Back to Details

fastapi-code-review

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

FastAPI Code Review

FastAPI代码审查

Quick Reference

快速参考

Issue TypeReference
APIRouter setup, response_model, status codesreferences/routes.md
Depends(), yield deps, cleanup, shared depsreferences/dependencies.md
Pydantic models, HTTPException, 422 handlingreferences/validation.md
Async handlers, blocking I/O, background tasksreferences/async.md
问题类型参考文档
APIRouter配置、response_model、状态码references/routes.md
Depends()、生成器依赖、清理操作、共享依赖references/dependencies.md
Pydantic模型、HTTPException、422错误处理references/validation.md
异步处理器、阻塞I/O、后台任务references/async.md

Review Checklist

审查检查清单

  • APIRouter with proper prefix and tags
  • All routes specify 
    response_model
    for type safety
  • Correct HTTP methods (GET, POST, PUT, DELETE, PATCH)
  • Proper status codes (200, 201, 204, 404, etc.)
  • Dependencies use 
    Depends()
    not manual calls
  • Yield dependencies have proper cleanup
  • Request/Response models use Pydantic
  • HTTPException with status code and detail
  • All route handlers are 
    async def
  • No blocking I/O (
    requests
    , 
    time.sleep
    , 
    open()
    )
  • Background tasks for non-blocking operations
  • No bare 
    except
    in route handlers
  • 配置了正确前缀和标签的APIRouter
  • 所有路由都指定了
    response_model
    以保证类型安全
  • 使用正确的HTTP方法(GET、POST、PUT、DELETE、PATCH)
  • 使用合适的状态码(200、201、204、404等)
  • 依赖项使用
    Depends()
    而非手动调用
  • 生成器依赖包含正确的清理逻辑
  • 请求/响应模型使用Pydantic
  • 抛出包含状态码和详情的HTTPException
  • 所有路由处理器均为
    async def
  • 无阻塞I/O操作(
    requests
    time.sleep
    open()
  • 后台任务用于非阻塞操作
  • 路由处理器中无裸
    except
    语句

Valid Patterns (Do NOT Flag)

有效模式(无需标记)

These are idiomatic FastAPI patterns that may appear problematic but are correct:
  • Pydantic validates request body automatically - No manual validation needed when using typed Pydantic models as parameters
  • Dependency injection for database sessions - Sessions come from 
    Depends()
    , not passed as function arguments
  • HTTPException for all HTTP errors - FastAPI handles conversion to proper HTTP responses
  • Async def endpoint without await - May be using sync dependencies or simple operations; FastAPI handles this
  • Type annotation on Depends() - This is documentation/IDE support, not a type assertion
  • Query/Path/Body defaults - FastAPI processes these at runtime, not traditional Python defaults
  • Returning dict from endpoint - Pydantic converts automatically if 
    response_model
    is set
以下是FastAPI的惯用模式,看似有问题但实际正确:
  • Pydantic自动验证请求体 - 使用带类型的Pydantic模型作为参数时,无需手动验证
  • 数据库会话的依赖注入 - 会话来自
    Depends()
    ,而非作为函数参数传递
  • 所有HTTP错误使用HTTPException - FastAPI会自动将其转换为合适的HTTP响应
  • 无await的Async def端点 - 可能使用了同步依赖或简单操作;FastAPI会处理这种情况
  • Depends()上的类型注解 - 这是用于文档/IDE支持,而非类型断言
  • Query/Path/Body默认值 - FastAPI在运行时处理这些,而非传统Python默认值
  • 从端点返回dict - 如果设置了
    response_model
    ,Pydantic会自动转换

Context-Sensitive Rules

上下文敏感规则

Only flag issues when the context warrants it:
  • Flag missing validation ONLY IF the field isn't already in a Pydantic model with validators
  • Flag missing auth ONLY IF the endpoint isn't using 
    Depends()
    with an auth dependency
  • Flag missing error handling ONLY IF HTTPException isn't raised appropriately for error cases
  • Flag sync in async ONLY IF the operation is actually blocking (file I/O, network calls, CPU-bound), not just non-async
仅在符合上下文场景时标记问题:
  • 仅当字段未包含在带有验证器的Pydantic模型中时,才标记缺少验证
  • 仅当端点未使用带认证依赖的
    Depends()
    ,才标记缺少认证
  • 仅当未针对错误场景正确抛出HTTPException时,才标记缺少错误处理
  • 仅当操作确实是阻塞性的(文件I/O、网络调用、CPU密集型)而非只是非异步时,才标记异步中的同步操作

FastAPI Framework Behaviors

FastAPI框架特性

FastAPI + Pydantic handle many concerns automatically:
  • Request validation via Pydantic models
  • Response serialization via response_model
  • Dependency injection for cross-cutting concerns
  • Exception handling via exception handlers
Before flagging "missing" functionality, verify FastAPI isn't handling it.
FastAPI + Pydantic会自动处理许多事项:
  • 通过Pydantic模型进行请求验证
  • 通过response_model进行响应序列化
  • 用于横切关注点的依赖注入
  • 通过异常处理器处理异常
在标记“缺失”功能之前,请确认FastAPI是否未自动处理该事项。

When to Load References

何时加载参考文档

  • Reviewing route definitions → routes.md
  • Reviewing dependency injection → dependencies.md
  • Reviewing Pydantic models/validation → validation.md
  • Reviewing async route handlers → async.md
  • 审查路由定义 → routes.md
  • 审查依赖注入 → dependencies.md
  • 审查Pydantic模型/验证 → validation.md
  • 审查异步路由处理器 → async.md

Review Questions

审查问题

  1. Do all routes have explicit response models and status codes?
  2. Are dependencies injected via Depends() with proper cleanup?
  3. Do all Pydantic models validate inputs correctly?
  4. Are all route handlers async and non-blocking?
  1. 所有路由是否都有明确的响应模型和状态码?
  2. 依赖项是否通过
    Depends()
    注入并包含正确的清理逻辑?
  3. 所有Pydantic模型是否正确验证输入?
  4. 所有路由处理器是否都是异步且非阻塞的?

Before Submitting Findings

提交发现前的步骤

Load and follow review-verification-protocol before reporting any issue.
在报告任何问题之前,请加载并遵循审查验证协议