Part II. Dockerize SPA based on Nginx +VueJs+Python-Sanic. Python API.

In this article we build and adjust to container a simple API using asynchronous python framework Sanic.

In an Article I, we have built the “skeleton” for our future SPA. We have already mounted PostgreSQL, Redis, Nginx, and Adminer (tool for DB management) containers. In this part, we will develop container with python code for /api/* routes and cover it with tests.


If you have no time to read, just exec next bash commands:
cd ~
git clone
cd vue-sanic-spa
docker-compose up  -d
and run a browser with the http://localhost.

Briefly let’s talk about what we will do in this part.

  • Our back-end should accept POST request for /api/v1.0/user/auth route with data contains username and password. If the user exists in the database, it should create unique token key save to Redis and give this token in JSON response.
  • If requested data is invalid back-end should return proper error(s) in JSON format.
  • Stage 1: Before we will start…

    On developing stage there are a lot of things that can make you “bored”. As an instance when you have a deal with docker you should type mass of commands that is a bit “talkative”. I have found useful to apply "make" utility for making short alias for long commands. In the root directory of the project I have placed next Makefile:
    include .env
    	docker-compose up -d
    	docker-compose up -d --force-recreate --build
    	docker-compose stop
    	export PGPASSWORD=${POSTGRES_PASSWORD}; docker exec -it test_db psql -U ${POSTGRES_USER} ${POSTGRES_DB}
    	docker exec -it test_redis  /usr/local/bin/redis-cli
    	docker exec -it test_api pytest 
    	docker exec -it $(c) /bin/bash
    So with that commands it is possible to save time:
    • make up — just start all containers, whereas make upb —start and rebuild them;
    • make stop — obviously will stop containers;
    • make db — the way how to connect to working “db” container and automatically connect to the database with the psql utility. We include all variables from .env file, so we can use all of them in instructions;
    • make r — quickest way to get access to redis storage with redis-cli;
    • make test — runs all unit/integrity tests directly inside the container;
    • make b — is a way quickly connect to bash console for a specific container. (an example: make b c=test_api will connect to bash console of the container with name “test_api”).
    • Stage 2: Creating minimal API with Sanic-Framework

      So create api/requirements.txt file:
      Before we start to make the logic of API, we should create a minimal working Sanic application put it into the container and setting up route proxy for Nginx. I have got the “hello world” example here make some minor changes and save it to app/
      import os
      from sanic.response import json
      import application
      app = application.create('api')
      async def test(request):
          return json({"hello": "world!"})
      if __name__ == "__main__":                
          debug_mode =  os.getenv('API_MODE', '') == 'dev'   

      Also, we need a container for our API. So place the Dockerfile with
      FROM python:3.6.7-slim-stretch
      WORKDIR /app
      RUN apt-get update
      RUN apt-get -y install gcc
      COPY requirements.txt /tmp
      RUN pip install -r /tmp/requirements.txt
      VOLUME [ "/app" ]
      EXPOSE 8000
      CMD ["python", ""]
      into “/api” directory.

      Clarification for Dockerfile

      In Dockerfile we have got the latest official stable image of python3.6 and added some software that would be used by some python packages. Inside the container, we have defined the “/app” directory as “workdir”. Also, we have given instruction to docker to execute command “python” at the moment when the container will start.

      Stage 3: add new API container to the docker-compose.yml

      We should add some lines into the section “services” of our main docker-compose.yml file:
          container_name: test_api
            context: ./api
          tty: true
          restart: always
            - "./api:/app"    
            - internal
            - .env
            - "8000:8000"
      In the instructions above we:
      • line 5 makes possible for us in the future to be attached and detached (with CTRL+C) from main docker process (python ) for debugging purpose;
      • line 8 “shares” content of “api” directory on the host machine with /app directory on the container;
      • line 12 makes available the environment variables from .env file to the application inside the container.

      Stage 4: Tuning nginx for API.

      Add next block of Nginx-configuration into nginx/server.conf file:
      location /api {            
              rewrite /api$     /    break;  
              rewrite /api/(.*) /$1  break;  
              proxy_redirect     off;
              proxy_set_header   Host                 $host;
              proxy_set_header   X-Real-IP            $remote_addr;
              proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
              proxy_set_header   X-Forwarded-Proto    $scheme;
              proxy_set_header Host $http_host;
              proxy_pass http://api:8000;
      Now restart and rebuild containers with “make upb” command and go to the http://localhost/api in a browser. You should see: {“hello”: ”world”}.

      Stage 5: Developing API and database migration hook.

      Into api directory place
      import os
      import asyncpg
      import asyncio_redis
      from sanic import Sanic, Blueprint
      from views import user
      from migration import SCHEMA, LATEST_VERSION
      def create(*args, **kwargs):
          app = Sanic(*args, **kwargs)
          return app
      def before_server_start(app):
          async def run(app, loop):
              app.db = await asyncpg.create_pool(dsn, loop=loop, max_size=80)
              app.redis = await asyncio_redis.Pool.create(host='redis', poolsize=10)
              await db_migrate(app, SCHEMA, LATEST_VERSION)
      def after_server_stop(app):
          async def run(app, loop):
              await app.db.close()
      def init_blueprints(app):
          v1_0 = Blueprint('api', url_prefix='/v1.0')
          v1_0.add_route(user.Auth.as_view(), '/user/auth')
      async def db_migrate(app, schema, version):
          async with app.db.acquire() as conn:
              result = await conn.fetchval(
                  select table_name from information_schema.tables
                  where table_schema='public' and table_name = $1
                  """, 'versions'
              if result is None:
                  num = 0
                  num = await conn.fetchval("select id from versions limit 1")
              async with conn.transaction():
                  while version > num:
                      num += 1
                      for sql in schema[num]['up']:
                          await conn.execute(*sql)
                      await conn.execute('update versions set id=$1', num)
                  while version < num:
                      for sql in schema[num]['down']:
                          await conn.execute(*sql)
                      num -= 1
                      if num > 0:
                          await conn.execute('update versions set id=$1', num)
      In was defined “create” function (pattern fabric). This function returns an instance of Sanic application. Pay attention for lines 20–23. In those lines we concatenate Data Source Name (DSN) string and use some container’s environment variables. As you can see, we hard-coded “db” as an alias for the host database. It should be the same name as PostgreSQL container was named in docker-compose.yml file in section services. Check that host for redis connection is also hard-coded in the same way (line 26).

      If docker containers are belong to the same network (in our case both is in “internal” network) docker automatically resolve “DSN” to proper IP address

      Pay attention to db_migrate function. Of course, there is a lot of solution for database migration purpose out there. Most popular in Python world is Alembic. But when we get a deal with microservice architecture, I think simpler solutions are better and faster. That is why I don’t have used Sqlalchemy in this case. So, we have

      import os
      from passlib.handlers.pbkdf2 import pbkdf2_sha256
      SCHEMA = {
          2: {
              'up': [
                      CREATE TABLE users(
                       id BIGSERIAL PRIMARY KEY,
                       email VARCHAR (64) UNIQUE NOT NULL,
                       password TEXT NOT NULL,
                       created_on TIMESTAMP default (now() at time zone 'utc'),
                       confirmed BOOLEAN default false
                  ["INSERT INTO users (email, password) values ($1, $2)",
                  ["CREATE INDEX idx_users_email ON users(email);"],
              'down': [
                  ["DROP INDEX idx_users_email"],
                  ["DROP TABLE users;"],
          1: {
              'up': [
                  ["CREATE TABLE versions( id integer NOT NULL);"],
                  ["INSERT INTO versions VALUES ($1);", 1]
              'down': [
                  ["DROP TABLE versions;"],
      A key feature of the migration mechanism is the value of LATEST_VERSION. When our application will start, LATEST_VERSION value would be compared to the previous version that stored in the database table. If it greater then application runs all SQL-instructions from key “up” and, runs all SQL-instructions from key “down” otherwise.

      The logic of authorization is plain:

      import ujson
      import uuid
      from marshmallow.validate import Length
      from passlib.handlers.pbkdf2 import pbkdf2_sha256
      from sanic.views import HTTPMethodView
      from marshmallow import Schema, fields
      from sanic.response import json
      class UserSchema(Schema):
          id = fields.Integer(required=True)
          email = fields.Email(required=True)
          password = fields.String(required=True, validate=[Length(min=4)])
      class Auth(HTTPMethodView):
          async def get(self, request):
              return json({"hello": "world"})
          async def post(self, request):
              res, errs = UserSchema(exclude=['id']).load(request.json)
              if errs:
                  return json({"valid": False, "data": errs}, status=400)
              async with as conn:
                  _user = await conn.fetchrow('''
                  SELECT * FROM users WHERE email=$1
                  ''', res['email'])
              if not (
                      _user and
                      pbkdf2_sha256.verify(res['password'], _user['password'])
                  return json({
                      "valid": False,
                      "data": 'Wrong email or password'
                  }, status=401)
              data = UserSchema(exclude=['password']).dump(_user).data
              token = uuid.uuid4().hex
              await, ujson.dumps(data))
              return json({"valid": True, "data": {"access_token": token}})

      Some integration tests expose here:

      import os
      def test_user_auth_successfully(app):
          data = {
              'email': os.getenv('API_ADMIN_EMAIL'),
              'password': os.getenv('API_ADMIN_PASSWORD')
          req, res ='/v1.0/user/auth', json=data)
          assert res.status == 200
          assert res.json['valid']
          assert 'access_token' in res.json['data']
          assert res.json['data']['access_token'] is not None
      It is hard to place each piece of code here, so I have created a pull request for all changes that was done in this article compared to the previous one.

      To be continued . ..