DEV Community

Dylan Anthony
Dylan Anthony

Posted on

Flask REST API: Introduction

Most of what I do as a professional developer involves back end services using Python and Flask. I've tried a bunch of different combinations of methodologies and technologies and come up with a pattern that seems to work well in most cases. Over the course of this series, I'll do my best to walk you through the different considerations when building web services and explain why I've made the choices that I've made. By the end, I hope to have both a guide to success for Flask developers and a template that can be used to kickstart new web dev projects.


Here are all the topics related to web services that I plan to cover. I'll give specific detail on how I solve each problem, but I'll try to also give general advice to be applied regardless of the language/framework you're using. Some of this may change as I write. I might add things on or leave things off based on interest in comments. Please let me know if you think I've missed anything here so I can make sure I add it as I start writing! I also plan to make all the code available on GitHub as I go.

  1. Foundation: Building an app that's ready to grow.
    1. Basic, sustainable package structure
    2. Dependency management
    3. Running services locally
    4. Integration with IDEs
    5. Basic unit tests
  2. Continuous Integration: Catching mistakes early
    1. Automated tests
    2. Static analysis
    3. Dependency Vulnerabilities
    4. Style checking
  3. Authentication: Knowing who is using your app
    1. Safely storing and checking credentials
    2. Using tokens to identify users
    3. Enforcing authentication on all resources
    4. Testing around authentication (mocking/faking)
  4. Databases: Storing and accessing data
    1. ORMs
    2. Disposable databases for testing
    3. Migrations (tracking schema changes)
  5. API Design: Making your services easy to use
    1. Defining API resources
    2. Basic operations (CRUD)
    3. API spec and dev UI
    4. Testing the API
  6. Authorization: Ensuring people only access their data
    1. Framework for expandable permissions
    2. Enforcing authorization checks on endpoints
  7. Asynchronous Tasks: Don't slow down your users
    1. Starting async jobs from requests
    2. Running periodic tasks
    3. Email Notifications
  8. Preparing for Production: Adding more stability
    1. Production servers
    2. Database technologies
    3. Containers (Docker)
    4. Security headers
    5. Version management (changelog)
    6. Logging
  9. Deploying: Getting you app out there
    1. Infrastructure as code
    2. DNS
    3. Load balancing
    4. Managing secrets
    5. Multiple environments
    6. Alarms/notifications when problems occur
    7. Manual and continuous deployment
  10. Consuming the API: Actually using the thing
    1. Using the UI
    2. Using API tools (Postman)
    3. Generating client libraries

Top comments (5)

varinodd profile image

I'm just starting python scripting. There's a lot I want to learn with python such as Flask, Container, Deployment, Auto Scaling, etc and your tutorials seem to cover it all. I'd love to follow your tutorial :)

loki profile image
Loki Le DEV

I have no experience in web dev but I am starting to need some proper backend services at my company, as I'm fluent in python, flask looks really cool so I want to try it, I'm looking forward to read your tutorial :)

o_numero10 profile image
Filipe Silva

This looks ambitious as hell. Can't wait!

valandinos profile image
Valentin Eleftheriou

Nice initiative ! I'm developping a Flask application also at work working in the cloud, I'd be delighted to compare notes :-)

zltn profile image

Great outline, looks exciting! I'll definitely follow along :)