In [None]:
..# Simulating API behavior using functions

# Sample user "database" for API key
VALID_API_KEYS = {"12345": "admin", "67890": "user"}

def simulate_api_request(endpoint, method, headers=None, payload=None):
    print(f"\n[Request to: {endpoint} | Method: {method}]")
    if headers is None:
        headers = {}
    if payload is None:
        payload = {}

    # Authentication
    api_key = headers.get("x-api-key")
    if not api_key or api_key not in VALID_API_KEYS:
        return {"status": 401, "error": "Unauthorized"}

    # Routing simulation
    if endpoint == "/data" and method == "POST":
        return handle_data(payload)
    elif endpoint == "/validate" and method == "POST":
        return handle_validation(payload)
    elif endpoint == "/rate-limit" and method == "GET":
        return rate_limited_endpoint(api_key)
    else:
        return {"status": 404, "error": "Endpoint not found"}


In [7]:
def handle_data(payload):
    return {"status": 200, "message": f"Secure data received: {payload}"}


In [2]:
def handle_validation(payload):
    if not isinstance(payload, dict):
        return {"status": 400, "error": "Invalid JSON format"}
    if "name" not in payload:
        return {"status": 400, "error": "Missing 'name' field"}
    if not isinstance(payload["name"], str) or len(payload["name"]) > 50:
        return {"status": 400, "error": "Invalid 'name' value"}
    return {"status": 200, "message": f"Hello, {payload['name']}!"}


In [5]:
import time
from collections import defaultdict

# Tracks number of calls per API key
rate_limit_store = defaultdict(list)

def rate_limited_endpoint(api_key, max_calls=2, window_seconds=60):
    now = time.time()
    rate_limit_store[api_key] = [t for t in rate_limit_store[api_key] if now - t < window_seconds]
    if len(rate_limit_store[api_key]) >= max_calls:
        return {"status": 429, "error": "Rate limit exceeded"}
    rate_limit_store[api_key].append(now)
    return {"status": 200, "message": "Access granted"}


In [None]:
# Test with no API key
response = simulate_api_request("/data", "POST", headers={}, payload={"data": 123})
print(response)

# Test with valid API key and valid payload
response = simulate_api_request("/validate", "POST", headers={"x-api-key": "12345"}, payload={"name": "Alice"})
print(response)

# Test with invalid payload
response = simulate_api_request("/validate", "POST", headers={"x-api-key": "12345"}, payload={"username": "Alice"})
print(response)

# Test rate limiting
for i in range(4):
    response = simulate_api_request("/rate-limit", "GET", headers={"x-api-key": "67890"})
    print(f"Attempt {i+1}: {response}")



[Request to: /data | Method: POST]
{'status': 401, 'error': 'Unauthorized'}

[Request to: /validate | Method: POST]
{'status': 200, 'message': 'Hello, Alice!'}

[Request to: /validate | Method: POST]
{'status': 400, 'error': "Missing 'name' field"}

[Request to: /rate-limit | Method: GET]
Attempt 1: {'status': 200, 'message': 'Access granted'}

[Request to: /rate-limit | Method: GET]
Attempt 2: {'status': 200, 'message': 'Access granted'}

[Request to: /rate-limit | Method: GET]
Attempt 3: {'status': 429, 'error': 'Rate limit exceeded'}

[Request to: /rate-limit | Method: GET]
Attempt 4: {'status': 429, 'error': 'Rate limit exceeded'}
