← Cheatsheets
Tags: python, fastapi, flask, api, type-hints,
dependency-injection, middleware, async
Last updated: 2026-06-26
Python (FastAPI / Flask) Cheatsheet
Quick Reference
| Concept | FastAPI | Flask |
| Route |
@app.get("/") |
@app.route("/") |
| Path param |
def get(id: int) |
def get(id): |
| Query param |
def get(q: str = "") |
request.args.get("q") |
| Body |
def post(body: Item) |
request.get_json() |
| Async |
async def get() |
Manual (Quart/gevent) |
| DI |
Depends() |
Manual / extensions |
| Validation |
Pydantic |
Manual / marshmallow |
| Auto-docs |
/docs, /redoc |
Flask-RESTX |
FastAPI
Routes & Path Operations
from fastapi import FastAPI
app = FastAPI()
@app.get("/items/{item_id}")
async def get_item(item_id: int, q: str | None = None):
return {"id": item_id, "q": q}
@app.post("/items", status_code=201)
async def create_item(item: Item) -> Item:
return item
Request Body (Pydantic)
from pydantic import BaseModel, Field
class Item(BaseModel):
name: str = Field(..., min_length=1, max_length=100)
price: float = Field(..., gt=0)
tags: list[str] = []
@app.post("/items")
async def create(item: Item): ...
Dependency Injection
from fastapi import Depends, Header, HTTPException
async def get_token(auth: str = Header()) -> str:
if not auth.startswith("Bearer "):
raise HTTPException(401, "Missing token")
return auth.split(" ")[1]
@app.get("/users/me")
async def me(token: str = Depends(get_token)):
return {"token": token}
Middleware
from starlette.middleware.base import BaseHTTPMiddleware
class TimingMiddleware(BaseHTTPMiddleware):
async def dispatch(self, request, call_next):
start = time.time()
response = await call_next(request)
response.headers["X-Response-Time"] = \
str(time.time() - start)
return response
app.add_middleware(TimingMiddleware)
Flask
Routes
from flask import Flask, request, jsonify
app = Flask(__name__)
@app.route("/items/<int:item_id>")
def get_item(item_id):
q = request.args.get("q")
return jsonify({"id": item_id, "q": q})
@app.route("/items", methods=["POST"])
def create_item():
data = request.get_json()
return jsonify(data), 201
Middleware (Hooks)
@app.before_request
def before():
g.start = time.time()
@app.after_request
def after(response):
elapsed = time.time() - g.start
response.headers["X-Response-Time"] = \
f"{elapsed:.3f}s"
return response
Validation (marshmallow)
from marshmallow import Schema, fields, validate
class ItemSchema(Schema):
name = fields.Str(required=True,
validate=validate.Length(1, 100))
price = fields.Float(required=True,
validate=validate.Range(min=0))
Tips
- FastAPI: Use
response_model to
automatically filter and validate response schemas.
- FastAPI: Prefer
async def for
I/O-heavy endpoints.
- Flask: Use
app.config.from_object() for configuration.
- Both: Use environment variables for secrets.