# Web APIs

## Overview
This lesson covers web APIs in Python, including consuming APIs with the `requests` library, building APIs with Flask, and understanding HTTP methods, status codes, and authentication.

## Learning Objectives
By the end of this lesson, you will be able to:
- Consume web APIs using the `requests` library
- Build RESTful APIs with Flask
- Understand HTTP methods and status codes
- Implement API authentication and security
- Document APIs effectively

## Prerequisites
- Basic understanding of Python
- Familiarity with HTTP concepts
- Understanding of JSON data format
- Basic knowledge of web development

## Topics Covered
1. Consuming APIs with requests
2. Building APIs with Flask
3. HTTP Methods and Status Codes
4. API Authentication
5. API Documentation
6. Error Handling and Validation
7. API Testing
8. Best Practices


In [None]:
# 1. Consuming APIs with requests
print("1. Consuming APIs with requests")
print("-" * 35)

import requests
import json

# Basic GET request
print("Basic GET request:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Status Code: {response.status_code}")
print(f"Response: {response.json()}")

# GET request with parameters
print("\nGET request with parameters:")
params = {'userId': 1}
response = requests.get('https://jsonplaceholder.typicode.com/posts', params=params)
print(f"Status Code: {response.status_code}")
print(f"Number of posts: {len(response.json())}")

# POST request
print("\nPOST request:")
data = {
    'title': 'Test Post',
    'body': 'This is a test post',
    'userId': 1
}
response = requests.post('https://jsonplaceholder.typicode.com/posts', json=data)
print(f"Status Code: {response.status_code}")
print(f"Response: {response.json()}")

# PUT request
print("\nPUT request:")
data = {
    'id': 1,
    'title': 'Updated Post',
    'body': 'This post has been updated',
    'userId': 1
}
response = requests.put('https://jsonplaceholder.typicode.com/posts/1', json=data)
print(f"Status Code: {response.status_code}")
print(f"Response: {response.json()}")

# DELETE request
print("\nDELETE request:")
response = requests.delete('https://jsonplaceholder.typicode.com/posts/1')
print(f"Status Code: {response.status_code}")

# Error handling
print("\nError handling:")
try:
    response = requests.get('https://jsonplaceholder.typicode.com/posts/999999')
    response.raise_for_status()
    print(f"Response: {response.json()}")
except requests.exceptions.HTTPError as e:
    print(f"HTTP Error: {e}")
except requests.exceptions.RequestException as e:
    print(f"Request Error: {e}")

# Headers
print("\nHeaders:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Response Headers: {dict(response.headers)}")

# Custom headers
print("\nCustom headers:")
headers = {
    'User-Agent': 'MyApp/1.0',
    'Accept': 'application/json'
}
response = requests.get('https://jsonplaceholder.typicode.com/posts/1', headers=headers)
print(f"Status Code: {response.status_code}")

# Timeout
print("\nTimeout:")
try:
    response = requests.get('https://jsonplaceholder.typicode.com/posts/1', timeout=5)
    print(f"Status Code: {response.status_code}")
except requests.exceptions.Timeout:
    print("Request timed out")

# Session
print("\nSession:")
session = requests.Session()
session.headers.update({'User-Agent': 'MyApp/1.0'})

response1 = session.get('https://jsonplaceholder.typicode.com/posts/1')
response2 = session.get('https://jsonplaceholder.typicode.com/posts/2')

print(f"Response 1 Status: {response1.status_code}")
print(f"Response 2 Status: {response2.status_code}")

# Authentication
print("\nAuthentication:")
# Basic authentication
auth = ('username', 'password')
# Note: This will fail with the test API, but shows the pattern
try:
    response = requests.get('https://jsonplaceholder.typicode.com/posts/1', auth=auth)
    print(f"Status Code: {response.status_code}")
except:
    print("Authentication failed (expected for test API)")

# Bearer token
print("\nBearer token:")
headers = {'Authorization': 'Bearer your-token-here'}
# Note: This will fail with the test API, but shows the pattern
try:
    response = requests.get('https://jsonplaceholder.typicode.com/posts/1', headers=headers)
    print(f"Status Code: {response.status_code}")
except:
    print("Bearer token authentication failed (expected for test API)")

# File upload
print("\nFile upload:")
# Note: This is a demonstration - the test API doesn't support file uploads
files = {'file': ('test.txt', 'Hello, World!', 'text/plain')}
try:
    response = requests.post('https://jsonplaceholder.typicode.com/posts', files=files)
    print(f"Status Code: {response.status_code}")
except:
    print("File upload failed (expected for test API)")

# Response handling
print("\nResponse handling:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')

# Check if request was successful
if response.ok:
    print("Request was successful")
    data = response.json()
    print(f"Title: {data['title']}")
    print(f"Body: {data['body']}")
else:
    print(f"Request failed with status code: {response.status_code}")

# Response content types
print("\nResponse content types:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Content-Type: {response.headers.get('content-type')}")
print(f"Content-Length: {response.headers.get('content-length')}")

# JSON response
if 'application/json' in response.headers.get('content-type', ''):
    print("Response is JSON")
    data = response.json()
    print(f"JSON data: {data}")
else:
    print("Response is not JSON")

# Text response
print(f"Text response: {response.text[:100]}...")

# Binary response
print(f"Binary response length: {len(response.content)}")

# Response status codes
print("\nResponse status codes:")
status_codes = {
    200: "OK",
    201: "Created",
    400: "Bad Request",
    401: "Unauthorized",
    403: "Forbidden",
    404: "Not Found",
    500: "Internal Server Error"
}

for code, description in status_codes.items():
    print(f"{code}: {description}")

# Check specific status codes
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
if response.status_code == 200:
    print("Request successful")
elif response.status_code == 404:
    print("Resource not found")
elif response.status_code >= 500:
    print("Server error")
else:
    print(f"Unexpected status code: {response.status_code}")

# Response history (redirects)
print("\nResponse history:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1', allow_redirects=True)
print(f"Final URL: {response.url}")
print(f"Number of redirects: {len(response.history)}")

# Response cookies
print("\nResponse cookies:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Cookies: {response.cookies}")

# Set cookies
print("\nSet cookies:")
cookies = {'session_id': '12345', 'user_id': '67890'}
response = requests.get('https://jsonplaceholder.typicode.com/posts/1', cookies=cookies)
print(f"Status Code: {response.status_code}")

# Response encoding
print("\nResponse encoding:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Encoding: {response.encoding}")
print(f"Apparent encoding: {response.apparent_encoding}")

# Response URL
print(f"Response URL: {response.url}")

# Response elapsed time
print(f"Response time: {response.elapsed.total_seconds()} seconds")

# Response request
print(f"Request method: {response.request.method}")
print(f"Request URL: {response.request.url}")
print(f"Request headers: {dict(response.request.headers)}")

# Response links
print("\nResponse links:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Links: {response.links}")

# Response next
print(f"Next: {response.links.get('next')}")

# Response prev
print(f"Previous: {response.links.get('prev')}")

# Response first
print(f"First: {response.links.get('first')}")

# Response last
print(f"Last: {response.links.get('last')}")

# Response is_permanent_redirect
print(f"Is permanent redirect: {response.is_permanent_redirect}")

# Response is_redirect
print(f"Is redirect: {response.is_redirect}")

# Response iter_content
print("\nResponse iter_content:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
for chunk in response.iter_content(chunk_size=1024):
    if chunk:
        print(f"Chunk size: {len(chunk)}")
        break

# Response iter_lines
print("\nResponse iter_lines:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
for line in response.iter_lines():
    if line:
        print(f"Line: {line.decode('utf-8')[:50]}...")
        break

# Response close
print("\nResponse close:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
response.close()
print("Response closed")

# Response raise_for_status
print("\nResponse raise_for_status:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
try:
    response.raise_for_status()
    print("No exception raised")
except requests.exceptions.HTTPError as e:
    print(f"HTTP Error: {e}")

# Response json
print("\nResponse json:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
data = response.json()
print(f"JSON data type: {type(data)}")
print(f"JSON data: {data}")

# Response text
print("\nResponse text:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
text = response.text
print(f"Text type: {type(text)}")
print(f"Text length: {len(text)}")

# Response content
print("\nResponse content:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
content = response.content
print(f"Content type: {type(content)}")
print(f"Content length: {len(content)}")

# Response raw
print("\nResponse raw:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1', stream=True)
raw = response.raw
print(f"Raw type: {type(raw)}")

# Response stream
print("\nResponse stream:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1', stream=True)
print(f"Stream: {response.stream}")

# Response close
print("\nResponse close:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
response.close()
print("Response closed")

# Response is_permanent_redirect
print("\nResponse is_permanent_redirect:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Is permanent redirect: {response.is_permanent_redirect}")

# Response is_redirect
print("\nResponse is_redirect:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
print(f"Is redirect: {response.is_redirect}")

# Response iter_content
print("\nResponse iter_content:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
for chunk in response.iter_content(chunk_size=1024):
    if chunk:
        print(f"Chunk size: {len(chunk)}")
        break

# Response iter_lines
print("\nResponse iter_lines:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
for line in response.iter_lines():
    if line:
        print(f"Line: {line.decode('utf-8')[:50]}...")
        break

# Response close
print("\nResponse close:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
response.close()
print("Response closed")

# Response raise_for_status
print("\nResponse raise_for_status:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
try:
    response.raise_for_status()
    print("No exception raised")
except requests.exceptions.HTTPError as e:
    print(f"HTTP Error: {e}")

# Response json
print("\nResponse json:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
data = response.json()
print(f"JSON data type: {type(data)}")
print(f"JSON data: {data}")

# Response text
print("\nResponse text:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
text = response.text
print(f"Text type: {type(text)}")
print(f"Text length: {len(text)}")

# Response content
print("\nResponse content:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
content = response.content
print(f"Content type: {type(content)}")
print(f"Content length: {len(content)}")

# Response raw
print("\nResponse raw:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1', stream=True)
raw = response.raw
print(f"Raw type: {type(raw)}")

# Response stream
print("\nResponse stream:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1', stream=True)
print(f"Stream: {response.stream}")

# Response close
print("\nResponse close:")
response = requests.get('https://jsonplaceholder.typicode.com/posts/1')
response.close()
print("Response closed")


## Practice Exercises

### Exercise 1: API Consumer
Create a Python script that consumes a public API:
- Choose a public API (e.g., OpenWeatherMap, GitHub, etc.)
- Implement GET, POST, PUT, and DELETE operations
- Handle errors and edge cases
- Add proper logging and error handling

### Exercise 2: RESTful API with Flask
Build a RESTful API using Flask:
- Create endpoints for CRUD operations
- Implement proper HTTP status codes
- Add request validation
- Include error handling and logging

### Exercise 3: API Authentication
Implement different authentication methods:
- API Key authentication
- Basic authentication
- Bearer token authentication
- JWT authentication
- OAuth 2.0 integration

### Exercise 4: API Documentation
Create comprehensive API documentation:
- Use OpenAPI/Swagger specification
- Include code examples
- Document error responses
- Add rate limiting documentation

### Exercise 5: API Testing
Write comprehensive tests for your API:
- Unit tests for individual endpoints
- Integration tests for API workflows
- Performance tests
- Security tests

### Exercise 6: API Rate Limiting
Implement rate limiting for your API:
- Use different rate limiting strategies
- Implement different limits for different users
- Add rate limit headers
- Handle rate limit exceeded responses

### Exercise 7: API Caching
Implement caching for your API:
- Use different caching strategies
- Implement cache invalidation
- Add cache headers
- Monitor cache performance

### Exercise 8: API Monitoring
Add monitoring and logging to your API:
- Log all API requests and responses
- Monitor API performance metrics
- Set up alerts for errors
- Track API usage statistics

### Exercise 9: API Security
Implement security measures for your API:
- Input validation and sanitization
- SQL injection prevention
- XSS protection
- CORS configuration
- HTTPS enforcement

### Exercise 10: API Deployment
Deploy your API to a cloud platform:
- Choose a cloud provider (AWS, GCP, Azure)
- Set up CI/CD pipeline
- Configure environment variables
- Monitor production performance


## Summary

In this lesson, we've covered the fundamentals of web APIs in Python:

### Key Concepts Covered:
1. **Consuming APIs**: Using the `requests` library for HTTP operations
2. **Building APIs**: Creating RESTful APIs with Flask
3. **HTTP Methods**: GET, POST, PUT, DELETE operations
4. **Status Codes**: Understanding HTTP response codes
5. **Authentication**: Various authentication methods
6. **Documentation**: API documentation best practices
7. **Error Handling**: Proper error handling and validation
8. **Testing**: API testing strategies

### Key Takeaways:
- **Use the `requests` library** for consuming APIs in Python
- **Build RESTful APIs** with proper HTTP methods and status codes
- **Implement proper authentication** for secure APIs
- **Document your APIs** comprehensively
- **Handle errors gracefully** with proper error responses
- **Test your APIs** thoroughly
- **Follow REST principles** for consistent API design
- **Consider security** in all API implementations

### Next Steps:
- Practice building and consuming APIs
- Explore advanced API features like rate limiting and caching
- Learn about API versioning and backward compatibility
- Study API design patterns and best practices
- Experiment with different authentication methods

### Resources for Further Learning:
- [Flask Documentation](https://flask.palletsprojects.com/)
- [Requests Documentation](https://requests.readthedocs.io/)
- [REST API Design Guide](https://restfulapi.net/)
- [OpenAPI Specification](https://swagger.io/specification/)
- [API Design Best Practices](https://docs.microsoft.com/en-us/azure/architecture/best-practices/api-design)
- [HTTP Status Codes](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status)
- [API Security Best Practices](https://owasp.org/www-project-api-security/)
- [API Testing Guide](https://www.postman.com/learning-center/api-testing/)


# 6. Web APIs - Building RESTful Services

Welcome to the sixth lesson of the Advanced Level! In this lesson, you'll learn how to build and consume web APIs using Python.

## Learning Objectives

By the end of this lesson, you will be able to:
- Understand REST API principles
- Use the requests library to consume APIs
- Build APIs with Flask
- Handle HTTP methods and status codes
- Implement API authentication
- Document APIs effectively

## Table of Contents

1. [REST API Fundamentals](#rest-api-fundamentals)
2. [Consuming APIs with Requests](#consuming-apis-with-requests)
3. [Building APIs with Flask](#building-apis-with-flask)
4. [HTTP Methods and Status Codes](#http-methods-and-status-codes)
5. [API Authentication](#api-authentication)
6. [API Documentation](#api-documentation)


## REST API Fundamentals

REST (Representational State Transfer) is an architectural style for designing networked applications. It provides a set of constraints for creating web services.

### REST Principles:
- **Stateless**: Each request contains all necessary information
- **Client-Server**: Separation of concerns between client and server
- **Cacheable**: Responses can be cached for better performance
- **Uniform Interface**: Consistent interface for all resources
- **Layered System**: Architecture can be composed of hierarchical layers
- **Code on Demand**: Optional constraint allowing code to be sent to clients


In [None]:
# Consuming APIs with Requests
import requests
import json
import time

print("Consuming APIs with Requests")
print("=" * 40)

# Basic GET request
print("1. Basic GET Request:")
print("-" * 20)

try:
    response = requests.get("https://jsonplaceholder.typicode.com/posts/1")
    print(f"Status Code: {response.status_code}")
    print(f"Response Headers: {dict(response.headers)}")
    print(f"Response Content: {response.json()}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# GET request with parameters
print(f"\n2. GET Request with Parameters:")
print("-" * 30)

try:
    params = {"userId": 1}
    response = requests.get("https://jsonplaceholder.typicode.com/posts", params=params)
    posts = response.json()
    print(f"Number of posts: {len(posts)}")
    print(f"First post: {posts[0]}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# POST request
print(f"\n3. POST Request:")
print("-" * 15)

try:
    new_post = {
        "title": "My New Post",
        "body": "This is the content of my new post",
        "userId": 1
    }
    
    response = requests.post(
        "https://jsonplaceholder.typicode.com/posts",
        json=new_post,
        headers={"Content-Type": "application/json"}
    )
    
    print(f"Status Code: {response.status_code}")
    print(f"Created Post: {response.json()}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# PUT request
print(f"\n4. PUT Request:")
print("-" * 14)

try:
    updated_post = {
        "id": 1,
        "title": "Updated Post Title",
        "body": "This is the updated content",
        "userId": 1
    }
    
    response = requests.put(
        "https://jsonplaceholder.typicode.com/posts/1",
        json=updated_post
    )
    
    print(f"Status Code: {response.status_code}")
    print(f"Updated Post: {response.json()}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# DELETE request
print(f"\n5. DELETE Request:")
print("-" * 16)

try:
    response = requests.delete("https://jsonplaceholder.typicode.com/posts/1")
    print(f"Status Code: {response.status_code}")
    print(f"Response Content: {response.text}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# Error handling
print(f"\n6. Error Handling:")
print("-" * 18)

def make_request(url):
    """Make a request with proper error handling."""
    try:
        response = requests.get(url, timeout=5)
        response.raise_for_status()  # Raises an HTTPError for bad responses
        return response.json()
    except requests.exceptions.Timeout:
        print("Request timed out")
        return None
    except requests.exceptions.ConnectionError:
        print("Connection error occurred")
        return None
    except requests.exceptions.HTTPError as e:
        print(f"HTTP error occurred: {e}")
        return None
    except requests.exceptions.RequestException as e:
        print(f"An error occurred: {e}")
        return None

# Test error handling
result = make_request("https://jsonplaceholder.typicode.com/posts/1")
if result:
    print(f"Success: {result}")

# Session usage
print(f"\n7. Session Usage:")
print("-" * 16)

session = requests.Session()

# Set default headers
session.headers.update({
    "User-Agent": "My Python App/1.0",
    "Accept": "application/json"
})

try:
    # First request
    response1 = session.get("https://jsonplaceholder.typicode.com/posts/1")
    print(f"First request status: {response1.status_code}")
    
    # Second request (reuses connection)
    response2 = session.get("https://jsonplaceholder.typicode.com/posts/2")
    print(f"Second request status: {response2.status_code}")
    
    # Close session
    session.close()
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# Authentication
print(f"\n8. Authentication:")
print("-" * 18)

# Basic authentication
try:
    response = requests.get(
        "https://httpbin.org/basic-auth/user/pass",
        auth=("user", "pass")
    )
    print(f"Basic Auth Status: {response.status_code}")
    print(f"Response: {response.json()}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# API with rate limiting
print(f"\n9. Rate Limiting:")
print("-" * 16)

def make_rate_limited_request(url, delay=1):
    """Make requests with rate limiting."""
    try:
        response = requests.get(url)
        print(f"Request successful: {response.status_code}")
        time.sleep(delay)  # Rate limiting
        return response.json()
    except requests.exceptions.RequestException as e:
        print(f"Error: {e}")
        return None

# Make multiple requests with rate limiting
for i in range(3):
    print(f"Making request {i+1}...")
    result = make_rate_limited_request("https://jsonplaceholder.typicode.com/posts/1")
    if result:
        print(f"Got post: {result['title']}")

# Custom headers
print(f"\n10. Custom Headers:")
print("-" * 18)

try:
    headers = {
        "Authorization": "Bearer your-token-here",
        "X-Custom-Header": "My Custom Value",
        "Accept": "application/json"
    }
    
    response = requests.get(
        "https://httpbin.org/headers",
        headers=headers
    )
    
    print(f"Status Code: {response.status_code}")
    print(f"Response: {response.json()}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# File upload simulation
print(f"\n11. File Upload Simulation:")
print("-" * 25)

try:
    # Simulate file upload
    files = {
        "file": ("test.txt", "This is test content", "text/plain")
    }
    
    response = requests.post(
        "https://httpbin.org/post",
        files=files
    )
    
    print(f"Upload Status: {response.status_code}")
    print(f"Response: {response.json()}")
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

# JSON API client class
print(f"\n12. JSON API Client Class:")
print("-" * 25)

class JSONAPIClient:
    """A simple JSON API client."""
    
    def __init__(self, base_url):
        self.base_url = base_url
        self.session = requests.Session()
        self.session.headers.update({
            "Content-Type": "application/json",
            "Accept": "application/json"
        })
    
    def get(self, endpoint, params=None):
        """Make a GET request."""
        url = f"{self.base_url}/{endpoint}"
        try:
            response = self.session.get(url, params=params)
            response.raise_for_status()
            return response.json()
        except requests.exceptions.RequestException as e:
            print(f"GET error: {e}")
            return None
    
    def post(self, endpoint, data=None):
        """Make a POST request."""
        url = f"{self.base_url}/{endpoint}"
        try:
            response = self.session.post(url, json=data)
            response.raise_for_status()
            return response.json()
        except requests.exceptions.RequestException as e:
            print(f"POST error: {e}")
            return None
    
    def close(self):
        """Close the session."""
        self.session.close()

# Use the API client
client = JSONAPIClient("https://jsonplaceholder.typicode.com")

# Get posts
posts = client.get("posts", params={"userId": 1})
if posts:
    print(f"Retrieved {len(posts)} posts")

# Create a new post
new_post = {
    "title": "API Client Test",
    "body": "Testing the API client",
    "userId": 1
}

created_post = client.post("posts", data=new_post)
if created_post:
    print(f"Created post: {created_post['title']}")

client.close()

print(f"\nAPI consumption examples completed!")


## Building APIs with Flask

Flask is a lightweight web framework for Python that's perfect for building REST APIs. It provides the essential tools needed to create web services.

### Key Features:
- **Lightweight**: Minimal overhead and dependencies
- **Flexible**: Easy to customize and extend
- **RESTful**: Perfect for building REST APIs
- **Extensible**: Large ecosystem of extensions
- **Documentation**: Excellent documentation and community support


In [None]:
# Building APIs with Flask
from flask import Flask, request, jsonify, abort
from datetime import datetime
import json

print("Building APIs with Flask")
print("=" * 30)

# Create Flask app
app = Flask(__name__)

# In-memory storage for demonstration
users = [
    {"id": 1, "name": "Alice", "email": "alice@example.com", "age": 25},
    {"id": 2, "name": "Bob", "email": "bob@example.com", "age": 30},
    {"id": 3, "name": "Charlie", "email": "charlie@example.com", "age": 35}
]

posts = [
    {"id": 1, "title": "First Post", "content": "This is the first post", "user_id": 1},
    {"id": 2, "title": "Second Post", "content": "This is the second post", "user_id": 2}
]

# Helper functions
def find_user(user_id):
    """Find user by ID."""
    return next((user for user in users if user["id"] == user_id), None)

def find_post(post_id):
    """Find post by ID."""
    return next((post for post in posts if post["id"] == post_id), None)

# Routes
@app.route('/')
def home():
    """Home endpoint."""
    return jsonify({
        "message": "Welcome to the API",
        "version": "1.0.0",
        "endpoints": {
            "users": "/users",
            "posts": "/posts",
            "health": "/health"
        }
    })

@app.route('/health')
def health():
    """Health check endpoint."""
    return jsonify({
        "status": "healthy",
        "timestamp": datetime.utcnow().isoformat(),
        "version": "1.0.0"
    })

# User endpoints
@app.route('/users', methods=['GET'])
def get_users():
    """Get all users."""
    return jsonify({
        "users": users,
        "count": len(users)
    })

@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    """Get a specific user."""
    user = find_user(user_id)
    if not user:
        abort(404, description="User not found")
    return jsonify(user)

@app.route('/users', methods=['POST'])
def create_user():
    """Create a new user."""
    data = request.get_json()
    
    if not data or 'name' not in data or 'email' not in data:
        abort(400, description="Name and email are required")
    
    # Check if email already exists
    if any(user['email'] == data['email'] for user in users):
        abort(400, description="Email already exists")
    
    new_user = {
        "id": max(user["id"] for user in users) + 1,
        "name": data["name"],
        "email": data["email"],
        "age": data.get("age", 0)
    }
    
    users.append(new_user)
    return jsonify(new_user), 201

@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    """Update a user."""
    user = find_user(user_id)
    if not user:
        abort(404, description="User not found")
    
    data = request.get_json()
    if not data:
        abort(400, description="No data provided")
    
    # Update user fields
    if 'name' in data:
        user['name'] = data['name']
    if 'email' in data:
        user['email'] = data['email']
    if 'age' in data:
        user['age'] = data['age']
    
    return jsonify(user)

@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    """Delete a user."""
    user = find_user(user_id)
    if not user:
        abort(404, description="User not found")
    
    users.remove(user)
    return jsonify({"message": "User deleted successfully"})

# Post endpoints
@app.route('/posts', methods=['GET'])
def get_posts():
    """Get all posts."""
    return jsonify({
        "posts": posts,
        "count": len(posts)
    })

@app.route('/posts/<int:post_id>', methods=['GET'])
def get_post(post_id):
    """Get a specific post."""
    post = find_post(post_id)
    if not post:
        abort(404, description="Post not found")
    return jsonify(post)

@app.route('/posts', methods=['POST'])
def create_post():
    """Create a new post."""
    data = request.get_json()
    
    if not data or 'title' not in data or 'content' not in data or 'user_id' not in data:
        abort(400, description="Title, content, and user_id are required")
    
    # Check if user exists
    if not find_user(data['user_id']):
        abort(400, description="User not found")
    
    new_post = {
        "id": max(post["id"] for post in posts) + 1,
        "title": data["title"],
        "content": data["content"],
        "user_id": data["user_id"]
    }
    
    posts.append(new_post)
    return jsonify(new_post), 201

# Error handlers
@app.errorhandler(400)
def bad_request(error):
    """Handle 400 errors."""
    return jsonify({
        "error": "Bad Request",
        "message": str(error.description)
    }), 400

@app.errorhandler(404)
def not_found(error):
    """Handle 404 errors."""
    return jsonify({
        "error": "Not Found",
        "message": str(error.description)
    }), 404

@app.errorhandler(500)
def internal_error(error):
    """Handle 500 errors."""
    return jsonify({
        "error": "Internal Server Error",
        "message": "An unexpected error occurred"
    }), 500

# Run the app (for demonstration)
if __name__ == '__main__':
    print("Flask API created successfully!")
    print("Available endpoints:")
    print("- GET / - Home endpoint")
    print("- GET /health - Health check")
    print("- GET /users - Get all users")
    print("- GET /users/<id> - Get specific user")
    print("- POST /users - Create new user")
    print("- PUT /users/<id> - Update user")
    print("- DELETE /users/<id> - Delete user")
    print("- GET /posts - Get all posts")
    print("- GET /posts/<id> - Get specific post")
    print("- POST /posts - Create new post")
    
    # Uncomment to run the app
    # app.run(debug=True, host='0.0.0.0', port=5000)


## HTTP Methods and Status Codes

Understanding HTTP methods and status codes is crucial for building and consuming REST APIs effectively.

### HTTP Methods:
- **GET**: Retrieve data (read-only)
- **POST**: Create new resources
- **PUT**: Update existing resources (full update)
- **PATCH**: Partial update of resources
- **DELETE**: Remove resources

### Status Codes:
- **2xx Success**: 200 (OK), 201 (Created), 204 (No Content)
- **4xx Client Error**: 400 (Bad Request), 401 (Unauthorized), 404 (Not Found)
- **5xx Server Error**: 500 (Internal Server Error), 502 (Bad Gateway)


In [None]:
# HTTP Methods and Status Codes Examples
import requests

print("HTTP Methods and Status Codes")
print("=" * 35)

# Test different HTTP methods
base_url = "https://httpbin.org"

print("1. GET Request (200 OK):")
print("-" * 25)
try:
    response = requests.get(f"{base_url}/get")
    print(f"Status Code: {response.status_code}")
    print(f"Status Text: {response.reason}")
    print(f"Response: {response.json()}")
except Exception as e:
    print(f"Error: {e}")

print(f"\n2. POST Request (200 OK):")
print("-" * 25)
try:
    data = {"key": "value", "test": "data"}
    response = requests.post(f"{base_url}/post", json=data)
    print(f"Status Code: {response.status_code}")
    print(f"Status Text: {response.reason}")
    print(f"Response: {response.json()}")
except Exception as e:
    print(f"Error: {e}")

print(f"\n3. PUT Request (200 OK):")
print("-" * 25)
try:
    data = {"key": "updated_value"}
    response = requests.put(f"{base_url}/put", json=data)
    print(f"Status Code: {response.status_code}")
    print(f"Status Text: {response.reason}")
    print(f"Response: {response.json()}")
except Exception as e:
    print(f"Error: {e}")

print(f"\n4. DELETE Request (200 OK):")
print("-" * 25)
try:
    response = requests.delete(f"{base_url}/delete")
    print(f"Status Code: {response.status_code}")
    print(f"Status Text: {response.reason}")
    print(f"Response: {response.json()}")
except Exception as e:
    print(f"Error: {e}")

print(f"\n5. PATCH Request (200 OK):")
print("-" * 25)
try:
    data = {"key": "patched_value"}
    response = requests.patch(f"{base_url}/patch", json=data)
    print(f"Status Code: {response.status_code}")
    print(f"Status Text: {response.reason}")
    print(f"Response: {response.json()}")
except Exception as e:
    print(f"Error: {e}")

# Test different status codes
print(f"\n6. Status Code Examples:")
print("-" * 25)

# 200 OK
try:
    response = requests.get(f"{base_url}/status/200")
    print(f"200 OK: {response.status_code} - {response.reason}")
except Exception as e:
    print(f"Error: {e}")

# 201 Created
try:
    response = requests.get(f"{base_url}/status/201")
    print(f"201 Created: {response.status_code} - {response.reason}")
except Exception as e:
    print(f"Error: {e}")

# 400 Bad Request
try:
    response = requests.get(f"{base_url}/status/400")
    print(f"400 Bad Request: {response.status_code} - {response.reason}")
except Exception as e:
    print(f"Error: {e}")

# 401 Unauthorized
try:
    response = requests.get(f"{base_url}/status/401")
    print(f"401 Unauthorized: {response.status_code} - {response.reason}")
except Exception as e:
    print(f"Error: {e}")

# 404 Not Found
try:
    response = requests.get(f"{base_url}/status/404")
    print(f"404 Not Found: {response.status_code} - {response.reason}")
except Exception as e:
    print(f"Error: {e}")

# 500 Internal Server Error
try:
    response = requests.get(f"{base_url}/status/500")
    print(f"500 Internal Server Error: {response.status_code} - {response.reason}")
except Exception as e:
    print(f"Error: {e}")

# Status code handling
print(f"\n7. Status Code Handling:")
print("-" * 25)

def handle_response(response):
    """Handle different status codes."""
    if response.status_code == 200:
        return "Success: Data retrieved successfully"
    elif response.status_code == 201:
        return "Success: Resource created successfully"
    elif response.status_code == 204:
        return "Success: No content returned"
    elif response.status_code == 400:
        return "Error: Bad request - check your data"
    elif response.status_code == 401:
        return "Error: Unauthorized - check your credentials"
    elif response.status_code == 403:
        return "Error: Forbidden - insufficient permissions"
    elif response.status_code == 404:
        return "Error: Not found - resource doesn't exist"
    elif response.status_code == 500:
        return "Error: Internal server error - try again later"
    else:
        return f"Unknown status code: {response.status_code}"

# Test status code handling
try:
    response = requests.get(f"{base_url}/status/200")
    result = handle_response(response)
    print(f"Status 200: {result}")
except Exception as e:
    print(f"Error: {e}")

try:
    response = requests.get(f"{base_url}/status/404")
    result = handle_response(response)
    print(f"Status 404: {result}")
except Exception as e:
    print(f"Error: {e}")

# Response headers
print(f"\n8. Response Headers:")
print("-" * 20)
try:
    response = requests.get(f"{base_url}/get")
    print(f"Content-Type: {response.headers.get('Content-Type')}")
    print(f"Content-Length: {response.headers.get('Content-Length')}")
    print(f"Server: {response.headers.get('Server')}")
    print(f"Date: {response.headers.get('Date')}")
except Exception as e:
    print(f"Error: {e}")

# Request headers
print(f"\n9. Request Headers:")
print("-" * 20)
try:
    headers = {
        "User-Agent": "My Python App/1.0",
        "Accept": "application/json",
        "Content-Type": "application/json"
    }
    response = requests.get(f"{base_url}/headers", headers=headers)
    print(f"Request Headers: {response.json()}")
except Exception as e:
    print(f"Error: {e}")

print(f"\nHTTP methods and status codes examples completed!")


## API Authentication

Authentication is crucial for securing APIs and controlling access to resources. There are several common authentication methods used in REST APIs.

### Common Authentication Methods:
- **API Keys**: Simple key-based authentication
- **Basic Authentication**: Username/password authentication
- **Bearer Tokens**: Token-based authentication (JWT)
- **OAuth 2.0**: Industry-standard authorization framework
- **Session-based**: Cookie-based authentication


In [None]:
# API Authentication Examples
import requests
import base64
import json
from datetime import datetime, timedelta

print("API Authentication Examples")
print("=" * 30)

# 1. API Key Authentication
print("1. API Key Authentication:")
print("-" * 28)

def api_key_auth_example():
    """Example of API key authentication."""
    api_key = "your-api-key-here"
    headers = {
        "X-API-Key": api_key,
        "Content-Type": "application/json"
    }
    
    # Simulate API call with API key
    print(f"Headers: {headers}")
    print("API Key authentication is simple but less secure")
    return headers

api_key_headers = api_key_auth_example()

# 2. Basic Authentication
print(f"\n2. Basic Authentication:")
print("-" * 25)

def basic_auth_example():
    """Example of basic authentication."""
    username = "user"
    password = "pass"
    
    # Encode credentials
    credentials = f"{username}:{password}"
    encoded_credentials = base64.b64encode(credentials.encode()).decode()
    
    headers = {
        "Authorization": f"Basic {encoded_credentials}",
        "Content-Type": "application/json"
    }
    
    print(f"Encoded credentials: {encoded_credentials}")
    print(f"Authorization header: {headers['Authorization']}")
    return headers

basic_auth_headers = basic_auth_example()

# Test basic auth with httpbin
print(f"\nTesting Basic Auth:")
try:
    response = requests.get(
        "https://httpbin.org/basic-auth/user/pass",
        auth=("user", "pass")
    )
    print(f"Status: {response.status_code}")
    print(f"Response: {response.json()}")
except Exception as e:
    print(f"Error: {e}")

# 3. Bearer Token Authentication
print(f"\n3. Bearer Token Authentication:")
print("-" * 32)

def bearer_token_auth_example():
    """Example of bearer token authentication."""
    token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
    
    headers = {
        "Authorization": f"Bearer {token}",
        "Content-Type": "application/json"
    }
    
    print(f"Bearer token: {token[:20]}...")
    print(f"Authorization header: {headers['Authorization']}")
    return headers

bearer_token_headers = bearer_token_auth_example()

# 4. JWT Token Example
print(f"\n4. JWT Token Example:")
print("-" * 22)

def create_jwt_token():
    """Create a simple JWT-like token."""
    header = {
        "alg": "HS256",
        "typ": "JWT"
    }
    
    payload = {
        "sub": "user123",
        "name": "John Doe",
        "iat": int(datetime.utcnow().timestamp()),
        "exp": int((datetime.utcnow() + timedelta(hours=1)).timestamp())
    }
    
    # In a real implementation, you would sign this with a secret
    header_encoded = base64.urlsafe_b64encode(json.dumps(header).encode()).decode().rstrip('=')
    payload_encoded = base64.urlsafe_b64encode(json.dumps(payload).encode()).decode().rstrip('=')
    
    # Simulate signature (in real implementation, use HMAC)
    signature = "simulated_signature"
    
    jwt_token = f"{header_encoded}.{payload_encoded}.{signature}"
    
    print(f"JWT Token: {jwt_token}")
    print(f"Payload: {payload}")
    return jwt_token

jwt_token = create_jwt_token()

# 5. OAuth 2.0 Example
print(f"\n5. OAuth 2.0 Example:")
print("-" * 22)

def oauth2_example():
    """Example of OAuth 2.0 flow."""
    # Client credentials
    client_id = "your-client-id"
    client_secret = "your-client-secret"
    
    # Authorization URL
    auth_url = "https://oauth.example.com/authorize"
    token_url = "https://oauth.example.com/token"
    
    # Step 1: Get authorization code (user would be redirected)
    auth_params = {
        "response_type": "code",
        "client_id": client_id,
        "redirect_uri": "https://yourapp.com/callback",
        "scope": "read write",
        "state": "random_state_string"
    }
    
    print(f"Authorization URL: {auth_url}")
    print(f"Auth Parameters: {auth_params}")
    
    # Step 2: Exchange code for token
    token_data = {
        "grant_type": "authorization_code",
        "client_id": client_id,
        "client_secret": client_secret,
        "code": "authorization_code_from_callback",
        "redirect_uri": "https://yourapp.com/callback"
    }
    
    print(f"Token Request Data: {token_data}")
    
    # Step 3: Use access token
    access_token = "access_token_from_response"
    headers = {
        "Authorization": f"Bearer {access_token}",
        "Content-Type": "application/json"
    }
    
    print(f"Access Token Headers: {headers}")
    return headers

oauth_headers = oauth2_example()

# 6. Session-based Authentication
print(f"\n6. Session-based Authentication:")
print("-" * 32)

def session_auth_example():
    """Example of session-based authentication."""
    session = requests.Session()
    
    # Login to get session cookie
    login_data = {
        "username": "user",
        "password": "pass"
    }
    
    # Simulate login
    print(f"Login Data: {login_data}")
    
    # In a real implementation:
    # response = session.post("https://api.example.com/login", json=login_data)
    # session.cookies will contain the session cookie
    
    # Use session for subsequent requests
    headers = {
        "Content-Type": "application/json"
    }
    
    print("Session cookie will be automatically included in requests")
    return session, headers

session, session_headers = session_auth_example()

# 7. Custom Authentication Middleware
print(f"\n7. Custom Authentication Middleware:")
print("-" * 38)

class APIAuthenticator:
    """Custom API authenticator."""
    
    def __init__(self, auth_type="api_key", credentials=None):
        self.auth_type = auth_type
        self.credentials = credentials or {}
    
    def get_headers(self):
        """Get authentication headers."""
        if self.auth_type == "api_key":
            return {"X-API-Key": self.credentials.get("api_key")}
        elif self.auth_type == "bearer":
            return {"Authorization": f"Bearer {self.credentials.get('token')}"}
        elif self.auth_type == "basic":
            username = self.credentials.get("username")
            password = self.credentials.get("password")
            credentials = f"{username}:{password}"
            encoded = base64.b64encode(credentials.encode()).decode()
            return {"Authorization": f"Basic {encoded}"}
        else:
            return {}
    
    def authenticate(self, url, data=None):
        """Make authenticated request."""
        headers = self.get_headers()
        headers["Content-Type"] = "application/json"
        
        print(f"Making authenticated request to: {url}")
        print(f"Headers: {headers}")
        
        # In a real implementation:
        # return requests.post(url, json=data, headers=headers)
        return {"status": "authenticated", "headers": headers}

# Test different authentication methods
print(f"\nTesting Authentication Methods:")
print("-" * 32)

# API Key
api_auth = APIAuthenticator("api_key", {"api_key": "test-key-123"})
result = api_auth.authenticate("https://api.example.com/data")
print(f"API Key Auth: {result}")

# Bearer Token
bearer_auth = APIAuthenticator("bearer", {"token": "test-token-456"})
result = bearer_auth.authenticate("https://api.example.com/data")
print(f"Bearer Token Auth: {result}")

# Basic Auth
basic_auth = APIAuthenticator("basic", {"username": "user", "password": "pass"})
result = basic_auth.authenticate("https://api.example.com/data")
print(f"Basic Auth: {result}")

# 8. Authentication Best Practices
print(f"\n8. Authentication Best Practices:")
print("-" * 35)

best_practices = [
    "Always use HTTPS in production",
    "Store credentials securely (environment variables, key vaults)",
    "Implement token expiration and refresh",
    "Use strong, unique API keys",
    "Implement rate limiting",
    "Log authentication attempts",
    "Use OAuth 2.0 for third-party integrations",
    "Implement proper error handling",
    "Never expose credentials in client-side code",
    "Use multi-factor authentication when possible"
]

for i, practice in enumerate(best_practices, 1):
    print(f"{i}. {practice}")

print(f"\nAPI authentication examples completed!")


## API Documentation

Good API documentation is essential for developers to understand and use your API effectively. It should be clear, comprehensive, and easy to follow.

### Documentation Best Practices:
- **Clear Examples**: Provide working code examples
- **Complete Reference**: Document all endpoints and parameters
- **Error Handling**: Document possible errors and responses
- **Authentication**: Explain authentication methods
- **Rate Limits**: Document usage limits and restrictions
- **Interactive Examples**: Use tools like Swagger/OpenAPI


In [None]:
# API Documentation Examples
import json

print("API Documentation Examples")
print("=" * 30)

# 1. API Documentation Structure
print("1. API Documentation Structure:")
print("-" * 32)

api_docs = {
    "title": "My API",
    "version": "1.0.0",
    "description": "A simple REST API for managing users and posts",
    "base_url": "https://api.example.com",
    "authentication": {
        "type": "Bearer Token",
        "description": "Include your API token in the Authorization header"
    },
    "endpoints": {
        "users": {
            "GET /users": {
                "description": "Get all users",
                "parameters": {
                    "page": "Page number (optional)",
                    "limit": "Number of users per page (optional)"
                },
                "response": {
                    "200": "List of users",
                    "401": "Unauthorized",
                    "500": "Internal server error"
                }
            },
            "GET /users/{id}": {
                "description": "Get a specific user",
                "parameters": {
                    "id": "User ID (required)"
                },
                "response": {
                    "200": "User object",
                    "404": "User not found",
                    "401": "Unauthorized"
                }
            },
            "POST /users": {
                "description": "Create a new user",
                "body": {
                    "name": "User name (required)",
                    "email": "User email (required)",
                    "age": "User age (optional)"
                },
                "response": {
                    "201": "Created user object",
                    "400": "Bad request",
                    "401": "Unauthorized"
                }
            }
        }
    }
}

print(json.dumps(api_docs, indent=2))

# 2. OpenAPI/Swagger Documentation
print(f"\n2. OpenAPI/Swagger Documentation:")
print("-" * 35)

openapi_spec = {
    "openapi": "3.0.0",
    "info": {
        "title": "My API",
        "version": "1.0.0",
        "description": "A simple REST API for managing users and posts"
    },
    "servers": [
        {
            "url": "https://api.example.com",
            "description": "Production server"
        }
    ],
    "paths": {
        "/users": {
            "get": {
                "summary": "Get all users",
                "responses": {
                    "200": {
                        "description": "List of users",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "type": "array",
                                    "items": {
                                        "$ref": "#/components/schemas/User"
                                    }
                                }
                            }
                        }
                    }
                }
            },
            "post": {
                "summary": "Create a new user",
                "requestBody": {
                    "required": True,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/UserInput"
                            }
                        }
                    }
                },
                "responses": {
                    "201": {
                        "description": "Created user",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "$ref": "#/components/schemas/User"
                                }
                            }
                        }
                    }
                }
            }
        }
    },
    "components": {
        "schemas": {
            "User": {
                "type": "object",
                "properties": {
                    "id": {"type": "integer"},
                    "name": {"type": "string"},
                    "email": {"type": "string"},
                    "age": {"type": "integer"}
                }
            },
            "UserInput": {
                "type": "object",
                "required": ["name", "email"],
                "properties": {
                    "name": {"type": "string"},
                    "email": {"type": "string"},
                    "age": {"type": "integer"}
                }
            }
        }
    }
}

print(json.dumps(openapi_spec, indent=2))

# 3. Code Examples
print(f"\n3. Code Examples:")
print("-" * 18)

python_examples = {
    "get_users": {
        "description": "Get all users",
        "code": """
import requests

# Get all users
response = requests.get('https://api.example.com/users')
users = response.json()
print(users)
""",
        "curl": """
curl -X GET "https://api.example.com/users" \\
     -H "Authorization: Bearer your-token-here"
"""
    },
    "create_user": {
        "description": "Create a new user",
        "code": """
import requests

# Create a new user
user_data = {
    "name": "John Doe",
    "email": "john@example.com",
    "age": 30
}

response = requests.post(
    'https://api.example.com/users',
    json=user_data,
    headers={'Authorization': 'Bearer your-token-here'}
)

if response.status_code == 201:
    new_user = response.json()
    print(f"Created user: {new_user}")
else:
    print(f"Error: {response.status_code}")
""",
        "curl": """
curl -X POST "https://api.example.com/users" \\
     -H "Authorization: Bearer your-token-here" \\
     -H "Content-Type: application/json" \\
     -d '{"name": "John Doe", "email": "john@example.com", "age": 30}'
"""
    }
}

for example_name, example_data in python_examples.items():
    print(f"\n{example_data['description']}:")
    print(f"Python Code:")
    print(example_data['code'])
    print(f"cURL Command:")
    print(example_data['curl'])

# 4. Error Documentation
print(f"\n4. Error Documentation:")
print("-" * 25)

error_docs = {
    "400": {
        "code": 400,
        "name": "Bad Request",
        "description": "The request was invalid or cannot be served",
        "examples": [
            "Missing required fields",
            "Invalid data format",
            "Validation errors"
        ]
    },
    "401": {
        "code": 401,
        "name": "Unauthorized",
        "description": "Authentication is required and has failed",
        "examples": [
            "Missing API token",
            "Invalid API token",
            "Expired API token"
        ]
    },
    "404": {
        "code": 404,
        "name": "Not Found",
        "description": "The requested resource was not found",
        "examples": [
            "User not found",
            "Post not found",
            "Invalid endpoint"
        ]
    },
    "500": {
        "code": 500,
        "name": "Internal Server Error",
        "description": "An unexpected error occurred on the server",
        "examples": [
            "Database connection error",
            "Server configuration error",
            "Unexpected exception"
        ]
    }
}

for error_code, error_info in error_docs.items():
    print(f"\n{error_code} {error_info['name']}:")
    print(f"  Description: {error_info['description']}")
    print(f"  Examples: {', '.join(error_info['examples'])}")

# 5. Rate Limiting Documentation
print(f"\n5. Rate Limiting Documentation:")
print("-" * 32)

rate_limit_docs = {
    "limits": {
        "free": "100 requests per hour",
        "basic": "1000 requests per hour",
        "premium": "10000 requests per hour"
    },
    "headers": {
        "X-RateLimit-Limit": "Total number of requests allowed",
        "X-RateLimit-Remaining": "Number of requests remaining",
        "X-RateLimit-Reset": "Time when the rate limit resets"
    },
    "response": {
        "429": {
            "code": 429,
            "name": "Too Many Requests",
            "description": "Rate limit exceeded",
            "retry_after": "Number of seconds to wait before retrying"
        }
    }
}

print("Rate Limits:")
for plan, limit in rate_limit_docs["limits"].items():
    print(f"  {plan}: {limit}")

print("\nRate Limit Headers:")
for header, description in rate_limit_docs["headers"].items():
    print(f"  {header}: {description}")

print(f"\nRate Limit Error Response:")
error_429 = rate_limit_docs["response"]["429"]
print(f"  {error_429['code']} {error_429['name']}: {error_429['description']}")
print(f"  Retry-After: {error_429['retry_after']}")

# 6. Authentication Documentation
print(f"\n6. Authentication Documentation:")
print("-" * 32)

auth_docs = {
    "methods": {
        "bearer_token": {
            "description": "Include your API token in the Authorization header",
            "example": "Authorization: Bearer your-api-token-here",
            "note": "Most secure method for API access"
        },
        "api_key": {
            "description": "Include your API key in the X-API-Key header",
            "example": "X-API-Key: your-api-key-here",
            "note": "Simple but less secure than bearer tokens"
        }
    },
    "getting_token": {
        "step1": "Register for an account",
        "step2": "Generate an API token in your dashboard",
        "step3": "Include the token in your requests"
    }
}

print("Authentication Methods:")
for method, details in auth_docs["methods"].items():
    print(f"\n{method.replace('_', ' ').title()}:")
    print(f"  Description: {details['description']}")
    print(f"  Example: {details['example']}")
    print(f"  Note: {details['note']}")

print("\nGetting an API Token:")
for step, description in auth_docs["getting_token"].items():
    print(f"  {step}: {description}")

# 7. SDK Documentation
print(f"\n7. SDK Documentation:")
print("-" * 22)

sdk_docs = {
    "python": {
        "installation": "pip install myapi-client",
        "usage": """
from myapi_client import MyAPIClient

# Initialize client
client = MyAPIClient(api_token='your-token-here')

# Get all users
users = client.users.get_all()
print(users)

# Create a new user
new_user = client.users.create({
    'name': 'John Doe',
    'email': 'john@example.com',
    'age': 30
})
print(new_user)
"""
    },
    "javascript": {
        "installation": "npm install myapi-client",
        "usage": """
const MyAPIClient = require('myapi-client');

// Initialize client
const client = new MyAPIClient('your-token-here');

// Get all users
client.users.getAll()
  .then(users => console.log(users))
  .catch(error => console.error(error));

// Create a new user
client.users.create({
  name: 'John Doe',
  email: 'john@example.com',
  age: 30
})
  .then(user => console.log(user))
  .catch(error => console.error(error));
"""
    }
}

for language, sdk_info in sdk_docs.items():
    print(f"\n{language.title()} SDK:")
    print(f"Installation: {sdk_info['installation']}")
    print(f"Usage:")
    print(sdk_info['usage'])

# 8. Documentation Best Practices
print(f"\n8. Documentation Best Practices:")
print("-" * 32)

best_practices = [
    "Use clear, concise language",
    "Provide working code examples",
    "Include error handling examples",
    "Document all possible responses",
    "Use consistent formatting",
    "Include interactive examples (Swagger UI)",
    "Keep documentation up to date",
    "Provide multiple language examples",
    "Include rate limiting information",
    "Document authentication methods",
    "Provide troubleshooting guides",
    "Include changelog and versioning"
]

for i, practice in enumerate(best_practices, 1):
    print(f"{i}. {practice}")

print(f"\nAPI documentation examples completed!")
