How to make a large file accessible to external APIs?

by

Returning a File Response

First, to return a file that is saved on disk from a FastAPI backend, you could use FileResponse (in case the file was already fully loaded into memory, see here). For example:

from fastapi import FastAPI
from fastapi.responses import FileResponse

some_file_path = "large-video-file.mp4"
app = FastAPI()

@app.get("/")
def main():
    return FileResponse(some_file_path)

In case the file is too large to fit into memory—as you may not have enough memory to handle the file data, e.g., if you have 16GB of RAM, you can’t load a 100GB file—you could use StreamingResponse. That way, you don’t have to read it all first in memory, but, instead, load it into memory in chunks, thus processing the data one chunk at a time. Example is given below. If you find yield from f being rather slow when using StreamingResponse, you could instead create a custom generator, as described in this answer.

from fastapi import FastAPI
from fastapi.responses import StreamingResponse

some_file_path = "large-video-file.mp4"
app = FastAPI()

@app.get("/")
def main():
    def iterfile():
        with open(some_file_path, mode="rb") as f:
            yield from f

    return StreamingResponse(iterfile(), media_type="video/mp4")

Exposing the API to the public

As for exposing your API to the public—i.e., external APIs, users, developers, etc.—you can use ngrok (or expose, as suggested in this answer).

Ngrok is a cross-platform application that enables developers to expose a local development server to the Internet with minimal effort. To embed the ngrok agent into your FastAPI application, you could use pyngrok—as suggested here (see here for a FastAPI integration example). If you would like to run and expose your FastAPI app through Google Colab (using ngrok), instead of your local machine, please have a look at this answer (plenty of tutorials/examples can also be found on the web).

If you are looking for a more permanent solution, you may want to have a look at cloud platforms—more specifically, a Platform as a Service (PaaS). I would strongly recommend you thoroughly read FastAPI’s Deployment documentation. Have a closer look at About HTTPS and Deployments Concepts.

Important to note

By exposing your API to the outside world, you are also exposing it to various forms of attack. Before exposing your API to the public—even if it’s for free—you need to make sure you are offering secure access (use HTTPS), as well as authentication (verify the identity of a user) and authorisation (verify their access rights; in other words, verify what specific routes, files and data a user has access to)—take a look at 1. OAuth2 and JWT tokens, 2. OAuth2 scopes, 3. Role-Based Access Control (RBAC), 4. Get Current User and How to Implement Role based Access Control With FastAPI.

Addtionally, if you are exposing your API to be used publicly, you may want to limit the usage of the API because of expensive computation, limited resources, DDoS attacks, Brute-force attacks, Web scraping, or simply due to monthly cost for a fixed amount of requests. You can do that at the application level using, for instance, slowapi (related post here), or at the platform level by setting the rate limit through your hosting service (if permitted). Furthermore, you would need to make sure that the files uploaded by users have the permitted file extension, e.g., .mp4, and are not files with, for instance, a .exe extension that are potentially harmful to your system. Finally, you would also need to ensure that the uploaded files do not exceed a predefined MAX_FILE_SIZE limit (based on your needs and system’s resources), so that authenticated users, or an attacker, would be prevented from uploading extremely large files that would result in consuming server resources in a way that the application may end up crashing. You shouldn’t rely, though, on the Content-Length header being present in the request to do that, as this might be easily altered, or even removed, by the client. You should rather use an approach similar to this answer (have a look at the “Update” section) that uses request.stream() to process the incoming data in chunks as they arrive, instead of loading the entire file into memory first. By using a simple counter, e.g., total_len += len(chunk), you can check if the file size has exceeded the MAX_FILE_SIZE, and if so, raise an HTTPException with HTTP_413_REQUEST_ENTITY_TOO_LARGE status code (see this answer as well, for more details and code examples).

Read more on FastAPI’s Security documentation and API Security on Cloudflare.

More Related Contents:

  1. How to post JSON data to FastAPI and retrieve the JSON data inside the endpoint?
  2. How to define multiple API endpoints in FastAPI with different paths but the same path parameter?
  3. How to forward FastAPI requests to another server?
  4. Making a request to a RESTful API using python
  5. How to add both file and JSON body in a FastAPI POST request?
  6. Sharing python objects across multiple workers
  7. Render NumPy array in FastAPI
  8. can you add HTTPS functionality to a python flask web server?
  9. FastAPI asynchronous background tasks blocks other requests?
  10. Python: FastAPI error 422 with POST request when sending JSON data
  11. How to Upload a large File (≥3GB) to FastAPI backend?
  12. How to log raw HTTP request/response in Python FastAPI?
  13. FastAPI – How to get the response body in Middleware
  14. How do I get my FastAPI application’s console log in JSON format with a different structure and different fields?
  15. How to send a FastAPI response without redirecting the user to another page?
  16. How to exclude Optional unset values from a Pydantic model using FastAPI?
  17. How to use a Pydantic model with Form data in FastAPI?
  18. How to save an uploaded image to FastAPI using Python Imaging Library (PIL)?
  19. Python POST binary data
  20. Does Django have a way to open a HTTP long poll connection?
  21. How to use url_for() to pass path and query data to a route using FastAPI and Jinja2?
  22. Value is not a valid dict when posting JSON data through Postman to FastAPI backend
  23. How to return a custom 404 Not Found page using FastAPI?
  24. How to customise error response for a specific route in FastAPI?
  25. How to pass URL as a path parameter to a FastAPI route?
  26. How to submit HTML form value using FastAPI and Jinja2 Templates?
  27. How to stream DataFrame using FastAPI without saving the data to csv file?
  28. How do I send list of dictionary as Body parameter together with Files in FastAPI?
  29. Redirect to login page if user not logged in using FastAPI-Login package
  30. How to return and download Excel file using FastAPI?

Leave a Comment