A modern, production-ready RESTful API for managing a bookstore, built with FastAPI. This project demonstrates best practices in API development, including proper project structure, authentication, testing, and containerization.
- Modern Stack: Built with FastAPI, SQLAlchemy 2.0, and Pydantic v2
- JWT Authentication: Secure endpoints with JSON Web Tokens
- Complete CRUD: Full Create, Read, Update, Delete operations for books, authors, and users
- RESTful Design: Clean API design following REST principles
- Database Migrations: Alembic integration for database version control
- API Documentation: Auto-generated interactive docs with Swagger UI and ReDoc
- Security:
- Security headers middleware (XSS, CSRF, CSP protection)
- Rate limiting (per-IP throttling)
- Request ID tracking for distributed tracing
- Password hashing with bcrypt
- CORS configuration
- Monitoring & Observability:
- Prometheus metrics endpoint
- Comprehensive health checks (liveness, readiness, detailed)
- Structured logging with request tracking
- Performance metrics (request duration, in-flight requests)
- High Availability:
- Kubernetes deployment manifests
- Horizontal Pod Autoscaling (HPA)
- Multi-replica deployment support
- Graceful shutdown handling
- DevOps:
- GitHub Actions CI/CD pipeline
- Docker multi-stage builds for production
- Nginx reverse proxy configuration
- Database backup and restore scripts
- Environment-based configuration (dev/staging/prod)
- Testing: Comprehensive test suite with pytest and coverage
- Code Quality: Pre-commit hooks, Black, and Ruff for formatting and linting
- Docker Support: Containerized application with Docker and docker-compose
- Development Tools: Makefile for common tasks, hot-reload, debugging support
# Clone the repository
git clone https://github.com/pyenthusiasts/Bookstore-FAST-APIs-Backend.git
cd Bookstore-FAST-APIs-Backend
# Start the application
docker-compose up -d
# Seed the database (optional)
docker-compose exec api python scripts/seed_database.py
# Access the API at http://localhost:8000
# API Documentation: http://localhost:8000/docs# Clone the repository
git clone https://github.com/pyenthusiasts/Bookstore-FAST-APIs-Backend.git
cd Bookstore-FAST-APIs-Backend
# Create virtual environment
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Copy environment file
cp .env.example .env
# Run migrations
alembic upgrade head
# Seed the database (optional)
python scripts/seed_database.py
# Run the application
uvicorn app.main:app --reload
# Or use Make
make runBookstore-FAST-APIs-Backend/
│
├── app/ # Application package
│ ├── api/ # API layer
│ │ ├── v1/ # API version 1
│ │ │ ├── endpoints/ # API endpoints
│ │ │ │ ├── auth.py # Authentication endpoints
│ │ │ │ ├── users.py # User management endpoints
│ │ │ │ ├── authors.py # Author endpoints
│ │ │ │ └── books.py # Book endpoints
│ │ │ └── __init__.py # API router configuration
│ │ └── dependencies.py # Shared dependencies
│ │
│ ├── core/ # Core functionality
│ │ ├── config.py # Configuration settings
│ │ ├── security.py # Security utilities
│ │ └── logging_config.py # Logging configuration
│ │
│ ├── crud/ # Database operations
│ │ ├── user.py # User CRUD operations
│ │ ├── author.py # Author CRUD operations
│ │ └── book.py # Book CRUD operations
│ │
│ ├── db/ # Database layer
│ │ └── database.py # Database configuration
│ │
│ ├── models/ # SQLAlchemy models
│ │ ├── user.py # User model
│ │ ├── author.py # Author model
│ │ └── book.py # Book model
│ │
│ ├── schemas/ # Pydantic schemas
│ │ ├── user.py # User schemas
│ │ ├── author.py # Author schemas
│ │ ├── book.py # Book schemas
│ │ └── token.py # Token schemas
│ │
│ └── main.py # Application entry point
│
├── alembic/ # Database migrations
│ ├── versions/ # Migration scripts
│ └── env.py # Alembic configuration
│
├── scripts/ # Utility scripts
│ └── seed_database.py # Database seeding script
│
├── tests/ # Test suite
│ ├── conftest.py # Test configuration
│ ├── test_api.py # API tests
│ └── test_auth.py # Authentication tests
│
├── .env.example # Example environment variables
├── .gitignore # Git ignore rules
├── .pre-commit-config.yaml # Pre-commit hooks configuration
├── alembic.ini # Alembic configuration
├── docker-compose.yml # Docker Compose configuration
├── Dockerfile # Docker image definition
├── Makefile # Development commands
├── pyproject.toml # Python project configuration
├── pytest.ini # Pytest configuration
├── requirements.txt # Python dependencies
└── README.md # This file
All API endpoints are prefixed with /api/v1.
POST /api/v1/auth/register- Register a new userPOST /api/v1/auth/token- Login and get access token
GET /api/v1/users/me- Get current user informationGET /api/v1/users/- Get all users (authenticated)GET /api/v1/users/{user_id}- Get user by ID (authenticated)PUT /api/v1/users/{user_id}- Update user (authenticated, own profile only)DELETE /api/v1/users/{user_id}- Delete user (authenticated, own profile only)
GET /api/v1/authors/- Get all authorsGET /api/v1/authors/{author_id}- Get author by ID with booksPOST /api/v1/authors/- Create author (authenticated)PUT /api/v1/authors/{author_id}- Update author (authenticated)DELETE /api/v1/authors/{author_id}- Delete author (authenticated)
GET /api/v1/books/- Get all books (with optional author filter)GET /api/v1/books/{book_id}- Get book by ID with author detailsPOST /api/v1/books/- Create book (authenticated)PUT /api/v1/books/{book_id}- Update book (authenticated)DELETE /api/v1/books/{book_id}- Delete book (authenticated)
# Register a new user
curl -X POST http://localhost:8000/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{"username": "johndoe", "password": "secretpass123"}'
# Login to get access token
curl -X POST http://localhost:8000/api/v1/auth/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=johndoe&password=secretpass123"# Create an author (requires authentication)
curl -X POST http://localhost:8000/api/v1/authors/ \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name": "J.K. Rowling"}'
# Create a book (requires authentication)
curl -X POST http://localhost:8000/api/v1/books/ \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"title": "Harry Potter and the Philosopher'\''s Stone",
"description": "A young wizard'\''s journey begins",
"author_id": 1
}'# Get all books
curl http://localhost:8000/api/v1/books/
# Get books by specific author
curl http://localhost:8000/api/v1/books/?author_id=1
# Get author with all their books
curl http://localhost:8000/api/v1/authors/1# Run all tests
make test
# Or use pytest directly
pytest
# Run with coverage
pytest --cov=app# Format code
make format
# Run linters
make lint
# Install pre-commit hooks
make dev-install# Create a new migration
make migrate-create
# Apply migrations
make migrate
# Or use alembic directly
alembic revision --autogenerate -m "Add new field"
alembic upgrade headmake help # Show all available commands
make install # Install production dependencies
make dev-install # Install development dependencies
make test # Run tests
make lint # Run linters
make format # Format code
make clean # Clean build artifacts
make run # Run the application
make seed # Seed the database
make docker-up # Start docker containers
make docker-down # Stop docker containers
make migrate # Run database migrationsCreate a .env file based on .env.example:
# Application
APP_NAME=Bookstore API
DEBUG=False
# Security
SECRET_KEY=your-secret-key-here
ALGORITHM=HS256
ACCESS_TOKEN_EXPIRE_MINUTES=30
# Database
SQLALCHEMY_DATABASE_URL=sqlite:///./bookstore.db
# CORS
BACKEND_CORS_ORIGINS=http://localhost:3000,http://localhost:8000
# Logging
LOG_LEVEL=INFOWhen you seed the database, the following test users are created:
- Username:
admin/ Password:admin123 - Username:
user1/ Password:password123 - Username:
user2/ Password:password123 - Username:
user3/ Password:password123
For production deployment instructions, see DEPLOYMENT.md.
Quick production setup:
# Using Docker
docker-compose -f docker-compose.prod.yml up -d
# Or using Kubernetes
kubectl apply -f k8s/- Security: Rate limiting, security headers, HTTPS ready
- Monitoring: Prometheus metrics at
/metrics - Health Checks:
/health- Basic health/api/v1/health/live- Liveness probe/api/v1/health/ready- Readiness probe (with DB check)/api/v1/health/detailed- Comprehensive health info
- CI/CD: Automated testing and deployment with GitHub Actions
- Scalability: Kubernetes HPA for auto-scaling based on CPU/memory
- Backup: Automated database backup scripts
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- FastAPI - Modern web framework for building APIs
- SQLAlchemy - SQL toolkit and ORM
- Pydantic - Data validation using Python type hints
Happy Coding! If you have any questions or feedback, please open an issue on GitHub.