Chapter 17 Further Reading: Backend Development and REST APIs

Annotated Bibliography

1. FastAPI Official Documentation

URL: https://fastapi.tiangolo.com/ Author: Sebastian Ramirez

The FastAPI documentation is widely regarded as one of the best framework documentation sites in the Python ecosystem. It includes a comprehensive tutorial that walks through every feature with working code examples, an advanced user guide covering dependency injection, security, testing, and deployment, and a detailed API reference. Start with the tutorial if you are new to FastAPI; jump to the advanced guide for topics like custom middleware, background tasks, and WebSocket support.

2. Flask Documentation and Tutorial

URL: https://flask.palletsprojects.com/ Author: Pallets Projects

Flask's official documentation includes the "Quickstart" guide for getting a basic application running and a more in-depth "Tutorial" that builds a complete blog application with user authentication, database integration, and testing. The documentation is clear and well-organized. Pay particular attention to the sections on Blueprints, the Application Factory pattern, and testing, which are essential for production Flask applications.

3. "RESTful Web APIs" by Leonard Richardson, Mike Amundsen, and Sam Ruby

Publisher: O'Reilly Media, 2013 ISBN: 978-1449358068

Despite its age, this book remains the definitive resource on REST API design. It goes beyond the basics to cover hypermedia-driven design, content negotiation, and the full spectrum of HTTP semantics. The book provides a philosophical framework for API design that helps you make consistent decisions about URL structure, status codes, and resource representation. Read this if you want to understand not just how to build APIs, but why REST conventions exist.

4. Pydantic Official Documentation

URL: https://docs.pydantic.dev/ Author: Samuel Colvin

Pydantic is the data validation library that powers FastAPI's request and response handling. Its documentation covers basic and advanced model definition, custom validators, serialization settings, and integration with other frameworks. The sections on model validators, computed fields, and generic models are particularly relevant for complex API schemas. Understanding Pydantic deeply will make you significantly more productive with FastAPI.

5. "API Design Patterns" by JJ Geewax

Publisher: Manning Publications, 2021 ISBN: 978-1617295850

This book catalogs common patterns in API design, including standard methods (CRUD), custom methods, long-running operations, pagination, filtering, and versioning. Each pattern is presented with clear examples, trade-off analysis, and implementation guidance. Particularly valuable for the chapters on error handling patterns, association resources, and singleton sub-resources. A practical companion to the more theoretical Richardson/Amundsen book.

6. "Web API Design: The Missing Link" by Apigee (Google Cloud)

URL: https://cloud.google.com/files/apigee/apigee-web-api-design-the-missing-link-ebook.pdf

A concise ebook (around 30 pages) that distills API design best practices into actionable guidelines. Covers URL naming, versioning, pagination, error handling, and authentication. Its brevity makes it an excellent quick reference when you need to make a design decision. The pragmatic tone -- "here is what works in practice" rather than "here is the theory" -- makes it immediately useful.

7. OWASP API Security Top 10

URL: https://owasp.org/API-Security/ Author: Open Worldwide Application Security Project

The OWASP API Security project identifies the ten most critical security risks for APIs. Each risk includes a description, examples of vulnerable code, attack scenarios, and prevention measures. Essential reading for anyone building APIs that handle user data or sensitive operations. The 2023 edition covers broken object-level authorization, broken authentication, unrestricted resource consumption, and several other risks that are directly relevant to the code patterns in this chapter.

8. "Building Python Web APIs with FastAPI" by Abdulazeez Abdulazeez Adeshina

Publisher: Packt Publishing, 2022 ISBN: 978-1801076630

A project-based book that walks through building several complete FastAPI applications, including a todo app, a social media API, and a real-time application with WebSockets. Each project covers authentication, testing, database integration, and deployment. The practical, project-oriented approach complements the more reference-oriented official documentation.

9. HTTP Specification (RFC 9110)

URL: https://www.rfc-editor.org/rfc/rfc9110 Author: IETF

The official HTTP/1.1 specification defines the semantics of every HTTP method, status code, and header. While dense, it is the authoritative reference for questions like "Should DELETE return 200 or 204?" or "What exactly does idempotent mean?" Reading sections 9 (Methods) and 15 (Status Codes) will give you a solid foundation that goes beyond what tutorial-level resources cover.

10. "Designing Data-Intensive Applications" by Martin Kleppmann

Publisher: O'Reilly Media, 2017 ISBN: 978-1449373320

While not specifically about REST APIs, this book provides deep insight into the systems that backends communicate with: databases, caches, message queues, and distributed systems. Understanding these fundamentals helps you design APIs that are reliable, scalable, and performant. Particularly relevant chapters cover data models, replication, partitioning, and consistency. An essential read for anyone building backends that need to scale.

11. Python Testing with pytest by Brian Okken

Publisher: Pragmatic Bookshelf, 2022 (2nd edition) ISBN: 978-1680508604

Comprehensive guide to testing Python applications with pytest, the testing framework used throughout this chapter. Covers fixtures, parametrization, mocking, and test organization. The chapters on fixtures and parametrization are directly applicable to API testing, where you often need to set up authenticated clients and test the same endpoint with multiple input combinations.

12. OpenAPI Specification

URL: https://spec.openapis.org/oas/latest.html Author: OpenAPI Initiative

The official OpenAPI specification defines the format for describing REST APIs in a machine-readable way. Understanding the spec helps you get the most out of FastAPI's automatic documentation generation and enables you to use tools like code generators, API validators, and mock servers. The specification covers path definitions, schema objects, security schemes, and more.

13. "Microservices Patterns" by Chris Richardson

Publisher: Manning Publications, 2018 ISBN: 978-1617294549

As your backend grows beyond a single API, microservices patterns become relevant. This book covers service decomposition, inter-service communication (sync and async), API gateways, event-driven architecture, and distributed data management. The patterns for API composition and service discovery are directly applicable when building systems of multiple FastAPI or Flask services that need to communicate with each other.

14. Starlette Documentation

URL: https://www.starlette.io/ Author: Tom Christie

FastAPI is built on top of Starlette, an ASGI framework. Understanding Starlette gives you access to lower-level features like custom middleware classes, WebSocket support, background tasks, and server-sent events. When FastAPI's abstractions are not sufficient for your use case, Starlette's documentation shows you how to work at a lower level while still benefiting from the ASGI ecosystem.