Skip to content

accelero-cloud/appkernel

Repository files navigation

appkernel - API development made easy

alt build_status alt issues alt coverage GitHub license

What is Appkernel?

A super-easy to use API framework, enabling API creation from zero to production within minutes (no kidding: literally within minutes).

It provides data serialisation, transformation, validation, security, ORM, RPC and service mash functions out of the box (check out the roadmap for more details).

... and finally give a vote on awesome-python if you like the project, so it gets added to the list of RESTful python frameworks. Only 15 more votes are missing :)

Installation

    pip install appkernel

Crash Course

Let's build an awseome mini identity service:

class User(Model, MongoRepository):
    # define the resource schema as class meta data
    id = Property(str)
    name = Property(str, index=UniqueIndex)
    email = Property(str, validators=[Email], index=UniqueIndex)
    password = Property(str, converter=content_hasher(), omit=True)
    roles = Property(list, sub_type=str, default_value=['Login'])

    @classmethod
    def before_post(cls, *args, **kwargs):
        # this method is automatically called before persisting the instance
        # one can use after_post for hook after the persistence.
        user = kwargs.get('model')
        print(f'going to create the following user: {user}')



if __name__ == '__main__':
    # let's expose the user resource
    kernel = AppKernelEngine()
    kernel.register(User)

    # let's create and persist a sample user
    user = User(name='Test User', email='[email protected]', password='some pass')
    user.save()

    # and we are all set
    kernel.run()

That's all folks, our user service is ready to roll, the entity is saved, we can re-load the object from the database, or we can request its json schema for validation, or metadata to generate an SPA (Single Page Application). Of course validation and some more goodies are built-in as well :)

Retrieving our our User, using HTTP requests

GET request:

curl -i -X GET \
 'http://127.0.0.1:5000/users/'

And the result:

{
  "_items": [
    {
      "_type": "User",
      "email": "[email protected]",
      "id": "U0590e790-46cf-42a0-bdca-07b0694d08e2",
      "name": "Test User",
      "roles": [
        "Login"
      ]
    }
  ],
  "_links": {
    "self": {
      "href": "/users/"
    }
  }
}

Adding extra and secure methods using the @action decorator is easy as well:

@action(method='POST', require=[CurrentSubject(), Role('admin')])
def change_password(self, current_password, new_password):
    if not pbkdf2_sha256.verify(current_password, self.password):
        raise ServiceException(403, _('Current password is not correct'))
    else:
        self.password = new_password
        self.save()
    return _('Password changed')

The example above exposes the http://base_url/users/<user_id>/change_password endpoint and allows the user with admin role or the user with the current user_id to call it.

Create additional hooks, which are called before and after a HTTP method is executed, by simply adding a static method to the Model class following the convention: before_{http_method} and after_{http_method}:

Example:

@classmethod
def before_post(cls, *args, **kwargs):
    user = kwargs.get('model')
    print(f'going to create this user: {user}')

or inspect (and alter) the already persisted object:

@classmethod
def after_post(cls, *args, **kwargs):
    user = kwargs.get('model')
    print(f'this user was created: {user}')

We can also call other services using the built-in REST client proxy. In the snippet bellow we call the reservations endpoint on the Inventory service, by POST-ing a Reservation object.

    client = HttpClientServiceProxy('http://127.0.0.1:5000/')
    status_code, rsp_dict = client.reservations.post(Reservation(order_id=order.id, products=order.products))

Some features of the REST endpoint

  • GET /users/12345 - retrieve a User object by its database ID;
  • GET /users/?name=Jane&email=[email protected] - retrieve the User named Jane with e-mail address [email protected];
  • GET /users/?name=Jane&name=John&logic=OR - retrieve Jane or John;
  • GET /users/?roles=~Admin - retrieve all users which have the role Admin;
  • GET /users/?name=[Jane,John] - retrieve all user with the name Jane or John;
  • GET /users/?inserted=>2018-01-01&inserted=<2018-12-31 - return all users created in 2018;
  • GET /users/?page=1&page_size=5&sort_by=inserted&sort_order=DESC - return the first page of 5 elements;
  • GET /users/?query={"$or":[{"name": "Jane"}, {"name":"John"}]} - return users filtered with a native Mongo Query;
  • GET /users/meta - retrieve the metadata of the User class for constructing self-generating SPAs;
  • GET /users/schema - return the Json Schema of the User class used for validating objects;

Additionally the following HTTP methods are supported:

  • POST: create a new user (or updates existing one by replacing it) using a json payload or multipart form data
  • PATCH: add or updates some fields on the User object
  • PUT: replaces a User object

A few features of the built-in ORM function

Find one single user matching the query Property:

user = User.where(name=='Some username').find_one()

Return the first 5 users which have the role "Admin":

user_generator = User.where(User.roles % 'Admin').find(page=0, page_size=5)

Or use native Mongo Query:

user_generator = Project.find_by_query({'name': 'user name'})

Atomic updates:

# reserve 10 products with product code TRS abd size M
query = StockInventory.where((StockInventory.product.code == 'TRS') & (StockInventory.product.size == ProductSize.M))
for _ in range(10):
    ...
    query.update(available=StockInventory.available - 1, reserved=StockInventory.reserved + 1)

One could extend the AuditedMongoRepository mixin instead of the MongoRepository and we would end up with 3 extra fields:

  • inserted: the date-time of insertion;
  • updated: the date-time of the last update;
  • version: the number of versions stored for this document;

Some more extras baked into the Model

Generate the ID value automatically using a uuid generator and a prefix 'U':

id = Property(..., generator=uuid_generator('U'))

Add a Unique index to the User's name property:

name = Property(..., index=UniqueIndex)

Validate the e-mail property, using the NotEmpty and Email validators

email = Property(..., validators=[Email, NotEmpty])

Add schema validation to the database:

User.add_schema_validation(validation_action='error')

Hash the password and omit this attribute from the json representation:

password = Property(..., converter=content_hasher(rounds=10), omit=True)

Run the generators on the attributes and validate the object (usually not needed, since it is implicitly called by save and dumps methods):

user.finalise_and_validate()

Security is also part of the mix

The following snippet shows the declarative way of access control:

user_service = kernel.register(User, methods=['GET', 'PUT', 'POST', 'PATCH', 'DELETE'])
user_service.deny_all().require(Role('user'), methods='GET').require(Role('admin'),
                                                                         methods=['PUT', 'POST', 'PATCH', 'DELETE'])
  1. user_service.deny_all(): by default access to all methods is forbidden;
  2. require(Role('user'), methods='GET'): GET methods can be used by users having the Role: user (basic login role);
  3. require(Role('admin'), methods=['PUT', 'POST', 'PATCH', 'DELETE']): one needs the Role: admin in order to call other http methods;

I want to know the current status of the project

For more details feel free to check out the documentation

What are we building here?

The vision of the project is to provide you with a full-fledged microservice chassis, as defined by Chris Richardson to help creating beautiful APIs quikly and efficiently.

How does it helps you?

We've spent the time on analysing the stack, made the hard choices for you in terms of Database/ORM/Security/Rate Limiting and so on, so you don't have to. You can focus entirely on delivering business value from day one and being the rockstar of your project.

Currently supported (and fully tested) features:

  • REST endpoints over HTTP
  • Full range of CRUD operations
  • Customizable resource endpoints
  • Customizable, multiple item endpoints
  • Filtering and Sorting
  • Pagination
  • Data Validation
  • Extensible Data Validation
  • Default Values
  • Projections
  • Embedded Resource Serialization
  • Custom ID Fields
  • MongoDB Aggregation Framework
  • Powered by Flask

Contribute

Be part of the development: contribute to the project :)

Why did we built this?

  • We had the need to build a myriad of small services in our daily business, ranging from data-aggregation pipelines, to housekeeping services and other process automation services. These do share similar requirements and the underlying infrastructure needed to be rebuilt and tested over and over again. The question arose: what if we avoid spending valuable time on the boilerplate and focus only on the fun part?

  • Often time takes a substantial effort to make a valuable internal hack or proof of concept presentable to customers, until it reaches the maturity in terms reliability, fault tolerance and security. What if all these non-functional requirements would be taken care by an underlying platform?

  • There are several initiatives out there (Flask Admin, Flask Rest Extension and so), which do target parts of the problem, but they either need substantial effort to make them play nice together, either they feel complicated and uneasy to use. We wanted something simple and beautiful, which we love working with.

These were the major driving question, which lead to the development of App Kernel.

How does it works?

AppKernel is built around the concepts of Domain Driven Design. You can start the project by laying out the model. The first step is to define the validation and data generations rules. For making life easier, one can also set default values. Than one can extend several built-in classes in order to augment the model with extended functionality:

  • extending the Repository class (or its descendants) adds and ORM persistency capability to the model;
  • extending the Service class (or its descendants) add the capablity to expose the model over REST services;