FastAPI, a modern and fast-growing web framework for building APIs with Python 3.6+ based on standard Python type hints, has been rapidly gaining ground in the world of programming. Known for its high speed, FastAPI is touted to be one of the quickest Python frameworks available, only outpaced by NodeJS and Go.

What sets FastAPI apart from other frameworks is its intuitive nature. It’s designed to be easy-to-use while still maintaining high performance levels. Moreover, it provides automatic interactive API documentation, which can significantly streamline the development process.

In this article, we delve into an extensive list of interview questions centered around FastAPI. These questions encompass fundamental concepts as well as more intricate aspects of this powerful framework. Whether you’re a beginner looking to get your feet wet or an experienced developer wanting to brush up your knowledge, these questions will provide valuable insights into the workings of FastAPI.

1. Can you explain the key differences between FastAPI and Flask and why you would choose FastAPI over Flask?
FastAPI and Flask are both Python web frameworks, but they differ significantly. FastAPI is built on Starlette for web routing and Pydantic for data validation, which allows it to offer high performance compared to Flask. It also supports modern functionalities like async and await keywords.
FastAPI automatically generates interactive API documentation using OpenAPI and JSON Schema standards, a feature not present in Flask. This makes it easier to test and debug APIs during development.

FastAPI’s use of Python type hints leads to better editor support, error checking, and refactoring capabilities. In contrast, Flask lacks this feature, making code maintenance more challenging.

The choice between FastAPI and Flask depends on the project requirements. For applications requiring high performance, modern asynchronous features, automatic API documentation, or extensive use of data validation, FastAPI would be the preferred choice over Flask due to its advanced features and superior performance.



2. What is the role of Pydantic in FastAPI?
Pydantic plays a crucial role in FastAPI by providing data validation and settings management using Python type annotations. It ensures that incoming data matches the expected types, reducing runtime errors. Pydantic models define how requests and responses should be structured, enabling automatic request body parsing, validation, serialization, and documentation.

3. Can you explain how you would implement authentication and authorization in FastAPI?
FastAPI provides a security module to implement authentication and authorization. For authentication, OAuth2PasswordBearer is used which requires a URL that the client will use for token retrieval. The get_current_user function uses Depends to inject dependencies, where it decodes the token and fetches user data. If invalid, HTTPException is raised.

For authorization, FastAPI offers Security Scopes. Each route can have a list of scopes as dependencies. When a request comes in, FastAPI checks if the current user has required scopes. If not, an error is returned.

Here’s a code snippet:

In [None]:
from fastapi import Depends, FastAPI, HTTPException, Security
from fastapi.security import OAuth2PasswordBearer, SecurityScopes

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

def get_current_user(security_scopes: SecurityScopes, token: str = Depends(oauth2_scheme)):
    # decode token and fetch user data here
    raise HTTPException(status_code=403, detail="Not authenticated")

app = FastAPI()

@app.get("/items/", dependencies=[Depends(Security(get_current_user, scopes=["items:read"]))])
async def read_items():
    return [{"item": "Foo", "value": "Bar"}]

4. How does FastAPI take advantage of Python 3.6 type declarations?
FastAPI utilizes Python 3.6 type declarations to provide several benefits. It uses these annotations for data validation, serialization, and documentation while reducing the amount of code required. FastAPI leverages Pydantic models that use type hints to perform automatic request body JSON parsing, form data handling, and query parameter handling. This results in cleaner, more maintainable code. Additionally, it generates interactive API documentation automatically using OpenAPI standards based on these type declarations

5. What are some of the main advantages of using FastAPI for a project, and what are some potential drawbacks?
FastAPI is a modern, fast (high-performance), web framework for building APIs with Python 3.6+ based on standard Python type hints. It offers several advantages such as high performance comparable to NodeJS and Go thanks to Starlette for the web parts and Pydantic for the data parts. FastAPI also provides easy-to-use features for declaring request parameters and body, automatic interactive API documentation, dependency injection system, OAuth2 integration, among others.

However, it has some drawbacks. Being relatively new, its community is smaller compared to Flask or Django which means fewer resources and plugins available. Also, while its simplicity can be an advantage, it may not be suitable for complex applications that require more robust features provided by mature frameworks like Django.

6. How would you handle exception handling and custom error responses in FastAPI?
FastAPI provides built-in exception handling. To handle exceptions, use the HTTPException class from fastapi.exceptions module. This class accepts status_code and detail parameters to define HTTP status code and error message respectively.

For custom error responses, create a subclass of HTTPException and override its attributes. You can also customize the validation error response body by creating a route operation function that raises RequestValidationError from fastapi.exceptions and catch it in an exception handler.

Here’s a coding example:

In [None]:
from fastapi import FastAPI, HTTPException

app = FastAPI()

@app.exception_handler(HTTPException)
async def http_exception_handler(request, exc):
    return JSONResponse(
        status_code=exc.status_code,
        content={"message": f"Oops! {exc.detail}"},
    )

@app.get("/items/{item_id}")
async def read_item(item_id: str):
    if item_id not in items:
        raise HTTPException(status_code=404, detail="Item not found")

8. How would you handle file uploads in FastAPI?
FastAPI provides a simple way to handle file uploads using the File and UploadFile classes. To upload a file, you would define an endpoint that includes a parameter of type UploadFile. This parameter will be treated as a “form data” parameter.



In [None]:
from fastapi import FastAPI, UploadFile, File

app = FastAPI()

@app.post("/files/")
async def create_file(file: UploadFile = File(...)):
    return {"filename": file.filename}

In this code, file: UploadFile = File(...) declares a new parameter of type UploadFile. The File function is a “special function” used to declare it.

The uploaded file is stored in memory up to a limit, and then passed to a temporary file stored on disk. You can access the file with .file, get metadata like filename or content type with .filename and .content_type.



9. FastAPI is built on top of Starlette for the web parts and Pydantic for the data parts. Can you explain how these work together to provide FastAPI’s functionality?
FastAPI utilizes Starlette for web routing and Pydantic for data validation and serialization. When a request is made, Starlette handles the HTTP specifics, such as path operations and requests/responses. It also provides asynchronous capabilities. Pydantic comes into play by validating incoming JSON data against predefined models, ensuring type correctness. If valid, it serializes the data into Python types that can be used in your application. These two components work together to provide FastAPI’s core functionality: fast, easy-to-use, and robust API development with automatic interactive documentation.



11. How does FastAPI handle serialization and validation of data?
FastAPI uses Pydantic for data serialization and validation. Pydantic models define the shape of incoming or outgoing data, ensuring type correctness. When a request is received, FastAPI validates the data against the model’s schema using Python’s built-in typing system. If the data doesn’t match the schema, FastAPI automatically sends an error response detailing the issue. For valid data, it serializes into JSON format for HTTP responses. This process also works in reverse for incoming JSON data, deserializing it into Python objects.

13. How would you create a background task in FastAPI?
FastAPI allows the creation of background tasks using BackgroundTasks class. To create a task, first import BackgroundTasks from fastapi and define your function for the task. For instance, if you want to write logs in the background, define a function ‘write_log’. Now, include BackgroundTasks as a parameter in your path operation function. Inside this function, use the ‘add_task’ method on the BackgroundTasks object to add your log writing function as a task. This will execute the task after sending a response.

Here’s an example:

In [None]:
from fastapi import FastAPI, BackgroundTasks

def write_log(message: str):
    with open("log.txt", "w") as file:
        file.write(message)

app = FastAPI()

@app.post("/send/{message}")
async def send_message(message: str, background_tasks: BackgroundTasks):
    background_tasks.add_task(write_log, message)
    return {"Message": "Message sent!"}


14. Could you demonstrate a case where you would prefer to use HTTP protocol directly instead of FastAPI’s dependency injection?
FastAPI’s dependency injection system is highly efficient for managing dependencies and reducing code repetition. However, there are cases where using HTTP protocol directly might be preferred. One such case could be when dealing with low-level network operations or custom protocols.

For instance, if we need to implement a WebSocket server that communicates via a specific binary protocol, FastAPI’s dependency injection may not provide the necessary control over the raw data stream. In this scenario, it would be more appropriate to use an ASGI server like Uvicorn or Hypercorn directly along with Python’s built-in asyncio library for handling asynchronous I/O operations.

In [None]:
import uvicorn
from starlette.websockets import WebSocket

async def app(scope, receive, send):
    websocket = WebSocket(scope, receive, send)
    await websocket.accept()
    while True:
        data = await websocket.receive_text()
        # Process data here...
        await websocket.send_text(f"Processed: {data}")

if __name__ == "__main__":
    uvicorn.run(app, host="127.0.0.1", port=8000)

15. Can you describe how you would handle CORS (Cross-Origin Resource Sharing) in FastAPI?
FastAPI has a built-in middleware for managing CORS, which can be added to the application instance. To enable it, import CORSMiddleware from fastapi.middleware.cors and add it to your FastAPI app using the .add_middleware() method. You need to specify parameters like allow_origins (a list of origins that are allowed), allow_credentials (whether cookies can be supported), allow_methods (HTTP methods allowed), and allow_headers (which HTTP headers are permitted). Here’s an example:

In [None]:
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware

app = FastAPI()

origins = ["http://localhost:3000"]

app.add_middleware(
    CORSMiddleware,
    allow_origins=origins,
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

@app.get("/")
async def main():
    return {"message": "Hello World"}

16. How do FastAPI’s response models work and what benefits do they provide?
FastAPI’s response models are Python classes that define the structure and data types of HTTP responses. They leverage Pydantic for data validation, serialization, and documentation. When a route function returns a Pydantic model, FastAPI automatically converts it into JSON, checks the data against the model’s schema, and generates an OpenAPI schema.

1. Data Validation: Ensures only valid data is returned.
2. Serialization: Converts complex data types to JSON.
3. Documentation: Auto-generates API docs based on the model.
4. Code Reusability: Models can be reused across different routes.
5. Error Handling: Automatically handles errors when data doesn’t match the model.

17. How would you deploy a FastAPI application to a production environment?
FastAPI deployment involves several steps. First, develop the FastAPI application locally and ensure it’s functioning as expected. Next, containerize your app using Docker for consistency across environments. Create a Dockerfile in your project directory that includes instructions to build an image of your app.

FROM tiangolo/uvicorn-gunicorn-fastapi:python3.7
COPY ./app /app

Then, build the Docker image with docker build -t myimage . and run it with docker run -d --name mycontainer -p 80:80 myimage.

For production, consider deploying on a cloud platform like AWS or Google Cloud. Use their respective services (ECS/Fargate for AWS, Kubernetes Engine for GCP) to manage your containers. Ensure you have set up proper logging and monitoring for your deployed application.

18. Can you explain how path parameters and query parameters are used in FastAPI?
FastAPI uses path parameters and query parameters to extract data from a URL. Path parameters are defined in the route’s URL, enclosed in curly braces {}. They’re used to capture specific values from the path itself. For example, @app.get(“/items/{item_id}”) would capture the item_id from the URL.

Query parameters, on the other hand, are appended after the URL following a question mark ?. They allow optional information to be passed into the function. For instance, @app.get(“/items/”) might accept ‘skip’ and ‘limit’ as query parameters to control pagination.

In both cases, FastAPI automatically validates these parameters, generates error messages when data is invalid, and provides interactive documentation for them.



19. What features does FastAPI provide for form handling?
FastAPI provides robust form handling features. It uses Python type hints to validate incoming data, ensuring that it matches the expected format. This includes checking for required fields and validating field types. FastAPI also supports nested models for complex forms with sub-forms or lists of sub-forms. Additionally, it allows for custom validation using Pydantic’s @validator decorator, enabling more complex checks beyond simple type validation. Furthermore, FastAPI can automatically generate interactive documentation for your API including form parameters, making it easier for users to understand how to interact with your endpoints.

20. How can you use middleware with FastAPI?
FastAPI allows the use of middleware for common functionalities like authentication, CORS, etc. Middleware is a function that works with each request before it’s processed by any specific path operation and also with each response before returning it.

To add middleware in FastAPI, you can use the add_middleware() method on an instance of FastAPI(). The first argument to this method is the middleware class you want to add, followed by any keyword arguments needed for its configuration.

In [None]:
from fastapi import FastAPI
from starlette.middleware.cors import CORSMiddleware

app = FastAPI()

app.add_middleware(
    CORSMiddleware,
    allow_origins=["*"],
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

21. How does FastAPI integrate with GraphQL?
FastAPI integrates with GraphQL through the use of Starlette’s GraphQLApp. This allows FastAPI to handle HTTP requests and responses, while GraphQLApp manages the execution of GraphQL queries. The integration process involves creating a GraphQL schema using Graphene library, then passing this schema to GraphQLApp which is added as a route in FastAPI application. This setup enables handling of GraphQL queries at specified endpoint. For mutations or subscriptions, additional configurations are required.

22. How does FastAPI handle cookies and sessions?
FastAPI doesn’t directly handle cookies and sessions, but it can be integrated with Starlette’s SessionMiddleware for this purpose. To use cookies, FastAPI has a ‘cookies’ parameter in path operation functions. You declare the cookie name as a string argument to receive its value. For sessions, you add SessionMiddleware to your application, providing a secret key. This middleware uses signed cookies to store session data client-side. The data is cryptographically signed but not encrypted, so user can see contents but cannot modify them without invalidating signature.

23. How can you serve static files with FastAPI?
FastAPI can serve static files using the StaticFiles class from starlette.staticfiles. First, import FastAPI and StaticFiles from fastapi and starlette.staticfiles respectively. Then create an instance of FastAPI and mount a new instance of StaticFiles to it. The directory parameter in StaticFiles should point to your static files’ location. For example:

In [None]:
from fastapi import FastAPI
from starlette.staticfiles import StaticFiles

app = FastAPI()

app.mount("/static", StaticFiles(directory="static"), name="static")

24. What are some of the security features provided by FastAPI and how can they be utilized?
FastAPI provides several security features. It supports OAuth2 with Password and Bearer, a standard for user authentication, allowing secure access to resources. This is achieved by using Python-Jose to encrypt and verify tokens. FastAPI also offers HTTPBasicAuth for simpler cases where username and password are required.

Another feature is the automatic generation of interactive API documentation with login functionality. This allows users to authenticate directly from their browser while testing endpoints.

FastAPI’s dependency system can be used to manage permissions effectively. By creating dependencies for different routes or groups of routes, you can control who has access to what data.

FastAPI also protects against common vulnerabilities like Cross-Site Scripting (XSS) and SQL Injection attacks by default. It uses Pydantic models which automatically validate incoming JSON requests, preventing malicious code from being executed.



25. How can FastAPI be used with async and await, and what benefits does this provide?
FastAPI supports asynchronous request handling through Python’s async and await keywords. This allows for concurrent processing of requests, improving application performance. When a FastAPI route is defined with an async function, it becomes a coroutine that can be paused and resumed, allowing other tasks to run in the meantime.



In [None]:
from fastapi import FastAPI

app = FastAPI()

@app.get("/")
async def read_root():
    return {"Hello": "World"}

In this example, read_root is an asynchronous function. If it calls another async function with await, execution returns to the event loop, freeing up resources until the awaited function completes.

This non-blocking nature of async I/O operations means your app can handle more requests with fewer resources, as idle time waiting for I/O (like network or disk access) can be used to serve other requests. It also simplifies code by avoiding callback hell or threading complexities, making it easier to write and maintain.