A RESTful API for managing books and their metadata.
Books API provides a comprehensive platform for managing a collection of books with the following features:
- Book Management: Create, retrieve, update, and delete books
- User Authentication: Secure signup, login, and token-based authentication
- Role-Based Access Control: Different permissions for users and administrators
- Review System: Allow users to post and manage reviews for books
- Tagging System: Organize books with custom tags
- Background Processing: Email notifications and other async tasks with Celery
- Token Management: Secure logout with token blacklisting via Redis
The API is built with FastAPI, providing automatic OpenAPI documentation, async request handling, and modern Python features.
- Python 3.13
- pip for dependency management
-
Clone the repository:
git clone <repository-url> cd books-api -
Set up a virtual environment:
python -m venv .venv source .venv/bin/activate # On Windows: .venv\Scripts\activate -
Install dependencies:
pip install -r requirements.txt -
Configure environment variables:
cp .env.example .env # Edit .env with your configurations -
Run database migrations:
# Initialize Alembic if you haven't already alembic init migrations # Generate a migration alembic revision --autogenerate -m "Initial migration" # Apply migrations alembic upgrade head -
Start the development server:
# Run the FastAPI application from the src directory fastapi dev src/ -
Start Redis using Docker:
docker-compose up -d redis -
Start Celery worker for background tasks:
celery -A src.celery_tasks.c_app worker --loglevel=INFO -
Start Flower for monitoring Celery tasks:
celery -A src.celery_tasks.c_app flower
The API documentation is automatically generated and available at:
- Swagger UI: http://localhost:8000/docs
- ReDoc: http://localhost:8000/redoc
GET /api/books/- List all booksPOST /api/books/- Create a new bookGET /api/books/{book_uid}- Retrieve a specific bookPATCH /api/books/{book_uid}- Partially update a bookDELETE /api/books/{book_uid}- Delete a bookGET /api/books/user/{user_uid}- List books submitted by a specific user
GET /api/reviews/- List all reviewsGET /api/reviews/{review_uid}- Get a specific reviewPOST /api/reviews/book/{book_uid}- Add a review for a bookDELETE /api/reviews/{review_uid}- Delete a review
GET /api/tags/- List all tagsPOST /api/tags/- Create a new tagPOST /api/tags/book/{book_uid}/tags- Add a tag to a bookPUT /api/tags/{tag_uid}- Update a tagDELETE /api/tags/{tag_uid}- Delete a tag
POST /api/auth/signup- Register a new userPOST /api/auth/login- User loginPOST /api/auth/refresh_token- Get a new access token using refresh tokenPOST /api/auth/logout- Logout (revoke token)GET /api/auth/me- Get current user informationPOST /api/auth/send_mail- Send email notificationGET /api/auth/verify/{token}- Verify user accountPOST /api/auth/password-reset-request- Request password resetPOST /api/auth/password-reset-confirm/{token}- Confirm password reset
The API uses token-based authentication with role-based access control. Include the token in the Authorization header:
Authorization: Bearer <your-token>
The application implements role-based access control with the following roles:
- Admin: Full access to all endpoints and operations
- User: Can manage their own books, post reviews, and use tags
Endpoints are protected using role checker dependencies that verify the user has the appropriate permissions for the requested operation.
This project uses Alembic for database migrations:
# Create a new migration after model changes
alembic revision --autogenerate -m "Description of changes"
# Apply pending migrations
alembic upgrade head
# Downgrade to a specific version
alembic downgrade <revision>
# View migration history
alembic history
This project uses Celery for handling background tasks like sending emails and processing data:
- Worker: Processes background tasks from the queue
- Flower: Web-based monitoring tool for Celery tasks (available at http://localhost:5555)
- Redis: Used as a message broker and for token blacklisting
For development purposes, the application is configured to use MailMung, an online service for email testing that captures and displays emails without actually sending them to real recipients.
To use MailMung:
- Sign up for a free MailMung account at https://mailmug.net
- Configure your login information in the
.envfile - All emails sent by the application will be viewable in your MailMung dashboard
Note: MailMung is for development only. Configure a real email service provider for production.
Redis serves two primary functions in this project:
- Message Broker: Handles the task queue for Celery workers
- Token Blacklisting: Stores revoked JWT tokens to enforce logout functionality
To access the Redis CLI for debugging:
docker exec -it redis redis-cli
Useful Redis commands for token management:
# List all keys
KEYS *
# Check if a token is blacklisted
EXISTS blacklisted_tokens:<token_jti>
# Set expiration time on keys
TTL blacklisted_tokens:<token_jti>
This project uses pytest for testing, along with FastAPI's TestClient and unittest.mock for mocking dependencies.
To run the test suite:
# (Optional) Activate your virtual environment
source .venv/bin/activate
# Install test dependencies if not already installed
pip install -r requirements.txt
# Run all tests
pytest
- Tests are located in the
tests/directory and cover authentication, books, reviews, and tags endpoints. - Some tests use dependency overrides and mocks for database and Redis interactions.
- Ensure your environment variables are set up (see
.env.example). - For best results, run tests in an isolated environment.
This project uses:
- Ruff for linting
- Black for code formatting
Format your code before committing:
black .
ruff check --fix
Instructions for deploying the API to production environments.
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.