Mykhailo Kononov

Mykhailo Kononov

Python developer with 2 years of hands-on experience

Project 2

Github Repositiry Link - https://github.com/MykhailoKononov/recipe-share-fastapi

RecipeShare API Platform

RecipeShare is a production‑ready, microservices‑style recipe‑sharing backend built with FastAPI and PostgreSQL. Designed for high throughput and reliability, it features robust API design, comprehensive test coverage, CI/CD automation, and full observability with Prometheus & Grafana.

Table of Contents

  1. Features
  2. Architecture & Tech Stack
  3. API Endpoints & Testing
  4. Monitoring & Observability
  5. Deployment & CI/CD
  6. Setup & Run
  7. Screenshots & Code Snippets
  8. Future Improvements

Features

  • RESTful API
    • CRUD for recipes, comments, ratings, and user profiles
    • JWT‑based authentication and role‑based access control
  • Microservices Architecture
    • Separate services for API, Auth, and Image handling
    • Cloudinary integration for image uploads
  • Test Coverage
    • Pytest suite with fixtures, parametrized tests, and mocks

    • 90% endpoint coverage

  • Observability
    • Prometheus metrics exported by each service
    • Grafana dashboards with key performance indicators
  • Scalable & Containerized
    • Docker Compose orchestration (Kubernetes‑ready)
    • Stateless API pods, shared PostgreSQL database

Architecture & Tech Stack

  • FastAPI: high‑performance ASGI framework for all services
  • Pytest: testing framework with coverage reporting
  • PostgreSQL: relational data store, SQLAlchemy ORM
  • Docker & Docker Compose: containerization and orchestration
  • GitHub Actions: pipelines for linting, type checks, tests, builds, and deploys
  • Prometheus & Grafana: metrics collection and visualization

API Endpoints & Testing

  • OAuth2 & JWT
    Uses FastAPI’s OAuth2PasswordBearer (alias oauth2_scheme) to extract bearer tokens. Upon successful login or signup, the API issues a pair of JWT tokens (access + refresh) signed with a secure secret and configurable expiry.
  • Email Confirmation
    New users must verify their email via a one‑time link sent to their inbox. The POST /auth/verify-email endpoint consumes the token in the link to activate the account.
  • Scoped Access
    Endpoints are protected by OAuth2 scopes:
    • Public (no token) for signup, login, email verification, password reset
    • user scope for recipe creation, commenting, profile updates
    • user:verified to post and edit recipes

Routes:

Pytest:

  • Conftest
    • Spins up a temporary test database in Docker and creates an isolated SQLAlchemy engine & session
    • Uses fixtures to truncate all tables before each test and seed test users/recipes, ensuring full isolation
  • Auth test handlers
  • Peofile & Recipe test handlers
    • Thorough pytest modules that exercise each auth endpoint in isolation
    • Achieves >90% coverage for success cases and all expected exceptions (invalid credentials, expired tokens, unverified email, insufficient scopes)

Project presentation is still in progress. This page is to be updated soon. Still, you can explore it on my GitHub Repository