一、接口设计规范
- 基础规范
- 采用HTTPS协议
- 统一使用UTF-8编码
- 版本控制:/api/v1/
- 响应格式
{
"code": 200,
"message": "success",
"data": {},
"timestamp": 1654934400
}
二、核心接口示例
1. 商品查询接口
from flask import Flask, jsonify
app = Flask(__name__)
@app.route('/api/v1/products/<int:product_id>', methods=['GET'])
def get_product(product_id):
product = {
"id": product_id,
"name": "阳澄湖大闸蟹",
"price": 299,
"stock": 1000
}
return jsonify({
"code": 200,
"data": product
})
2. 订单创建接口
@app.route('/api/v1/orders', methods=['POST'])
def create_order():
from flask import request
data = request.json
if not all(k in data for k in ['product_id','quantity']):
return jsonify({"code": 400, "message": "缺少必要参数"})
order_id = generate_order_id()
return jsonify({
"code": 201,
"data": {
"order_id": order_id,
"created_at": get_current_time()
}
})
三、安全防护措施
- JWT鉴权实现
# JWT验证装饰器
def token_required(f):
@wraps(f)
def decorated(*args, **kwargs):
token = request.headers.get('Authorization')
if not token:
return jsonify({"code": 401}), 401
try:
data = jwt.decode(token, SECRET_KEY)
except:
return jsonify({"code": 403}), 403
return f(*args, **kwargs)
return decorated
四、性能优化建议
- 使用Redis缓存热点数据
- 接口响应时间控制在200ms内
- 采用分页查询:/products?page=1&size=20
