# 🎯 FastAPI 

## 🚀 Introduction

We are starting our journey into **FastAPI**.
FastAPI is a **modern, fast (high-performance) web framework** for building APIs with Python, based on **standard Python type hints**.

Before diving into FastAPI, let’s understand **what an API actually is**.

---

## ❓ What is an API? (The Problem)

When building software, we often need **different components** (e.g., frontend, backend, database, mobile apps) to **communicate with each other**.
But how do they talk in a structured way? 🤔


without api we also communicate but here we adopt monolithic architecture whih is very bad becasue in any single flop crash whole website thats why it is not good so 

That’s where **APIs** come in.

---

## ✅ Definition (The Solution)

An **API (Application Programming Interface)** is a mechanism that enables **two software components** (such as the frontend and backend of an application) to **communicate with each other** using a defined set of:

* **Rules**
* **Protocols**
* **Data formats**

In simpler words:
👉 An API is like a **messenger** that carries requests from one part of the system to another and delivers responses back.

---

## 📌 Example Use Case

* A **mobile app (frontend)** wants to fetch user profile data.
* It sends an **API request** to the **backend server**.
* The backend processes the request, gets the data from the database, and sends an **API response** back to the frontend.
* The frontend shows the data to the user.


]

---

# 🌟 Key Features of FastAPI

## ⚡ Core Advantages

* **Fast** 🚀: Very high performance, on par with **NodeJS** and **Go** (thanks to Starlette and Pydantic). One of the fastest Python frameworks available.
* **Fast to Code** ⌨️: Increases development speed by about **200% to 300%**.
* **Fewer Bugs** 🐞: Reduces about **40% of developer-induced errors** due to built-in validation and typing.


1. **Automatic Input Validation**

   * Built on top of **Pydantic**, FastAPI automatically validates request data (query params, body, headers, cookies).
   * Reduces boilerplate code and prevents invalid inputs from reaching your logic.

2. **Auto-Generated Interactive Documentation**

   * FastAPI automatically generates **Swagger UI** and **ReDoc** docs.
   * Developers and testers can try out endpoints directly from the browser without writing extra documentation.

3. **Seamless Integration with Modern Ecosystem**

   * Works smoothly with **Machine Learning & Deep Learning libraries** (TensorFlow, PyTorch, Scikit-learn).
   * Built-in support for **OAuth2, JWT authentication, SQLAlchemy, async ORMs**.
   * Easy deployment with **Docker, Kubernetes, and cloud providers**.

---





# ⚖️ Why Choose FastAPI Instead of Flask?

## ❓ The Problem

For many years, developers used **Flask** to build APIs.
But as applications grew more **complex, high-traffic, and real-time**, Flask’s **older technology stack** began showing limitations.

---

## ✅ The Solution: FastAPI Advantages

FastAPI solves these limitations with **modern design and technology**:

1. **ASGI vs WSGI**

   * Flask uses **WSGI (Web Server Gateway Interface)** → can only handle **synchronous requests** (one at a time per worker).
   * FastAPI uses **ASGI (Asynchronous Server Gateway Interface)** → can handle **concurrent requests**, ideal for modern real-time apps (chat systems, IoT, async DB queries).

2. **⚡ Fast (Performance on par with NodeJS & Go)**

   * Thanks to **Starlette** (for web layer) and **Pydantic** (for validation), FastAPI is **one of the fastest Python frameworks available**.
   * Performance is **comparable to NodeJS and Go**, far ahead of Flask in benchmarks.

3. **Rust-Powered Validation**

   * **Pydantic**, which powers request/response validation, uses **Rust under the hood** → blazing fast JSON/data validation.
   * Flask needs manual checks or extra libraries, which are slower.

4. **Type Hints = Auto Validation + Docs**

   * FastAPI relies on **Python type hints** to generate:

     * Automatic **request validation**
     * Automatic **interactive Swagger & ReDoc documentation**
   * Flask requires **extra libraries** (like Marshmallow) and manual documentation.

5. **Web Servers (Gunicorn vs Uvicorn)**

   * Flask typically runs on **Gunicorn + WSGI** stack.
   * FastAPI typically runs on **Uvicorn + ASGI** stack.
   * **Gunicorn (Green Unicorn)**: traditional WSGI HTTP server, great for sync apps but not built for async.
   * **Uvicorn (Unicorn)**: lightning-fast ASGI web server built on **uvloop** and **httptools** (written in C), designed for async and high concurrency.

---


## 🛠️ Web Server Features

### 🔹 Gunicorn (for Flask)

* WSGI-based (sync only).
* Battle-tested for years.
* Relies on multiple workers to scale (CPU-bound).
* Simpler, but not suited for modern async workloads.

### 🔹 Uvicorn (for FastAPI)

* ASGI-based (async-ready).
* Uses **uvloop** (fast event loop in C) → performance boost.
* Uses **httptools** (C-based HTTP parser) → very efficient.
* Built for **high concurrency and real-time communication** (WebSockets, streaming).

---

✅ **Summary**:
We choose **FastAPI over Flask** because it’s:

* **⚡ Faster** (NodeJS/Go-level speed).
* **🌀 Async-ready (ASGI + Uvicorn)**.
* **🦀 Rust-powered validation** (via Pydantic).
* **📘 Type-hint driven auto-docs & validation**.
* **👨‍💻 Developer-friendly** with modern features.

👉 That makes FastAPI + Uvicorn the best choice for **modern, high-performance APIs**.



# 🚀 Your First FastAPI Application



## Step 1: Create the Basic App

Create a file called **`main.py`**:

```python
from fastapi import FastAPI

app = FastAPI()

@app.get("/")
async def root():
    return {"message": "Hello World"}
```

---

## Step 2: Run the Application

In your terminal, run:

```bash
uvicorn main:app --reload
```

* `main` = file name (`main.py`)
* `app` = FastAPI instance
* `--reload` = auto-reload on code changes

Server runs at 👉 `http://127.0.0.1:8000`

---

## Step 3: Test Your API

* **Basic JSON Response** → `http://127.0.0.1:8000`
* **Swagger UI Docs** → `http://127.0.0.1:8000/docs`
* **ReDoc Docs** → `http://127.0.0.1:8000/redoc`
* **OpenAPI Schema (raw JSON)** → `http://127.0.0.1:8000/openapi.json`

---

# 🧩 Understanding the Code

### Import FastAPI

```python
from fastapi import FastAPI
```

FastAPI is a Python class that provides all the functionality for your API.

---

### Create App Instance

```python
app = FastAPI()
```

Here, `app` is an **instance** of the class `FastAPI`.
This will be the main point of interaction to create all your API.

---

### Path Operation

> **Key terms (don’t miss):**
>
> * **Path** → the last part of the URL starting from the first `/`.
> * **A “path” is also commonly called an *endpoint* or a *route*.** ✅
> * **Operation** → one of the HTTP **methods** (GET, POST, etc.).

`@app.get("/")` tells FastAPI that the function right below handles requests that go to:

* the path `/`
* using a **GET** operation

#### @decorator Info

That `@something` syntax in Python is called a **decorator**.
You put it on top of a function — it **wraps** the function with extra behavior.

In our case, this decorator tells FastAPI that the function below corresponds to the path `/` with an operation **GET**.
It is the **path operation decorator**.

```python
@app.get("/")
async def root():
    return {"message": "Hello World"}
```

* **Decorator** → `@app.get("/")` (says: handle GET requests at `/`)
* **Function** → Runs when someone calls that URL
* **Return** → Any Python `dict`, `list`, `str`, `int`, `bool` (auto-converted to JSON)

---

# 🌍 HTTP Methods in FastAPI

You can use **all HTTP methods**:

```python
@app.get("/items")          # Read data
@app.post("/items")         # Create data
@app.put("/items/{id}")     # Replace data
@app.patch("/items/{id}")   # Partial update
@app.delete("/items/{id}")  # Delete data
@app.options("/items")      # Returns allowed methods
@app.head("/items")         # Returns only headers
@app.trace("/items")        # Debugging
```

👉 Normally used meanings:

* **GET** → Retrieve data
* **POST** → Create new data
* **PUT** → Replace existing data
* **PATCH** → Update partially
* **DELETE** → Remove data

> **Notes**
>
> * **OPTIONS** returns the allowed methods for a route.
> * **HEAD** is like GET but returns only headers (no body).
> * **TRACE** echoes the request (mainly for debugging).

---

# 📑 What is a “Schema”?

The word **schema** is used in two main contexts:

## 1) API Schema (OpenAPI Schema)

* Describes your entire API: paths, methods, request/response formats.
* Generated automatically at → `/openapi.json`.

Example (snippet):

```json
{
  "openapi": "3.1.0",
  "info": {"title": "FastAPI", "version": "0.1.0"},
  "paths": {
    "/": {
      "get": {
        "responses": {
          "200": {"description": "Successful Response"}
        }
      }
    }
  }
}
```

## 2) Data Schema (JSON Schema)

* Describes the **shape of the data** (what fields exist and what types).

Example: A `User` object might look like:

```json
{
  "name": "Alice",
  "age": 25
}
```

JSON Schema for it:

```json
{
  "type": "object",
  "properties": {
    "name": {"type": "string"},
    "age": {"type": "integer"}
  },
  "required": ["name", "age"]
}
```

👉 So:

* **API schema** = description of the whole API.
* **Data schema** = description of the data inside requests/responses.

---

# ✅ Recap

1. Create a FastAPI app with `app = FastAPI()`.
2. Use **decorators** like `@app.get`, `@app.post` to define routes.
3. Run with `uvicorn main:app --reload`.
4. Test at `/`, `/docs`, `/redoc`.
5. Understand **schemas** → API schema (OpenAPI) + Data schema (JSON Schema).
6. Use all HTTP methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD, TRACE.



# 📑 FastAPI Parameters Complete Reference

| Parameter Type | Syntax Example | What it is | Why it's Used (Problem it Solves) | When to Use | Common Examples |
|---|---|---|---|---|---|
| **Path Parameter** | `/items/{item_id}` | Variable part of the URL path that captures dynamic values | Identifies specific resources cleanly in RESTful URLs | Need to fetch/modify one specific item by its unique identifier | `/users/123`, `/products/abc`, `/posts/my-blog-post` |
| **Query Parameter** | `?key=value&page=1` | Parameters passed after `?` in URL, separated by `&` | Filters, searches, pagination, and optional inputs without changing URL structure | Optional parameters, filtering lists, search terms, sorting | `?search=python&limit=10`, `?category=books&sort=price` |
| **Request Body** | `{ "name": "John", "age": 30 }` | JSON or structured data sent in HTTP request body | Handles complex/nested data that doesn't fit in URL | Sending structured data, creating/updating resources | User registration, product creation, complex forms |
| **Header** | `Authorization: Bearer xyz` | Key-value pairs in HTTP request headers | Sends metadata separate from actual data | Authentication, API versioning, content-type specification | `Authorization`, `Content-Type`, `X-API-Version` |
| **Cookie** | `session_id=abc123` | Small data stored in browser, automatically sent with requests | Maintains state across stateless HTTP requests | User sessions, preferences, tracking without requiring login | Login sessions, shopping cart, user preferences |
| **Form Data** | `username=john&password=secret` | URL-encoded form submissions (`application/x-www-form-urlencoded`) | Traditional web form handling, simpler than JSON | HTML forms, simple key-value data, legacy system integration | Login forms, contact forms, simple surveys |
| **File Upload** | `multipart/form-data` with file attachment | Special form encoding that supports binary file data | Enables file transfer over HTTP | Uploading documents, images, media files | Profile pictures, document uploads, CSV imports |

# 📌 Path Parameters in FastAPI

### 🔹 What are Path Parameters?

* Variables that are **part of the URL path**.
* Defined inside curly braces `{}` in the route.
* Their value is passed to your function as an argument.
* Commonly used to **identify specific resources** (e.g., `/users/123` → `user_id = 123`).
* also get more values from single path

---

### 🔹 Example 1: Simple Path Parameter

```python
from fastapi import FastAPI

app = FastAPI()

@app.get("/items/{item_id}")
def read_item(item_id):
    return {"item_id": item_id}
```

👉 Request:

* `/items/42` → Response: `{"item_id": "42"}` (string, since no type defined).

---

### 🔹 Example 2: Path Parameter with Type

```python
from fastapi import FastAPI

app = FastAPI()

@app.get("/items/{item_id}")
def read_item(item_id: int):
    return {"item_id": item_id}
```

👉 Request:

* `/items/32` ✅ → Response: `{"item_id": 32}` (as Python **int**, not string).
* `/items/thirty` ❌ → Validation error (must be an integer).

---

### ⚠️ Important Note: FastAPI vs Pydantic Smart Conversion

* **Pydantic** (used internally by FastAPI) has a **smart conversion feature**:

  * Example: `int("32") → 32` ✅
  * Example: `int("thirty") → ❌ error`

* **FastAPI Path Parameters** are stricter:

  * If you declare `item_id: int` and pass `/items/32` → works ✅
  * If you pass `/items/"32"` (string quotes in URL) → **validation error** ❌
  * FastAPI doesn’t auto-convert everything blindly — it enforces **type safety**.

⚠️ **Warning**: Don’t confuse Pydantic’s smart conversion with FastAPI’s path parsing.
Path parameters are taken directly from the URL, validated against the declared type, and only converted if valid.

---

✅ This ensures your API stays **robust and predictable**:

* `"32"` → ✅ converted to int
* `"thirty"` → ❌ error (invalid input)


### 🔹 Example 3: Path Converter (`:path`)

Sometimes you need the parameter itself to contain a **full path** (with slashes).
FastAPI supports this using **Starlette path converters**.

```python
from fastapi import FastAPI

app = FastAPI()

@app.get("/files/{file_path:path}")
def read_file(file_path: str):
    return {"file_path": file_path}
```

👉 Requests:

* `/files/somefile.txt` → `{"file_path": "somefile.txt"}`
* `/files/home/johndoe/myfile.txt` → `{"file_path": "home/johndoe/myfile.txt"}`
* If you need a leading `/`, use: `/files//home/johndoe/myfile.txt`
---

## 🔹 Numeric Validations with `Path`

Just like query parameters, you can apply **validations and metadata** to path parameters.

### Example 4: Basic Validation (≥ 1)

```python
from fastapi import FastAPI, Path
from typing import Annotated

app = FastAPI()

@app.get("/items/{item_id}")
def read_item(item_id: Annotated[int, Path(ge=1)]):
    return {"item_id": item_id}
```

👉 `/items/5` ✅ → valid
👉 `/items/0` ❌ → must be ≥ 1

---

### Example 5: Multiple Validations

```python
@app.get("/products/{product_id}")
def read_product(
    product_id: Annotated[int, Path(gt=0, le=1000)]
):
    return {"product_id": product_id}
```

👉 `/products/50` ✅
👉 `/products/0` ❌ (must be > 0)
👉 `/products/2000` ❌ (must be ≤ 1000)

---

### Example 6: Float Path Parameters

```python
@app.get("/ratings/{score}")
def get_rating(score: Annotated[float, Path(gt=0, lt=5)]):
    return {"score": score}
```

👉 `/ratings/4.5` ✅
👉 `/ratings/0` ❌
👉 `/ratings/6` ❌

---

### ✅ Recap

With `Path` (same as `Query`):

* `gt` → greater than
* `ge` → greater than or equal
* `lt` → less than
* `le` → less than or equal


# 🔍 Query Parameters in FastAPI

### 🔹 What are Query Parameters?

* Parameters that come **after the `?` in a URL**, separated by `&` characters
* **Any function parameter** that is NOT defined in the path (not inside `{}`) automatically becomes a **query parameter**
* Used for **optional data** like filters, search terms, pagination, sorting
* Format: `?key1=value1&key2=value2`

---

### 🔹 Key Rule: Path vs Query Parameter Detection

```python
@app.get("/items/{item_id}")  # item_id is in {} → PATH PARAMETER
def read_item(item_id: str, q: str):  # q is NOT in {} → QUERY PARAMETER
    return {"item_id": item_id, "query": q}
```

**FastAPI's Smart Detection:**

* ✅ **Inside `{}` in route** → Path Parameter
* ✅ **NOT in `{}` but in function** → Query Parameter
* ✅ **Automatic interpretation** - no extra configuration needed

---

### 🔹 Example 1: Basic Query Parameter

```python
from fastapi import FastAPI

app = FastAPI()

@app.get("/items/{item_id}")
def read_item(item_id: str, q: str):
    return {"item_id": item_id, "query": q}
```

👉 Requests:

* `/items/foo?q=search_term` → `{"item_id": "foo", "query": "search_term"}`
* `/items/foo` → ❌ **Error** (q is required)

---

### 🔹 Example 2: Optional Query Parameters

```python
from fastapi import FastAPI

app = FastAPI()

@app.get("/items/{item_id}")
def read_item(item_id: str, q: str | None = None):
    if q:
        return {"item_id": item_id, "query": q}
    return {"item_id": item_id}
```

👉 Requests:

* `/items/foo?q=search` → `{"item_id": "foo", "query": "search"}`
* `/items/foo` → `{"item_id": "foo"}` ✅ **Works** (q is optional)

---

### 🔹 Example 3: Multiple Query Parameters with Types

```python
@app.get("/items/{item_id}")
def read_item(item_id: str, q: str | None = None, skip: int = 0, limit: int = 10):
    return {
        "item_id": item_id,
        "query": q,
        "skip": skip,
        "limit": limit
    }
```

👉 Requests:

* `/items/foo` → `{"item_id": "foo", "query": null, "skip": 0, "limit": 10}`
* `/items/foo?q=bar&skip=20&limit=100` → All parameters included
* `/items/foo?skip=5` → Only skip changes, others use defaults

---

### 🔹 Example 4: Boolean Query Parameters

```python
@app.get("/items/{item_id}")
def read_item(item_id: str, short: bool = False):
    item = {"item_id": item_id}
    if not short:
        item.update({"description": "This is a long description"})
    return item
```

👉 Boolean Conversion (FastAPI is smart):

* `/items/foo?short=1` → `short = True`
* `/items/foo?short=True` → `short = True`
* `/items/foo?short=true` → `short = True`
* `/items/foo?short=on` → `short = True`
* `/items/foo?short=yes` → `short = True`
* `/items/foo` → `short = False` (default)

---

### 🔹 Example 5: Query Parameters with Validation

You can add **extra validation** using `Query`.

```python
from fastapi import FastAPI, Query
from typing import Annotated

app = FastAPI()

@app.get("/items/")
def read_items(q: Annotated[str | None, Query(max_length=50)] = None):
    return {"q": q}
```

👉 Behavior:

* `/items/?q=short` ✅ Works
* `/items/?q=` → Empty string allowed (still valid)
* `/items/?q=averylongstringover50characters...` ❌ Error (422 validation)

---

### 🔹 Example 6: Regex Validation

```python
@app.get("/users/")
def read_users(
    username: Annotated[
        str | None, Query(regex="^user_[a-zA-Z0-9]+$")
    ] = None
):
    return {"username": username}
```

👉 Behavior:

* `/users/?username=user_john123` ✅ Works
* `/users/?username=admin` ❌ Error (doesn’t match regex)

---

---

### 🔹 Example 7: Query Parameter Models (Reusable Groups)

If you have a **set of related query parameters** (like pagination),
use a **Pydantic model** for better structure and reusability.

```python
from typing import Annotated
from fastapi import FastAPI, Query
from pydantic import BaseModel, Field

app = FastAPI()

class FilterParams(BaseModel):
    limit: int = Field(100, gt=0, le=100)   # limit between 1–100
    offset: int = Field(0, ge=0)            # offset must be ≥ 0

@app.get("/items/")
async def read_items(filter_query: Annotated[FilterParams, Query()]):
    return filter_query
```

👉 Requests:

* `/items/?limit=50&offset=10` → `{"limit": 50, "offset": 10}`
* `/items/` → Defaults → `{"limit": 100, "offset": 0}`

✅ Benefits:

* Group related query params together
* Add **validations & metadata** once
* Reuse the same model in multiple endpoints

---

### 🧠 Why `Annotated` is Recommended?

* **Keeps defaults clean** → function default stays Pythonic
* **Better editor support** → type hints remain correct
* **Works outside FastAPI too** → avoids surprises if function is reused
* **Multiple metadata** → you can combine validations easily

---

### ⚠️ Important Notes

**Parameter Detection Logic:**

* Parameters inside `{param}` in route = **Path Parameters** (required)
* Parameters in function but NOT in route = **Query Parameters** (optional by default)
* Query parameters with default values = **Optional**
* Query parameters without defaults = **Required**

**Type Validation:**

* FastAPI automatically validates query parameter types
* Invalid types return **422 Unprocessable Entity**
* Boolean parameters accept many formats (`true`, `1`, `on`, `yes`)




# 📌 Request Body in FastAPI

### 🔹 What is a Request Body?

* A **Request Body** is data **sent by the client** to your API.
* A **Response Body** is data your API **sends back to the client**.
* Clients don’t always send a body (e.g., simple `GET /items/1`), but when they need to **send structured data** (e.g., user info, product details), they use a **request body**.

---

### 🔹 When to Use Request Body?

* For operations like **create, update, delete, patch** resources.
* Typically with **POST, PUT, DELETE, PATCH** methods.
* ⚠️ Sending a body with `GET` is **not recommended** → it’s against HTTP standards, so Swagger docs won’t even show it.

---

### 🔹 Declaring a Request Body (with Pydantic Models)

FastAPI uses **Pydantic models** to define request bodies.
This gives you:

* Data validation ✅
* Data conversion ✅
* Auto-generated docs ✅

```python
from fastapi import FastAPI
from pydantic import BaseModel

app = FastAPI()

# Define schema with Pydantic
class Item(BaseModel):
    name: str
    description: str
    price: int

# POST → Create item
@app.post("/items")
def create_item(item: Item):
    return {"request_body": item}

# PUT → Update item
@app.put("/items/{item_id}")
def update_item(item_id: int, item: Item):
    return {"item_id": item_id, **item.dict()}
```

---

### 🔹 Behavior of Parameters in FastAPI

* If parameter is declared in **path** (`/items/{item_id}`) → it’s a **Path Parameter**.
* * **Any function parameter** that is NOT defined in the path (not inside `{}`) automatically becomes a **query parameter**
* If parameter is a **simple type** (`str`, `int`, `bool`) → it’s a **Query Parameter**.
* If parameter is a **Pydantic model** → it’s a **Request Body**.

---

---

✅ **Summary**

* Request Body = data sent **from client to API**.
* Defined using **Pydantic models**.
* Auto-validation + docs generation.
* Best for structured data in `POST`, `PUT`, `PATCH`, `DELETE`.
* **You can add multiple body parameters to your path operation function, even though a request can only have a single body**
* **But FastAPI will handle it, give you the correct data in your function, and validate and document the correct schema in the path operation.**



# ⚡ Dependencies in FastAPI

### 🔹 What is Dependency Injection?

* **Dependency Injection (DI)** = A way for functions to **declare what they need** (dependencies), and the system (FastAPI) automatically **provides them**.
* You don’t have to create things manually in every function.
* Keeps your code **clean, reusable, and testable**.

---

### 🔹 Why Use Dependencies?

✅ Avoid repeating the same code (shared logic)
✅ Handle **authentication & authorization**
✅ Inject **database sessions**
✅ Apply **security checks**
✅ Integrate with **external services / APIs**
✅ Apply **business rules** (like active/premium user checks)

---

### 🔹 Example 1: Simple Dependency

```python
from typing import Annotated
from fastapi import Depends, FastAPI

app = FastAPI()

# Dependency function
async def common_parameters(q: str | None = None, skip: int = 0, limit: int = 100):
    return {"q": q, "skip": skip, "limit": limit}

# Injecting dependency
@app.get("/items/")
async def read_items(commons: Annotated[dict, Depends(common_parameters)]):
    return commons
```

👉 Requests:

* `/items/` → `{"q": null, "skip": 0, "limit": 100}`
* `/items/?q=test&skip=5&limit=20` → `{"q": "test", "skip": 5, "limit": 20}`

✅ Notice: The `read_items` function didn’t write query handling logic — the dependency handled it.

---

### 🔹 Example 2: Reuse Across Endpoints

```python
@app.get("/users/")
async def read_users(commons: Annotated[dict, Depends(common_parameters)]):
    return commons
```

Now both `/items/` and `/users/` **reuse the same dependency**.

---

### 🔹 Example 3: Dependencies with Classes

Dependencies can also be **classes** (not just functions).

```python
class CommonQueryParams:
    def __init__(self, q: str | None = None, skip: int = 0, limit: int = 100):
        self.q = q
        self.skip = skip
        self.limit = limit

@app.get("/products/")
async def read_products(commons: Annotated[CommonQueryParams, Depends()]):
    return commons.__dict__
```

👉 `/products/?q=phone&skip=2` → `{"q": "phone", "skip": 2, "limit": 100}`

---

### 🔹 Example 4: Nested Dependencies

Dependencies can depend on **other dependencies** (hierarchical tree).

```python
async def dependency_a():
    return "A"

async def dependency_b(dep_a: Annotated[str, Depends(dependency_a)]):
    return f"B depends on {dep_a}"

@app.get("/nested/")
async def read_nested(dep_b: Annotated[str, Depends(dependency_b)]):
    return {"message": dep_b}
```

👉 `/nested/` → `{"message": "B depends on A"}`

---

### 🔹 Example 5: Security & Role Checks

Imagine you have endpoints that require **different users**:

* `/items/public/` → open for everyone
* `/items/private/` → only logged-in users
* `/users/{user_id}/activate` → only admins
* `/items/pro/` → only paying users

```python
async def get_current_user():
    return {"username": "johndoe", "role": "admin"}

async def get_admin_user(user: Annotated[dict, Depends(get_current_user)]):
    if user["role"] != "admin":
        raise Exception("Not enough privileges")
    return user

@app.get("/items/private/")
async def private_items(user: Annotated[dict, Depends(get_current_user)]):
    return {"items": ["secret1", "secret2"], "user": user}

@app.get("/users/{user_id}/activate")
async def activate_user(user_id: int, admin: Annotated[dict, Depends(get_admin_user)]):
    return {"msg": f"User {user_id} activated by {admin['username']}"}
```

👉 Dependencies make **auth logic reusable and clean**.

---

### 🧠 Key Takeaways

* Dependencies = **reusable, injectable logic**
* Can be **functions or classes**
* Can **depend on other dependencies** (hierarchy)
* Use cases: **query parsing, DB sessions, auth, permissions, external services**

---


# 🌐 HTTP Status Codes in FastAPI

## 🎯 Why this matters

Every API request needs a **clear outcome**. Clients (browsers, mobile apps, frontend code) must know:

* ✅ Did the request succeed?
* ✅ If it failed, was it the client’s mistake or the server’s?
* ✅ Do they need to retry, fix input, or authenticate?

This is where **HTTP status codes** come in. They are **3-digit numbers** included in every response that act as a **signal to the client** about what happened.

👉 Without correct status codes, your API becomes confusing for consumers and hard to debug.

---

## 🔹 What are HTTP Status Codes?

* **Definition**: 3-digit numbers returned by a server (e.g., FastAPI) in the HTTP response.
* **Purpose**: Indicate whether the request was successful, failed, or needs further action.
* **Categories**:

  * `1xx` → Informational (rarely used directly)
  * `2xx` → Success (request completed correctly)
  * `3xx` → Redirection (further action needed)
  * `4xx` → Client Error (issue with request)
  * `5xx` → Server Error (issue on server side)

---

## ⚡ Common Status Codes You Must Know

| Code    | Name                  | Meaning                        | Example Use                                |
| ------- | --------------------- | ------------------------------ | ------------------------------------------ |
| **200** | OK                    | Standard success               | After a GET request returns data           |
| **201** | Created               | Resource successfully created  | After POST request that adds a new record  |
| **204** | No Content            | Success, but no data to return | After DELETE request                       |
| **400** | Bad Request           | Client sent invalid input      | Missing field, wrong data type             |
| **401** | Unauthorized          | Not logged in                  | Accessing protected resource without token |
| **403** | Forbidden             | Logged in but no permission    | User lacks required role                   |
| **404** | Not Found             | Resource doesn’t exist         | Patient ID not in DB                       |
| **500** | Internal Server Error | Generic server failure         | Code crash, unhandled exception            |
| **502** | Bad Gateway           | Gateway can’t reach backend    | Reverse proxy (like Nginx) failed          |
| **503** | Service Unavailable   | Server overloaded or down      | Too many requests, maintenance mode        |

---


# 🛠⚡ HTTP Status Codes & HTTPException in FastAPI

## 🎯 Why

Every API request needs a clear **signal**:

* ✅ Success (e.g., 200, 201)
* ❌ Error (e.g., 400, 404, 500)

Instead of crashing the server, FastAPI lets you send **graceful error responses** using `HTTPException`.

---

## 🔹 What

* **`status_code`** → tells FastAPI which HTTP code to send back.
* **`HTTPException`** → raise this when something goes wrong, with:

  * a status code (`404`, `400`, etc.)
  * a message (`detail="Not found"`)
  * optional headers

---

## 🛠 How (Examples)

### ✅ Normal success with status code

```python
from fastapi import FastAPI, status

app = FastAPI()

@app.post("/items/", status_code=status.HTTP_201_CREATED)
async def create_item(name: str):
    return {"name": name}   # returns 201 Created
```

---

### ❌ Error handling with HTTPException

```python
from fastapi import FastAPI, HTTPException, status

app = FastAPI()

@app.get("/items/{item_id}")
async def read_item(item_id: int):
    if item_id == 0:
        # Raise error if item not found
        raise HTTPException(
            status_code=status.HTTP_404_NOT_FOUND,
            detail="Item not found"
        )
    return {"item_id": item_id}
```

---

⚡ **Core Message:**
Use **`status_code`** for successful responses, and **`HTTPException`** for clean, controlled error responses.

---

## ✅ Best Practices

* Use **201 Created** for POST requests that add resources.
* Use **204 No Content** when nothing needs to be returned.
* Use **400-series codes** to clearly communicate client-side mistakes.
* Use **500-series codes** sparingly—these should represent true server failures, not client issues.
* Always prefer **status constants** from `fastapi.status` (like `status.HTTP_404_NOT_FOUND`) for readability.

---

⚡ **Pro Starter Statement (Course Tip):**
*"Think of HTTP status codes as the **body language** of your API. Even before looking at the actual response, a client can tell whether the request worked, failed, or needs another action—just from the status code."*

