FASTAPI
How FastAPI actually works under the hood — request lifecycle, async vs sync, dependency injection, and the gotchas that bite you in production.
18 parts published
FastAPI 101: The Request Lifecycle
From the moment a request hits your FastAPI app to the moment a response leaves — every layer it touches, every hook you can intercept, and where things go wrong in production.
FastAPI 102: Async vs Sync — What Actually Happens
FastAPI supports both async def and def routes. The difference is not just syntax — it determines whether your route blocks the event loop, runs in a thread pool, or silently kills your throughput under load.
FastAPI 103: API Design — Pagination, Filtering & Error Handling at Scale
Offset pagination silently breaks at 100k rows. Inconsistent error shapes make every frontend integration painful. This is how you design FastAPI endpoints that hold up under real production load.
FastAPI 104: Rate Limiting & Throttling — Token Buckets, Sliding Windows & Redis
In-process counters give you 4× your intended limit across Uvicorn workers. Fixed windows let attackers double their quota in 2 seconds. Here's how to build rate limiting that actually works.
FastAPI 105: Caching Strategies & Redis Patterns — Cache-Aside, Invalidation & Thundering Herd
In-process caches shatter across workers. No TTL means silent memory leaks. And a single key expiry can send 500 simultaneous queries to your database. Here's how caching actually works in production.
Staff Prep 08: FastAPI Request Lifecycle — From TCP to Response
What actually happens between a client sending a request and FastAPI returning a response? Uvicorn workers, ASGI, Starlette routing, middleware order, dependency injection — explained.
Staff Prep 09: async vs sync in Python — When Async Actually Helps
Async does not make your code faster — it makes it more concurrent. Understanding the difference prevents the most common async Python mistake: using it for CPU-bound work.
Staff Prep 10: Background Processing — In-Process vs Celery vs Workers
Background tasks in FastAPI are convenient but limited. Celery adds reliability but complexity. Knowing when to use each — and when to use neither — is a Staff-level decision.
Staff Prep 11: API Design — Pagination, Filtering & Error Handling at Scale
OFFSET pagination silently degrades past page 100 and breaks under concurrent inserts. Cursor pagination fixes both. Here is the complete implementation with filtering.
Staff Prep 12: Rate Limiting & Throttling — Token Bucket, Sliding Window & Redis
In-process rate limiting breaks with multiple workers. The token bucket algorithm is elegant but leaky under burst. Here is the complete Redis-backed implementation that actually holds.
Staff Prep 13: Caching Strategies — Redis Patterns & Invalidation
Cache-aside, write-through, write-behind — three patterns, three trade-offs. Thundering herd silenced with a distributed lock. Invalidation done without cascading failures.
Staff Prep 14: Auth & Authorization — JWT, OAuth2, RBAC vs ABAC
JWT is stateless but revocation is hard. OAuth2 is a framework, not a protocol. RBAC scales to hundreds of roles; ABAC scales to millions of policies. Here is the full picture.
Staff Prep 15: The Python GIL Explained — What It Is, When It Hurts, What Changed
The GIL prevents true thread parallelism for CPU-bound Python. But I/O-bound code is barely affected. Python 3.13 makes the GIL optional. Here is what you actually need to know.
Staff Prep 16: asyncio Deep Dive — Event Loop, Tasks & Common Pitfalls
Coroutines, tasks, futures, and the event loop are not the same thing. Understanding the distinction prevents the subtle bugs that bring down async Python services in production.
Staff Prep 17: FastAPI Internals — Routing, DI, and Performance Tuning
FastAPI is thin over Starlette. Understanding what FastAPI adds — and what it costs — lets you build faster, debug middleware ordering issues, and tune dependency injection.
Staff Prep 18: Task Queues & Celery — Broker, Workers & Idempotency
Celery architecture from broker to backend. Prefetch_multiplier is the most important setting nobody configures correctly. And every task must be idempotent — here is how.
Staff Prep 19: Connection Pooling & SQLAlchemy — Pool Sizing & Leaks
Wrong pool_size causes connection exhaustion. max_overflow silently allows connection spikes. Connection leaks are invisible until your database refuses connections. Here is the complete guide.
Staff Prep 20: API Design at Scale — Idempotency, ETags & Versioning
Network is unreliable. Without idempotency keys, retries cause duplicate orders. Without ETags, clients fetch stale data unnecessarily. Without versioning strategy, every breaking change is an outage.