Skip to content

Instantly share code, notes, and snippets.

@duonghuuphuc

duonghuuphuc/cs504070-homework-10.md

Created May 18, 2025 06:04
Show Gist options
  • Save duonghuuphuc/b478edea4770dae3e0364f33e9db2353 to your computer and use it in GitHub Desktop.
Save duonghuuphuc/b478edea4770dae3e0364f33e9db2353 to your computer and use it in GitHub Desktop.
Download ZIP
CS504070 - Homework 10: Delivery Function in E-commerce System using FastAPI
Raw
cs504070-homework-10.md

CS504070 - Homework 10: Delivery Function in E-commerce System using FastAPI

Introduction

You are tasked with implementing the Delivery Service for an e-commerce platform. This service is responsible for handling all aspects related to shipping customer orders, such as scheduling, updating, tracking, and managing delivery status.

This service will be a standalone microservice communicating with other services (like Order, User, and Inventory) via HTTP APIs or message queues (mocked/stubbed in this exercise). You will use FastAPI for building the microservice and JWT to secure endpoints that require user authentication.

Programming Questions

1. Create a Delivery Order Endpoint

Objective: Implement an endpoint that creates a delivery order based on the order details received from the Order Service.

Requirements:

  • The endpoint must accept an order ID and shipping address.
  • Generate a delivery ID and store it with the order ID, address, and initial status ("pending").
  • Return the delivery ID and initial status.

Endpoint Example:

POST /deliveries/
Authorization: Bearer <JWT>
Body:
{
  "order_id": "ORD123456",
  "shipping_address": "19, Nguyen Huu Tho Street, Tan Phong Ward, District 7, HCMC, Vietnam"
}

Expected Response:

{
  "delivery_id": "DEL-<unique_id>",
  "status": "pending"
}

2. Secure Endpoints with JWT

Objective: Implement JWT-based authentication to protect delivery-related endpoints.

Requirements:

  • Only authenticated users should be able to create or retrieve delivery data.
  • Add a simple login endpoint that returns a JWT token (for simulation purposes).
  • Validate the token for secured endpoints.

Hints:

  • Use fastapi.security.OAuth2PasswordBearer and jwt library (e.g., python-jose).
  • Stub the user authentication logic (no real database needed).

3. Update Delivery Status

Objective: Add an endpoint for updating the status of a delivery (e.g., "shipped", "out for delivery", "delivered").

Requirements:

  • Endpoint must take delivery ID and the new status.
  • Only authenticated users (e.g., delivery staff role in JWT claims) can update status.
  • Validate status transitions (e.g., from "pending" → "shipped", but not "delivered" → "pending").

Endpoint Example:

PATCH /deliveries/{delivery_id}/status
Authorization: Bearer <JWT>
Body:
{
  "status": "shipped"
}

4. Get Delivery Status by Order ID

Objective: Implement an endpoint that allows a user to retrieve the delivery status for a specific order.

Requirements:

  • Input: Order ID
  • Return: Delivery status, shipping address, delivery ID
  • Should be accessible only by authenticated users whose JWT token includes a user ID matching the request (simulate user ownership check).

Endpoint Example:

GET /deliveries/status?order_id=ORD123456
Authorization: Bearer <JWT>

🔧 Constraints and Technologies

  • Language: Python
  • Framework: FastAPI
  • JWT: Required (use PyJWT or python-jose)
  • Data Store: In-memory (or SQLite optionally)
  • Microservices Style: Simulate with FastAPI routes or mocked services
  • Testing (optional): Postman or Swagger
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment