AgentSkillsCN

fastapi

FastAPI Python框架:支持REST API、数据校验、依赖注入以及安全性保障。关键词:Pydantic、async异步编程、OAuth2、JWT。

SKILL.md
--- frontmatter
name: fastapi
description: "FastAPI Python framework. Covers REST APIs, validation, dependencies, security. Keywords: Pydantic, async, OAuth2, JWT."
version: "0.128.0"
release_date: "2025-12-27"

FastAPI

This skill provides comprehensive guidance for building APIs with FastAPI.

Quick Navigation

TopicReference
Getting startedreferences/first-steps.md
Path parametersreferences/path-parameters.md
Query parametersreferences/query-parameters.md
Request bodyreferences/request-body.md
Validationreferences/validation.md
Body advancedreferences/body-advanced.md
Cookies/Headersreferences/cookies-headers.md
Pydantic modelsreferences/models.md
Forms/Filesreferences/forms-files.md
Error handlingreferences/error-handling.md
Path configreferences/path-config.md
Dependenciesreferences/dependencies.md
Securityreferences/security.md
Middlewarereferences/middleware.md
CORSreferences/cors.md
Databasereferences/sql-databases.md
Project structurereferences/bigger-applications.md
Background tasksreferences/background-tasks.md
Metadata/Docsreferences/metadata-docs.md
Testingreferences/testing.md
Advanced responsesreferences/responses-advanced.md
WebSocketsreferences/websockets.md
Templatesreferences/templates.md
Settings/Env varsreferences/settings.md
Lifespan eventsreferences/lifespan.md
OpenAPI advancedreferences/openapi-advanced.md

When to Use

  • Creating REST APIs with Python
  • Adding endpoints with automatic validation
  • Implementing OAuth2/JWT authentication
  • Working with Pydantic models
  • Adding dependency injection
  • Configuring CORS, middleware
  • Uploading files, handling forms
  • Testing API endpoints

Installation

bash
pip install "fastapi[standard]"  # Full with uvicorn
pip install fastapi              # Minimal
pip install python-multipart     # For forms/files

Quick Start

python
from fastapi import FastAPI

app = FastAPI()

@app.get("/")
def read_root():
    return {"Hello": "World"}

@app.get("/items/{item_id}")
def read_item(item_id: int, q: str | None = None):
    return {"item_id": item_id, "q": q}

Run: fastapi dev main.py

Core Patterns

Type-Safe Parameters

python
from typing import Annotated
from fastapi import Path, Query

@app.get("/items/{item_id}")
def read_item(
    item_id: Annotated[int, Path(ge=1)],
    q: Annotated[str | None, Query(max_length=50)] = None
):
    return {"item_id": item_id, "q": q}

Request Body with Validation

python
from pydantic import BaseModel, Field

class Item(BaseModel):
    name: str = Field(min_length=1, max_length=100)
    price: float = Field(gt=0)

@app.post("/items/", response_model=Item)
def create_item(item: Item):
    return item

Dependencies

python
from fastapi import Depends

async def get_db():
    db = SessionLocal()
    try:
        yield db
    finally:
        db.close()

@app.get("/users/")
def list_users(db: Annotated[Session, Depends(get_db)]):
    return db.query(User).all()

Authentication

python
from fastapi.security import OAuth2PasswordBearer

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]):
    return decode_token(token)

@app.get("/users/me")
def read_me(user: Annotated[User, Depends(get_current_user)]):
    return user

API Documentation

  • Swagger UI: /docs
  • ReDoc: /redoc
  • OpenAPI: /openapi.json

Best Practices

  • Use Annotated[Type, ...] for parameters
  • Define Pydantic models for request/response
  • Use response_model for output filtering
  • Add status_code for proper HTTP codes
  • Use tags for API organization
  • Add dependencies at router/app level for auth

Prohibitions

  • ❌ Return raw database models (use response models)
  • ❌ Store passwords in plain text (use bcrypt/passlib)
  • ❌ Mix Body with Form/File in same endpoint
  • ❌ Use sync blocking I/O in async endpoints
  • ❌ Skip HTTPException for error handling

Links