DEV Community

loading...
Cover image for FastAPI over HTTPS for development on Windows

FastAPI over HTTPS for development on Windows

rajshirolkar profile image rajshirolkar ・3 min read

Today we'll implement FastAPI over HTTPS using mkcert and setup our own Certificate Authority(CA) on our localhost.

Note: since this is a self-signed certificate you might get a warning before accessing your API depending on which browser you're using.

We'll get started with the code right away so if your boss has told you "Cool get this running over https by EOD" you are in the right place.

  • Open cmd and make a directory for our app.
-> mkdir fastapi-https
-> cd fastapi-https
Enter fullscreen mode Exit fullscreen mode
  • Create and activate a virtual environment for your project and install fastapi and uvicorn in our virtual environment.
-> python -m venv ./venv
-> .\venv\Scripts\activate
(venv) -> pip install fastapi uvicorn 
Enter fullscreen mode Exit fullscreen mode

It's always a good practice to create virtual environments

  • Open the fastapi-https folder in VSCode and create a directory app which will contain our FastAPI application in app/main.py. Also create a file server.py to run our Uvicorn server and use it to serve our FastAPI app.
    So your directory structure should look like this:
    Alt Directory Structure

  • Paste the following code in app/main.py which will create a FastAPI route for us.

    from fastapi import FastAPI

    app = FastAPI()

    @app.get('/')
    def read_main():
        return { "message" : "Hello World of FastAPI HTTPS"}
Enter fullscreen mode Exit fullscreen mode
  • Since FastAPI doesn't come with a built-in web server like Flask and Django, we will be using Uvicorn which is an ASGI server. In the file server.py paste the following code -
import uvicorn

if __name__ == '__main__':
    uvicorn.run("app.main:app",
                host="0.0.0.0",
                port=8432,
                reload=True,
                )
Enter fullscreen mode Exit fullscreen mode

In this code in the main function we essentially tell the uvicorn server "Dude! Go to app.main and run whatever this 'app' is" and then we mention the host and port and yeah we do want to reload and all those things.

  • Now its run the server.py file with python server.py and go to this link http://localhost:8432/
    Alt It worked!

  • It works! But over "http" 🙄 this won't do in production. We need HTTPS in production. If you want to learn more about how HTTPS works, I will be writing another article here.
    To get HTTPS we need to install mkcert. Mkcert is a free way to get a self signed certificate for your app so it can run over HTTPS.
    Install mkcert using Chocolatey

-> choco install mkcert
Enter fullscreen mode Exit fullscreen mode
  • You need to generate the certificate and add to your CA with the mkcert utility
-> mkcert -install
-> mkcert localhost 127.0.0.1 ::1
Enter fullscreen mode Exit fullscreen mode
  • The certificate is at "localhost+2.pem" and the key at "localhost+2-key.pem" in our project folder. I like to rename the files as "cert.pem" and "key.pem" so its a bit easier on the eyes.

  • Now we just need to tell Uvicorn the location of these files and Uvicorn will do all the HTTPS heavy-lifting for us. In server.py add the ssl arguemnts

import uvicorn

if __name__ == '__main__':
    uvicorn.run("app.main:app",
                host="0.0.0.0",
                port=8432,
                reload=True,
                ssl_keyfile="./key.pem", 
                ssl_certfile="./cert.pem"
                )
Enter fullscreen mode Exit fullscreen mode

Discussion (1)

pic
Editor guide
Collapse
siboezeus profile image
Siboe

Thanks a lot for this. It is truly an eye-opener for me.

I am absolutely new to FastAPI. I am basically trying to find my way around. I am trying to build an app that will connect to an endpoint (an external web application ), fetch such details as a person's names, date of birth, social security number, residential address, photo, etc and save the details on my mssql database and render the same to a user in a html page. For example, if the user opens the fastapi app, he will be able to type in a social security number and with that, the app connects to the external web app to fetch all the biodata associated with that social security number and return them to him in a html page. If the details are already available in the local mssql database, the fastapi app will not need to contact the external endpoint.