Skip to content

FastAPI — Advanced (50+ Coding Exercises)

  1. Implement lifespan-managed shared httpx.AsyncClient and inject it via dependency.
  2. Implement bounded concurrency for outbound calls (max 20) using semaphore.
  3. Implement timeout + retry wrapper (exponential backoff + jitter) for outbound calls.
  4. Implement a circuit breaker for a flaky upstream dependency.
  5. Implement bulkhead isolation per upstream dependency (separate semaphores).
  6. Implement optimistic concurrency control on updates using ETag + If-Match.
  7. Implement stock decrement endpoint that prevents lost updates (transaction + check).
  8. Implement idempotency keys for POST/PUT with stored responses and TTL.
  9. Implement distributed rate limiting design using Redis (token bucket) (code skeleton).
  10. Implement distributed lock helper (Redis SETNX) and use it to serialize a job per user.
  11. Implement background job processing with Celery/RQ skeleton and retries.
  12. Implement dead-letter handling strategy for jobs that exceed retries.
  13. Implement a real-time notifications WebSocket endpoint with per-user channels.
  14. Implement SSE endpoint streaming progress updates from a background job.
  15. Implement file upload service design with S3 multipart upload (init/part/complete endpoints skeleton).
  16. Implement request/response logging middleware with PII redaction rules.
  17. Implement structured logging JSON output with correlation IDs.
  18. Implement OpenTelemetry instrumentation hooks (middleware + outgoing http + db) skeleton.
  19. Implement /metrics endpoint compatible with Prometheus format (basic counters).
  20. Implement API gateway friendly headers: X-Request-Id, X-Forwarded-For parsing.
  21. Implement per-route timeouts (enforced in middleware) with configurable defaults.
  22. Implement graceful shutdown handling: stop accepting new requests, drain in-flight.
  23. Implement contract tests that validate OpenAPI schema fields and route presence.
  24. Implement versioned API migration: keep /v1 and introduce /v2 with compatibility tests.
  25. Implement quota system per API key (daily limit) with persistence (DB/Redis).
  26. Implement tenant isolation using JWT claims + DB row-level filters in queries.
  27. Implement a multi-tenant middleware that selects tenant and injects into dependencies.
  28. Implement a high-throughput endpoint optimized for validation (benchmark before/after).
  29. Implement caching layer with ETag/304 for heavy GET endpoints.
  30. Implement response compression (gzip) middleware and skip for already-compressed types.
  31. Implement “export job” workflow: create job, run async, poll status, download file.
  32. Implement job status storage and cleanup after TTL.
  33. Implement CSV export streaming and ensure constant memory usage.
  34. Implement paginated export using cursor iteration to avoid loading all rows.
  35. Implement database connection pooling configuration and enforce session lifecycle.
  36. Implement transaction wrapper dependency for endpoints that need atomicity.
  37. Implement saga-like compensating actions for multi-step workflows (code skeleton).
  38. Implement secure headers middleware (HSTS, X-Content-Type-Options, etc.).
  39. Implement CSP header configuration for docs/static responses (if serving).
  40. Implement secrets loading and validation at startup (fail-fast missing env vars).
  41. Implement an admin-only endpoint protected by mTLS header or gateway claim (stub).
  42. Implement request size limits for JSON bodies and return 413 when exceeded.
  43. Implement concurrency-safe in-memory cache with TTL for hot keys (fallback when Redis down).
  44. Implement dependency health checks for DB/Redis/upstream and expose /ready.
  45. Implement /live endpoint for liveness probe (fast, no dependencies).
  46. Implement load test script skeleton (locust/k6) and define p95 targets.
  47. Implement error envelope standardization for all exceptions (problem+json style).
  48. Implement retries respecting idempotency and do not retry non-idempotent operations without key.
  49. Implement an audit log for sensitive operations (auth, delete) with structured fields.
  50. Implement log rotation/retention strategy for audit logs (external or file-based stub).
  51. Implement tracing for background jobs with correlation IDs from requests.
  52. Implement a “safe deploy checklist” script that validates config and dependencies.