Part 1, Chapter 1

By the end of this course, you will have added token-based user authentication to a Flask app, using JSON Web Tokens (JWTs), and configured a React app to handle client-side authentication.

The API itself will follow RESTful design principles, using the basic HTTP verbs: GET, POST, PUT, and DELETE.

Endpoint HTTP Method CRUD Method Result
/auth/register POST CREATE register a new user
/auth/login POST CREATE log a user in
/auth/refresh POST CREATE obtain a new access token
/auth/status GET READ check user status
/users GET READ get all users
/users/:id GET READ get a single user
/users POST CREATE add a user
/users/:id PUT UPDATE update a user
/users/:id DELETE DELETE delete a user

The final app will consist of two microservices:

  1. The first microservice is the back-end authentication service. It will be built with Python, Flask, Flask-RESTX, and Postgres. We'll use pytest instead of unittest for writing unit and integration tests to test the Flask API. Finally, to add token-based authentication, we'll use the Flask-Bcrypt and PyJWT packages.
  2. The second microservice is the client application that will use JavaScript and React.

Both services will use Docker so we can quickly get our local development environment up and running. Source code will be stored on a GitLab repository. We'll also take advantage of the CI features on GitLab. For practicing Test-Driven Development, we'll use Jest (a JavaScript test runner) and React Testing Library (a testing library designed specifically for React) for client-side unit and integration tests and pytest for server-side unit and integration tests.

Before diving in, let's take a minute to go over why some of the above tools are being used.


Flask and Django are the two most popular Python web frameworks. Django is older and more mature than Flask, but it's also more opinionated. On the other hand, Flask is lighter weight so it doesn't make many decisions for you. You get to decide how you want to implement things. At its core, Flask is simple yet extensible, which is perfect for developing RESTful APIs and microservices.

For more, review Django vs. Flask: Which Framework to Choose.


Flask-RESTX is a community-driven fork of Flask-RESTPlus that makes it easy to build and document RESTful APIs with Flask.


Docker is a container platform used to streamline application development and deployment workflows across various environments. It's used to package application code, dependencies, and system tools into lightweight containers that can be moved from development machines to production servers quickly and easily.


pytest is a test framework for Python that makes it easy (and fun!) to write, organize, and run tests. When compared to unittest, from the Python standard library, pytest:

  1. Requires less boilerplate code so your test suites will be more readable.
  2. Supports the plain assert statement, which is far more readable and easier to remember compared to the assertSomething methods -- like assertEquals, assertTrue, and assertContains -- in unittest.
  3. Is updated more frequently since it's not part of the Python standard library.
  4. Simplifies setting up and tearing down test state with its fixture system.
  5. Uses a functional approach.


According to the 2022 State of JavaScript Survey, React, Angular, and Vue are the three most popular front-end JavaScript frameworks (when it comes to usage). They are primarily used for developing rich single-page-applications (SPAs). React is the most popular of the three and arguably the easiest to learn.

React is technically not a framework; it's a view library. That said, when coupled with Create React App and React Router it can be considered more of a framework.

React Testing Library

As mentioned, React Testing Library (RTL) is a testing library designed specifically for React. It helps reduce the amount of boilerplate needed and provides a nice utility library, making it easier to write tests. When it comes to utility libraries, Enzyme is really your only other option. While Enzyme focuses on testing state and props, RTL focuses more on testing end user behavior. RTL has a much lower barrier to entry since it's less flexible and provides much fewer testing methods and options.


GitLab is a web-based solution for managing the full software development lifecycle. Along with source code management, GitLab provides a number of project management and DevOps-related services, like Kanban boards, package management, logging and monitoring, continuous integration and delivery, secrets management, and container orchestration.

For more, review GitLab Features.


Heroku is a cloud Platform as a Service (PaaS) that provides hosting for web applications. They offer abstracted environments where you don't have to manage the underlying infrastructure, making it easy to manage, deploy, and scale web applications. With just a few clicks you can have your app up and running, ready to receive traffic.

Mark as Completed