Claude-skill-registry fastapi-dependency-injection
Master FastAPI dependency injection for building modular, testable APIs.
install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/fastapi-dependency-injection" ~/.claude/skills/majiayu000-claude-skill-registry-fastapi-dependency-injection && rm -rf "$T"
manifest:
skills/data/fastapi-dependency-injection/SKILL.mdsource content
FastAPI Dependency Injection
Master FastAPI's dependency injection system for building modular, testable APIs with reusable dependencies.
Basic Dependencies
Simple dependency injection patterns in FastAPI.
from fastapi import Depends, FastAPI app = FastAPI() def get_db(): db = Database() try: yield db finally: db.close() @app.get('/users') async def get_users(db = Depends(get_db)): return await db.query('SELECT * FROM users') # Simple function dependency def common_parameters(q: str = None, skip: int = 0, limit: int = 100): return {'q': q, 'skip': skip, 'limit': limit} @app.get('/items') async def read_items(commons: dict = Depends(common_parameters)): return commons # Async dependencies async def get_async_db(): db = await AsyncDatabase.connect() try: yield db finally: await db.disconnect() @app.get('/async-users') async def get_async_users(db = Depends(get_async_db)): return await db.fetch_all('SELECT * FROM users')
Dependency Scopes
Understand dependency lifecycle and caching.
from fastapi import Depends # Request-scoped dependency (default, cached per request) def get_current_user(token: str = Depends(oauth2_scheme)): user = decode_token(token) return user # Multiple uses in same request reuse the same instance @app.get('/profile') async def get_profile( user1 = Depends(get_current_user), user2 = Depends(get_current_user) # Same instance as user1 ): assert user1 is user2 # True return user1 # No caching (use_cache=False) def get_fresh_data(use_cache: bool = False): return fetch_from_api() @app.get('/data') async def get_data(data = Depends(get_fresh_data, use_cache=False)): return data # Fetches fresh data each time # Singleton pattern (application scope) class Settings: def __init__(self): self.app_name = "MyApp" self.admin_email = "admin@example.com" settings = Settings() # Created once at startup def get_settings(): return settings @app.get('/settings') async def read_settings(settings: Settings = Depends(get_settings)): return settings
Sub-Dependencies
Build complex dependency chains.
from fastapi import Depends, HTTPException, status # Sub-dependency chain def get_db(): db = Database() try: yield db finally: db.close() def get_current_user( token: str = Depends(oauth2_scheme), db = Depends(get_db) ): user = db.query_one('SELECT * FROM users WHERE token = ?', token) if not user: raise HTTPException(status_code=401, detail='Invalid token') return user def get_current_active_user( current_user = Depends(get_current_user) ): if not current_user.is_active: raise HTTPException(status_code=400, detail='Inactive user') return current_user def get_admin_user( current_user = Depends(get_current_active_user) ): if not current_user.is_admin: raise HTTPException(status_code=403, detail='Not authorized') return current_user # Use in endpoint @app.delete('/users/{user_id}') async def delete_user( user_id: int, admin = Depends(get_admin_user), db = Depends(get_db) ): await db.execute('DELETE FROM users WHERE id = ?', user_id) return {'status': 'deleted'}
Class-Based Dependencies
Use classes for stateful dependencies.
from fastapi import Depends class Database: def __init__(self, connection_string: str): self.connection_string = connection_string self.connection = None async def connect(self): self.connection = await create_connection(self.connection_string) return self async def disconnect(self): if self.connection: await self.connection.close() async def fetch_all(self, query: str): return await self.connection.fetch_all(query) # Callable class (using __call__) class DatabaseDependency: def __init__(self): self.db = None async def __call__(self): if not self.db: self.db = Database('postgresql://localhost/db') await self.db.connect() return self.db db_dependency = DatabaseDependency() @app.get('/users') async def get_users(db = Depends(db_dependency)): return await db.fetch_all('SELECT * FROM users') # Class with initialization parameters class Pagination: def __init__(self, skip: int = 0, limit: int = 100): self.skip = skip self.limit = limit @app.get('/items') async def get_items(pagination: Pagination = Depends()): return {'skip': pagination.skip, 'limit': pagination.limit} # Advanced class-based dependency with configuration class ServiceClient: def __init__( self, api_key: str, timeout: int = 30, max_retries: int = 3 ): self.api_key = api_key self.timeout = timeout self.max_retries = max_retries self.client = None async def __call__(self): if not self.client: self.client = await create_http_client( api_key=self.api_key, timeout=self.timeout ) return self.client # Factory function for configurable class-based dependency def create_service_dependency(api_key: str): return ServiceClient(api_key=api_key, timeout=60) service = create_service_dependency('my-api-key') @app.get('/external-data') async def get_external_data(client = Depends(service)): return await client.fetch('/data')
Generator Dependencies for Cleanup
Use generator functions to ensure proper resource cleanup.
from contextlib import asynccontextmanager from fastapi import Depends import httpx # Database connection with cleanup async def get_db_connection(): connection = await Database.connect('postgresql://localhost/db') try: yield connection finally: await connection.close() print('Database connection closed') # HTTP client with cleanup async def get_http_client(): async with httpx.AsyncClient(timeout=30.0) as client: yield client # Client automatically closed after yield @app.get('/external-api') async def call_external_api(client = Depends(get_http_client)): response = await client.get('https://api.example.com/data') return response.json() # File handle with cleanup async def get_file_writer(filename: str): file = await aiofiles.open(filename, mode='a') try: yield file finally: await file.close() # Multiple resources with cleanup async def get_resources(): db = await Database.connect('postgresql://localhost/db') cache = await Redis.connect('redis://localhost') logger = Logger('app') try: yield {'db': db, 'cache': cache, 'logger': logger} finally: await cache.close() await db.close() logger.shutdown() @app.post('/process') async def process_data( data: dict, resources = Depends(get_resources) ): db = resources['db'] cache = resources['cache'] logger = resources['logger'] logger.info('Processing data') result = await db.save(data) await cache.invalidate('data_cache') return result # Context manager as dependency @asynccontextmanager async def transaction_context(db = Depends(get_db)): async with db.begin() as transaction: try: yield transaction await transaction.commit() except Exception: await transaction.rollback() raise async def get_transaction(db = Depends(get_db)): async with transaction_context(db) as txn: yield txn @app.post('/transfer') async def transfer_funds( from_account: int, to_account: int, amount: float, txn = Depends(get_transaction) ): await txn.execute( 'UPDATE accounts SET balance = balance - ? WHERE id = ?', amount, from_account ) await txn.execute( 'UPDATE accounts SET balance = balance + ? WHERE id = ?', amount, to_account ) return {'status': 'success'}
Dependency Chains and Sub-Dependencies
Build complex dependency hierarchies.
from fastapi import Depends, HTTPException from typing import Optional # Level 1: Configuration def get_config(): return { 'database_url': 'postgresql://localhost/db', 'redis_url': 'redis://localhost', 'secret_key': 'super-secret' } # Level 2: Infrastructure (depends on config) def get_db(config: dict = Depends(get_config)): db = Database(config['database_url']) try: yield db finally: db.close() def get_cache(config: dict = Depends(get_config)): cache = Redis(config['redis_url']) try: yield cache finally: cache.close() # Level 3: Authentication (depends on infrastructure) def get_token_from_header(authorization: str = Header(None)): if not authorization: raise HTTPException(status_code=401, detail='Missing token') scheme, token = authorization.split() if scheme.lower() != 'bearer': raise HTTPException(status_code=401, detail='Invalid scheme') return token def verify_token( token: str = Depends(get_token_from_header), config: dict = Depends(get_config) ): try: payload = jwt.decode( token, config['secret_key'], algorithms=['HS256'] ) return payload except JWTError: raise HTTPException(status_code=401, detail='Invalid token') def get_current_user( payload: dict = Depends(verify_token), db = Depends(get_db) ): user_id = payload.get('user_id') user = db.query_one('SELECT * FROM users WHERE id = ?', user_id) if not user: raise HTTPException(status_code=404, detail='User not found') return user # Level 4: Authorization (depends on authentication) def get_active_user(user = Depends(get_current_user)): if not user.is_active: raise HTTPException(status_code=403, detail='Inactive user') return user def require_permission(permission: str): def permission_checker(user = Depends(get_active_user)): if permission not in user.permissions: raise HTTPException( status_code=403, detail=f'Permission {permission} required' ) return user return permission_checker # Level 5: Business logic (depends on authorization) def get_user_service( db = Depends(get_db), cache = Depends(get_cache), current_user = Depends(get_active_user) ): return UserService(db=db, cache=cache, user=current_user) # Use in endpoint @app.post('/users/{user_id}/deactivate') async def deactivate_user( user_id: int, admin = Depends(require_permission('users.deactivate')), service = Depends(get_user_service) ): result = await service.deactivate_user(user_id) return result
OAuth2 Dependencies
Implement OAuth2 authentication with dependencies.
from fastapi import Depends, HTTPException, status from fastapi.security import ( OAuth2PasswordBearer, OAuth2PasswordRequestForm, HTTPBearer, HTTPAuthorizationCredentials ) from datetime import datetime, timedelta from jose import JWTError, jwt # OAuth2 with password flow oauth2_scheme = OAuth2PasswordBearer(tokenUrl='token') SECRET_KEY = 'your-secret-key-here' ALGORITHM = 'HS256' ACCESS_TOKEN_EXPIRE_MINUTES = 30 def create_access_token(data: dict, expires_delta: timedelta = None): to_encode = data.copy() if expires_delta: expire = datetime.utcnow() + expires_delta else: expire = datetime.utcnow() + timedelta(minutes=15) to_encode.update({'exp': expire}) encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM) return encoded_jwt async def get_current_user_from_token( token: str = Depends(oauth2_scheme), db = Depends(get_db) ): credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail='Could not validate credentials', headers={'WWW-Authenticate': 'Bearer'}, ) try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) user_id: str = payload.get('sub') if user_id is None: raise credentials_exception except JWTError: raise credentials_exception user = await db.get_user_by_id(user_id) if user is None: raise credentials_exception return user # OAuth2 with bearer token bearer_scheme = HTTPBearer() async def verify_bearer_token( credentials: HTTPAuthorizationCredentials = Depends(bearer_scheme) ): token = credentials.credentials try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) return payload except JWTError: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid authentication credentials' ) # OAuth2 with scopes from fastapi.security import OAuth2PasswordBearer, SecurityScopes oauth2_scheme_scopes = OAuth2PasswordBearer( tokenUrl='token', scopes={ 'users:read': 'Read user information', 'users:write': 'Modify user information', 'admin': 'Admin access' } ) async def get_current_user_with_scopes( security_scopes: SecurityScopes, token: str = Depends(oauth2_scheme_scopes), db = Depends(get_db) ): if security_scopes.scopes: authenticate_value = f'Bearer scope="{security_scopes.scope_str}"' else: authenticate_value = 'Bearer' credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail='Could not validate credentials', headers={'WWW-Authenticate': authenticate_value}, ) try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) user_id: str = payload.get('sub') if user_id is None: raise credentials_exception token_scopes = payload.get('scopes', []) except JWTError: raise credentials_exception user = await db.get_user_by_id(user_id) if user is None: raise credentials_exception for scope in security_scopes.scopes: if scope not in token_scopes: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail='Not enough permissions', headers={'WWW-Authenticate': authenticate_value}, ) return user # Use with scopes @app.get('/users/me', dependencies=[Security( get_current_user_with_scopes, scopes=['users:read'] )]) async def read_users_me( current_user = Depends(get_current_user_with_scopes) ): return current_user @app.put('/users/me', dependencies=[Security( get_current_user_with_scopes, scopes=['users:write'] )]) async def update_user_me( user_update: UserUpdate, current_user = Depends(get_current_user_with_scopes), db = Depends(get_db) ): updated_user = await db.update_user(current_user.id, user_update) return updated_user
Database Dependencies
Manage database connections with dependencies.
from fastapi import Depends from sqlalchemy.ext.asyncio import AsyncSession, create_async_engine from sqlalchemy.orm import sessionmaker # SQLAlchemy setup DATABASE_URL = 'postgresql+asyncpg://user:pass@localhost/db' engine = create_async_engine(DATABASE_URL, echo=True) AsyncSessionLocal = sessionmaker(engine, class_=AsyncSession, expire_on_commit=False) # Dependency async def get_db() -> AsyncSession: async with AsyncSessionLocal() as session: try: yield session await session.commit() except Exception: await session.rollback() raise finally: await session.close() # Usage from sqlalchemy import select @app.get('/users/{user_id}') async def get_user(user_id: int, db: AsyncSession = Depends(get_db)): result = await db.execute(select(User).where(User.id == user_id)) user = result.scalar_one_or_none() if not user: raise HTTPException(status_code=404, detail='User not found') return user # With transaction @app.post('/users') async def create_user(user_data: UserCreate, db: AsyncSession = Depends(get_db)): user = User(**user_data.dict()) db.add(user) await db.flush() # Get the ID before commit return user
Authentication Dependencies
Implement authentication patterns.
from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm from jose import JWTError, jwt from passlib.context import CryptContext oauth2_scheme = OAuth2PasswordBearer(tokenUrl='token') pwd_context = CryptContext(schemes=['bcrypt'], deprecated='auto') SECRET_KEY = 'your-secret-key' ALGORITHM = 'HS256' # Token verification async def get_current_user( token: str = Depends(oauth2_scheme), db = Depends(get_db) ): credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail='Could not validate credentials', headers={'WWW-Authenticate': 'Bearer'}, ) try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) email: str = payload.get('sub') if email is None: raise credentials_exception except JWTError: raise credentials_exception user = await db.fetch_one('SELECT * FROM users WHERE email = ?', email) if user is None: raise credentials_exception return user # Active user check async def get_current_active_user( current_user = Depends(get_current_user) ): if not current_user.is_active: raise HTTPException(status_code=400, detail='Inactive user') return current_user # Role-based access def require_role(required_role: str): async def role_checker(current_user = Depends(get_current_active_user)): if current_user.role != required_role: raise HTTPException( status_code=403, detail=f'Role {required_role} required' ) return current_user return role_checker @app.get('/admin') async def admin_route(user = Depends(require_role('admin'))): return {'message': 'Admin access granted'}
Caching Dependencies
Implement caching patterns with dependencies.
from fastapi import Depends from functools import lru_cache import redis.asyncio as redis # In-memory cache @lru_cache() def get_settings(): return Settings() @app.get('/config') async def get_config(settings: Settings = Depends(get_settings)): return settings # Redis cache dependency class RedisCache: def __init__(self): self.redis = None async def get_connection(self): if not self.redis: self.redis = await redis.from_url('redis://localhost') return self.redis async def get(self, key: str): conn = await self.get_connection() value = await conn.get(key) return value.decode() if value else None async def set(self, key: str, value: str, expire: int = 3600): conn = await self.get_connection() await conn.set(key, value, ex=expire) cache = RedisCache() async def get_cache(): return cache @app.get('/cached-data/{key}') async def get_cached_data( key: str, cache: RedisCache = Depends(get_cache) ): value = await cache.get(key) if value: return {'value': value, 'cached': True} # Fetch and cache value = fetch_expensive_data(key) await cache.set(key, value) return {'value': value, 'cached': False}
Background Task Dependencies
Use dependencies with background tasks.
from fastapi import BackgroundTasks, Depends import asyncio async def send_email(email: str, message: str): # Simulate sending email await asyncio.sleep(2) print(f'Email sent to {email}: {message}') def get_email_service(): # Could return configured email service return send_email @app.post('/users') async def create_user( user: UserCreate, background_tasks: BackgroundTasks, email_service = Depends(get_email_service), db = Depends(get_db) ): user_obj = await db.create_user(user) background_tasks.add_task( email_service, user.email, 'Welcome to our service!' ) return user_obj # Complex background task with dependencies class EmailService: def __init__(self, db = Depends(get_db)): self.db = db async def send_welcome_email(self, user_id: int): user = await self.db.get_user(user_id) await send_email(user.email, f'Welcome {user.name}!') @app.post('/users/v2') async def create_user_v2( user: UserCreate, background_tasks: BackgroundTasks, db = Depends(get_db) ): user_obj = await db.create_user(user) email_service = EmailService(db) background_tasks.add_task( email_service.send_welcome_email, user_obj.id ) return user_obj # Background task with cleanup async def process_file_with_cleanup(file_path: str): try: # Process file await process_file(file_path) finally: # Cleanup os.remove(file_path) @app.post('/upload') async def upload_file( file: UploadFile, background_tasks: BackgroundTasks ): file_path = f'/tmp/{file.filename}' with open(file_path, 'wb') as f: f.write(await file.read()) background_tasks.add_task(process_file_with_cleanup, file_path) return {'status': 'processing'}
WebSocket Dependencies
Use dependencies with WebSocket connections.
from fastapi import WebSocket, Depends, WebSocketDisconnect from typing import List class ConnectionManager: def __init__(self): self.active_connections: List[WebSocket] = [] async def connect(self, websocket: WebSocket): await websocket.accept() self.active_connections.append(websocket) def disconnect(self, websocket: WebSocket): self.active_connections.remove(websocket) async def broadcast(self, message: str): for connection in self.active_connections: await connection.send_text(message) manager = ConnectionManager() def get_connection_manager(): return manager # WebSocket with authentication async def get_ws_current_user( websocket: WebSocket, token: str = Query(...), db = Depends(get_db) ): try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) user_id = payload.get('sub') user = await db.get_user_by_id(user_id) if not user: await websocket.close(code=1008) raise HTTPException(status_code=401, detail='Invalid token') return user except JWTError: await websocket.close(code=1008) raise HTTPException(status_code=401, detail='Invalid token') @app.websocket('/ws/{client_id}') async def websocket_endpoint( websocket: WebSocket, client_id: int, manager: ConnectionManager = Depends(get_connection_manager), user = Depends(get_ws_current_user) ): await manager.connect(websocket) try: while True: data = await websocket.receive_text() message = f'User {user.name}: {data}' await manager.broadcast(message) except WebSocketDisconnect: manager.disconnect(websocket) await manager.broadcast(f'User {user.name} left the chat') # WebSocket with database @app.websocket('/ws/messages/{room_id}') async def message_websocket( websocket: WebSocket, room_id: int, db = Depends(get_db), user = Depends(get_ws_current_user) ): await websocket.accept() # Send message history messages = await db.get_room_messages(room_id) await websocket.send_json(messages) try: while True: data = await websocket.receive_text() # Save to database message = await db.create_message( room_id=room_id, user_id=user.id, content=data ) await websocket.send_json(message) except WebSocketDisconnect: pass
Custom Dependency Providers
Create custom dependency injection patterns.
from typing import Callable, Type, TypeVar, Generic from fastapi import Depends T = TypeVar('T') # Dependency factory class DependencyFactory(Generic[T]): def __init__(self, dependency_class: Type[T], **kwargs): self.dependency_class = dependency_class self.kwargs = kwargs def __call__(self) -> T: return self.dependency_class(**self.kwargs) # Service locator pattern class ServiceLocator: def __init__(self): self._services = {} def register(self, name: str, service): self._services[name] = service def get(self, name: str): return self._services.get(name) def create_dependency(self, name: str): def get_service(): service = self.get(name) if service is None: raise ValueError(f'Service {name} not registered') return service return get_service # Initialize service locator locator = ServiceLocator() locator.register('db', Database('postgresql://localhost/db')) locator.register('cache', Redis('redis://localhost')) # Use in endpoint get_db_from_locator = locator.create_dependency('db') @app.get('/items') async def get_items(db = Depends(get_db_from_locator)): return await db.fetch_all('SELECT * FROM items') # Dependency provider with context class ContextualDependency: def __init__(self, request: Request): self.request = request self.context = {} def set(self, key: str, value): self.context[key] = value def get(self, key: str): return self.context.get(key) async def get_request_context(request: Request): context = ContextualDependency(request) context.set('request_id', str(uuid.uuid4())) context.set('timestamp', datetime.utcnow()) return context @app.get('/context-example') async def context_example(context = Depends(get_request_context)): return { 'request_id': context.get('request_id'), 'timestamp': context.get('timestamp') } # Lazy dependency loading class LazyDependency: def __init__(self, factory: Callable): self.factory = factory self._instance = None def __call__(self): if self._instance is None: self._instance = self.factory() return self._instance def create_expensive_service(): print('Creating expensive service...') return ExpensiveService() expensive_service = LazyDependency(create_expensive_service) @app.get('/expensive') async def use_expensive(service = Depends(expensive_service)): return service.do_work()
Scoped Dependencies Per Request
Manage request-scoped state and lifecycle.
from contextvars import ContextVar from fastapi import Depends, Request # Request-scoped storage using context variables request_id_var: ContextVar[str] = ContextVar('request_id') async def set_request_id(request: Request): request_id = request.headers.get('X-Request-ID', str(uuid.uuid4())) request_id_var.set(request_id) return request_id async def get_request_id(): return request_id_var.get() # Request-scoped logger class RequestLogger: def __init__(self, request_id: str = Depends(get_request_id)): self.request_id = request_id def info(self, message: str): print(f'[{self.request_id}] INFO: {message}') def error(self, message: str): print(f'[{self.request_id}] ERROR: {message}') @app.get('/scoped-logging') async def scoped_logging( request_id: str = Depends(set_request_id), logger: RequestLogger = Depends() ): logger.info('Processing request') # Do work logger.info('Request completed') return {'request_id': request_id} # Request-scoped unit of work pattern class UnitOfWork: def __init__(self, db = Depends(get_db)): self.db = db self.repositories = {} def get_repository(self, model_class): if model_class not in self.repositories: self.repositories[model_class] = Repository(self.db, model_class) return self.repositories[model_class] async def commit(self): await self.db.commit() async def rollback(self): await self.db.rollback() @app.post('/complex-transaction') async def complex_transaction( data: TransactionData, uow: UnitOfWork = Depends() ): try: user_repo = uow.get_repository(User) order_repo = uow.get_repository(Order) user = await user_repo.create(data.user) order = await order_repo.create(data.order, user_id=user.id) await uow.commit() return {'user': user, 'order': order} except Exception: await uow.rollback() raise
Global Dependencies with app.dependency_overrides
Use global dependency management and overrides.
from fastapi import FastAPI, Depends app = FastAPI() # Original dependencies def get_production_db(): return ProductionDatabase('postgresql://prod/db') def get_production_cache(): return RedisCache('redis://prod') # Default app setup @app.get('/data') async def get_data( db = Depends(get_production_db), cache = Depends(get_production_cache) ): cached = await cache.get('data') if cached: return cached data = await db.fetch_all('SELECT * FROM data') await cache.set('data', data) return data # Override for testing environment if os.getenv('ENVIRONMENT') == 'test': def get_test_db(): return TestDatabase(':memory:') def get_test_cache(): return InMemoryCache() app.dependency_overrides[get_production_db] = get_test_db app.dependency_overrides[get_production_cache] = get_test_cache # Override for development if os.getenv('ENVIRONMENT') == 'development': def get_dev_db(): return DevDatabase('postgresql://localhost/dev') app.dependency_overrides[get_production_db] = get_dev_db # Dynamic override based on request async def override_db_by_tenant(request: Request): tenant_id = request.headers.get('X-Tenant-ID') if tenant_id: return TenantDatabase(tenant_id) return get_production_db() # Conditional override def setup_dependencies(app: FastAPI, config: dict): if config.get('use_mock_db'): app.dependency_overrides[get_production_db] = lambda: MockDB() if config.get('use_local_cache'): app.dependency_overrides[get_production_cache] = lambda: LocalCache() # Clear overrides def clear_overrides(): app.dependency_overrides = {}
Testing with Dependencies
Override dependencies for testing.
from fastapi.testclient import TestClient # Original dependency def get_db(): db = ProductionDB() try: yield db finally: db.close() app.dependency_overrides = {} # Test with mock database def test_get_users(): def override_get_db(): return MockDB() app.dependency_overrides[get_db] = override_get_db client = TestClient(app) response = client.get('/users') assert response.status_code == 200 # Cleanup app.dependency_overrides = {} # Pytest fixture for dependency override import pytest @pytest.fixture def client(): def override_get_db(): return MockDB() app.dependency_overrides[get_db] = override_get_db client = TestClient(app) yield client app.dependency_overrides = {} def test_with_fixture(client): response = client.get('/users') assert response.status_code == 200
Global Dependencies
Apply dependencies to all routes.
from fastapi import FastAPI, Depends # Logging dependency async def log_request(request: Request): print(f'{request.method} {request.url}') # Rate limiting async def rate_limit(request: Request): client_ip = request.client.host # Check rate limit if is_rate_limited(client_ip): raise HTTPException(status_code=429, detail='Too many requests') # Apply globally app = FastAPI(dependencies=[Depends(log_request), Depends(rate_limit)]) # Apply to router router = APIRouter(dependencies=[Depends(get_current_user)]) @router.get('/protected-resource') async def protected_route(): return {'message': 'This requires authentication'} app.include_router(router)
When to Use This Skill
Use fastapi-dependency-injection when building modern, production-ready applications that require advanced patterns, best practices, and optimal performance.
FastAPI DI Best Practices
-
Use yield for cleanup - Always use yield for resources that need cleanup like database connections, file handles, and network connections to ensure proper resource management
-
Leverage caching - Use dependency caching (enabled by default) to avoid redundant work within a request; multiple uses of the same dependency in one request share the same instance
-
Chain dependencies - Build complex dependencies from simpler sub-dependencies to create composable, testable, and maintainable code structures
-
Class-based for state - Use classes for dependencies that maintain state or configuration, leveraging
method for callable instances__call__ -
Type hints everywhere - Always add type hints for better editor support, automatic validation, and improved documentation generation
-
Override for testing - Use dependency_overrides to inject mocks during testing without modifying production code
-
Global for cross-cutting - Apply common dependencies (logging, auth, rate limiting) globally or at router level to avoid repetition
-
Async when possible - Use async dependencies for I/O operations to maximize performance and concurrency benefits
-
Separate concerns - Keep authentication, authorization, and business logic in separate dependencies for better testability and reusability
-
Document dependencies - Add docstrings to explain complex dependency chains, especially when building multi-level hierarchies
-
Use Security utilities - Leverage FastAPI's security utilities like OAuth2PasswordBearer and HTTPBearer for authentication patterns
-
Validate early - Place validation dependencies early in the chain to fail fast and provide clear error messages
-
Keep dependencies pure - Dependencies should have minimal side effects; use background tasks for non-critical operations
-
Use context managers - Wrap dependencies in context managers when dealing with transactions or resource pools
-
Dependency composition - Compose larger dependencies from smaller, focused ones rather than creating monolithic dependencies
FastAPI DI Common Pitfalls
-
Forgetting yield - Not using yield means resources won't be cleaned up properly, leading to connection leaks and resource exhaustion
-
Circular dependencies - Creating dependency cycles causes infinite loops and stack overflow errors; design dependencies in a directed acyclic graph
-
Not using Depends() - Forgetting Depends() wrapper means function is called directly instead of being injected, breaking the dependency resolution
-
Overusing use_cache=False - Disabling cache unnecessarily hurts performance by creating multiple instances of the same dependency per request
-
Heavy dependencies - Putting too much logic in dependencies instead of services makes them hard to test and violates single responsibility
-
Not testing overrides - Forgetting to test with dependency_overrides means tests may use production resources instead of mocks
-
Mixing sync and async - Incorrectly mixing synchronous and asynchronous dependencies can block the event loop or cause runtime errors
-
Global state issues - Not properly managing singleton dependencies leads to shared state bugs in concurrent requests
-
Exception handling - Not handling exceptions in dependencies properly can leave resources in inconsistent states or leak connections
-
Type hint mistakes - Missing or incorrect type hints break dependency injection and automatic validation
-
Ignoring dependency order - Dependencies are executed in the order they appear in function signature; incorrect order can cause issues
-
Not cleaning test overrides - Forgetting to reset app.dependency_overrides after tests causes subsequent tests to fail
-
Overusing global dependencies - Applying too many dependencies globally can hurt performance and make debugging difficult
-
Memory leaks with generators - Not properly closing resources in finally block of generator dependencies causes memory leaks
-
Security misconfiguration - Using weak or missing security dependencies exposes endpoints to unauthorized access
Advanced Caching Patterns
Implement sophisticated caching strategies with dependencies.
from fastapi import Depends import hashlib import json # Multi-layer cache with fallback class CacheLayer: def __init__( self, memory_cache = Depends(get_memory_cache), redis_cache = Depends(get_redis_cache) ): self.memory = memory_cache self.redis = redis_cache async def get(self, key: str): # Try memory first value = self.memory.get(key) if value: return value # Try Redis value = await self.redis.get(key) if value: # Populate memory cache self.memory.set(key, value) return value return None async def set(self, key: str, value, ttl: int = 3600): self.memory.set(key, value, ttl=min(ttl, 300)) await self.redis.set(key, value, ttl=ttl) # Cache key generation def create_cache_key(*args, **kwargs): key_data = json.dumps({'args': args, 'kwargs': kwargs}, sort_keys=True) return hashlib.md5(key_data.encode()).hexdigest() # Dependency with automatic caching def cached_dependency(ttl: int = 3600): async def dependency( params: dict, cache: CacheLayer = Depends() ): cache_key = create_cache_key(**params) cached_value = await cache.get(cache_key) if cached_value: return cached_value # Compute expensive value value = await compute_expensive_value(params) await cache.set(cache_key, value, ttl=ttl) return value return dependency @app.get('/cached-endpoint') async def cached_endpoint( result = Depends(cached_dependency(ttl=1800)) ): return result # Cache invalidation dependency class CacheInvalidator: def __init__(self, cache: CacheLayer = Depends()): self.cache = cache self.invalidation_queue = [] def invalidate(self, pattern: str): self.invalidation_queue.append(pattern) async def flush(self): for pattern in self.invalidation_queue: await self.cache.redis.delete_pattern(pattern) self.invalidation_queue.clear() @app.post('/users') async def create_user( user: UserCreate, db = Depends(get_db), invalidator: CacheInvalidator = Depends() ): new_user = await db.create_user(user) invalidator.invalidate('users:*') await invalidator.flush() return new_user
Middleware-Style Dependencies
Use dependencies for cross-cutting concerns.
from fastapi import Depends, Request from time import time # Request timing dependency async def measure_request_time(request: Request): start_time = time() yield duration = time() - start_time print(f'{request.method} {request.url.path} took {duration:.3f}s') # Request ID tracking async def track_request_id(request: Request): request_id = request.headers.get('X-Request-ID', str(uuid.uuid4())) request.state.request_id = request_id yield request_id def get_request_id(request: Request): return request.state.request_id # Rate limiting per user class RateLimiter: def __init__(self): self.requests = {} async def check_rate_limit( self, user = Depends(get_current_user), cache = Depends(get_cache) ): key = f'rate_limit:{user.id}' count = await cache.incr(key) if count == 1: await cache.expire(key, 60) if count > 100: raise HTTPException( status_code=429, detail='Rate limit exceeded' ) return True rate_limiter = RateLimiter() @app.get('/protected') async def protected_endpoint( rate_limit_ok = Depends(rate_limiter.check_rate_limit) ): return {'message': 'Success'} # Request validation async def validate_content_type(request: Request): content_type = request.headers.get('Content-Type') if not content_type or 'application/json' not in content_type: raise HTTPException( status_code=415, detail='Content-Type must be application/json' ) return True @app.post('/data', dependencies=[Depends(validate_content_type)]) async def post_data(data: dict): return data
Resources
Official FastAPI documentation and guides:
- FastAPI Dependencies Core dependency injection concepts and basic usage
- Advanced Dependencies Advanced patterns including dependency overrides and custom providers
- Sub-Dependencies Building complex dependency chains and hierarchies
- Dependencies in Path Operations Using dependencies at the decorator level
- Global Dependencies Applying dependencies to entire applications or routers
- Testing Dependencies Overriding dependencies for testing purposes
- Security and OAuth2 Security utilities and OAuth2 implementation with dependencies
- SQL Databases Database session management with dependency injection
- Async SQL Async database patterns with SQLAlchemy
Additional resources:
- FastAPI GitHub Source code and examples
- FastAPI Discussions Community questions and patterns
- Dependency Injection Design Pattern General DI concepts and theory