transfer) style defines a set of principles that the API must follow:

• Client-Server: Separation between the client (who consumes the API) and the server (who provides the data).
• Stateless: Each request made by the client must contain all the information necessary for the server to process.
• Cacheable: API responses can be cached to improve performance.
• Uniform Interface: Communication between client and server must be done in a standardized way, using HTTP methods such as GET, POST, PUT and DELETE.

Creating a RESTful API with Flask

Now we will create a simple API that manages a list of users. The API will allow you to add, edit, view and delete users.

1. Installing Flask

First, make sure you have Flask installed. If not, you can install it using pip:

pip install Flask

2. Project Structure

Our project will have the following structure:

/api_flask
│
├── app.py
└── requirements.txt

3. Configuring Flask

In the app.py file, we start by importing the necessary libraries and configuring our Flask application:

from flask import Flask, jsonify, request

app = Flask(__name__)

# Dados simulados
users = [
    {'id': 1, 'name': 'Alice', 'email': 'alice@example.com'},
    {'id': 2, 'name': 'Bob', 'email': 'bob@example.com'}
]

4. Creating Endpoints

Now, let's create our endpoints for view, add, update and delete users.

4.1. Endpoint to List Users

We will use the GET method to list all users:

@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users), 200

4.2. Endpoint to Get a Specific User

We will use the GET method with the user ID to get details of a specific user:

@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    user = next((user for user in users if user['id'] == user_id), None)
    if user:
        return jsonify(user), 200
    else:
        return jsonify({'message': 'User not found'}), 404

4.3. Endpoint to Create a New User

The POST method will be used to add a new user. The client will send the data in JSON format.

@app.route('/users', methods=['POST'])
def create_user():
    data = request.get_json()
    new_user = {
        'id': len(users) + 1,
        'name': data['name'],
        'email': data['email']
    }
    users.append(new_user)
    return jsonify(new_user), 201

4.4. Endpoint to Update a User

Here we use the PUT method to update the data of an existing user:

@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    data = request.get_json()
    user = next((user for user in users if user['id'] == user_id), None)
    if user:
        user['name'] = data['name']
        user['email'] = data['email']
        return jsonify(user), 200
    else:
        return jsonify({'message': 'User not found'}), 404

4.5. Endpoint to Delete a User

We use the DELETE method to remove a user:

@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    global users
    users = [user for user in users if user['id'] != user_id]
    return jsonify({'message': 'User deleted'}), 200

5. Running the API

Now, just run our application:

if __name__ == '__main__':
    app.run(debug=True)

Running the app.py file, our API will be available at http://127.0.0.1:5000/users.

6. Authentication with Flask

To add a layer of security to our API, we can use JWT (JSON Web Token). With JWT, we can ensure that only authenticated users can access certain endpoints.

6.1. Installing Flask-JWT-Extended

Install the required extension:

pip install Flask-JWT-Extended

6.2. Configuring JWT

Update your app.py file to include JWT authentication:

from flask_jwt_extended import JWTManager, create_access_token, jwt_required

app.config['JWT_SECRET_KEY'] = 'your-secret-key'  # Troque pela sua chave secreta
jwt = JWTManager(app)

# Login para obter o token
@app.route('/login', methods=['POST'])
def login():
    data = request.get_json()
    if data['username'] == 'admin' and data['password'] == 'admin':
        access_token = create_access_token(identity={'username': 'admin'})
        return jsonify(access_token=access_token), 200
    else:
        return jsonify({'message': 'Invalid credentials'}), 401

# Exemplo de endpoint protegido
@app.route('/protected', methods=['GET'])
@jwt_required()
def protected():
    return jsonify({'message': 'Access granted to protected endpoint'}), 200

Now, when accessing the /protected endpoint, it will be necessary to send the JWT token in the request header to authenticate the user.

7. Consuming the API with HTTP Client

To consume the API, we can use tools like Postman or libraries like requests in Python.

Example of how to consume the API using requests:

import requests

# Consumindo o endpoint de listagem de usuários
response = requests.get('http://127.0.0.1:5000/users')
print(response.json())

Conclusion

Creating a RESTful API with Flask is straightforward and flexible. Flask offers a minimalist framework that can be expanded to include features such as authentication, error handling, and other layers of security. By following REST principles and good development practices, it is possible to build efficient and scalable APIs with Python.

Now you can build your own RESTful API with Flask, customizing as per your needs and requirements.

The above is the detailed content of How to Create RESTful APIs with Flask and Python. For more information, please follow other related articles on the PHP Chinese website!