
In my previous article I demonstrated how to build a Python class to filter out personal identifiable information from free text. In this article we will build a web service based on this class using Fastapi and make it available with Heroku.
Creating the API
Creating an API with FastAPI is simple and enables you to create a REST API for your code. First, you need to install FastAPI and, if you want to run it locally, Uvicorn. Uvicorn is a lightweight, ultrafast asynchronous webserver implementation. It will be used to run the local copy of the FastAPI server.
Now, we are ready to go!
To run a FastAPI server, a FastAPI-object is required. Endpoints to this object can be added using method tags. A simple example:
Line 3 creates the FastAPI object and an endpoint is added in line 5. The name of the endpoint is "/filter". When called, it returns the value "".
To test the endpoint a webserver is required. The FastAPI app can be started from the command line or from the main method. The last one is used and works as follows:
PrivacyFilterAPI is the name of the python source file and privacyFilterApp refers to the FastAPI object created in the previous step. Running the Python scripts starts a Uvicorn webserver with the endpoints available. The reload=True parameter of Uvicorn enables reloading the app when a source code change is detected. Saving the source code from your editor is sufficient to reload the app in Uvicorn, removing the requirement to restart the server after a code change.
Open http://127.0.0.1:8000/filter in a browser should result in the JSON response:
Next step is adding a parameter to the API with the text tot filter. The input text will be sent as a request body of the POST request. Using POST is the preferred way to call a REST service with parameters. Parameters are sent as a request body. To define the request body a Pydantic model.
A parameter class is created by extending the BaseModel from Pydantic. This class holds one variable, text with the input text of the method. The method signature is changed to post (line 12) and has an input parameter item of type Parameter. Item is a Python dictionary and can be accessed accordingly.
And finally by adding the PrivacyFilter class the webservice is completed:
When the web service is started, an instance of the PrivacyFilter class is instantiated and initialised. This instance will be used for each call to the filter method. The /filter endpoints returns a dictionary with both the original text and the filtered text.
After starting the web service, the documentation is available at http://127.0.0.1:8000/docs. These swagger pages are automatically generated by FastAPI:

By clicking on the green /filter section followed by the "Try out" button it is possible to send a request to the API. The parameters are specified in the Request body section:

Pressing ‘Execute’ sends the post request and displays the result:

In the response both the original text and the filtered text are returned. In this case my name is replaced with the tag indicating a name (Naam is Dutch for name). This shows we have an operational implementation of a privacy filter API.
Making the service secure
Sending privacy information over HTTP is a bad idea so we need to upgrade the REST API to HTTPS. For this, we need a key file and a certification file. We can create these files with openSSL:
This results in two files, one with the key and one with the certificate. Make sure the common name matches the URL where the API will be running in production. We can start the Uvicorn server in HTTPS mode by specifying the key and certificate files:
The service is now availabe at the address https://127.0.0.1:8000/filter and the requests are secured by SSL.
Running the service on Heroku
Heroku is a cloud platform supporting Python (among others). It is possible to deploy your applications in a virtualized Linux container. You can run a contain for 500 hours a month for free. After 30 minutes of inactivity a container goes to sleep. If you have one container in your account, it can be running 67% of the time for free.
To run the FastAPI service on Heroku, two files are needed. First, the requirements.txt file needs top be up to date. This file specifies all required python libraries. Heroku uses this file to create a Python environment capable of running the application. If not already present, you can create this file as follows:
This command will capture all installed modules and their versions and write this information to the requirements.txt file.
The second file required by Heroku is the deployment configuration file named Procfile (no extension). This file is used by Heroku to determine the actions to perform to start the application.
This Procfile tells Heroku to start a web application and launch Uvicorn. Uvicorn launches the API application specified. The application is specified similar to running locally. Note that Heroku needs the host an port specified to be able to connect to the Uvicorn server.
Navigate to heroku.com and create a free account. In this account, create an application:

Give the application an easy to recognize name and click the ‘Create app’ button. Adding it to a pipeline is not required.
Heroku will get the application from Github, so the next step is to connect to Gihub. Click the connect button and follow the online flow to connect to the GitHub OAuth interface.

When Heroku is successfully connected to GitHub it is possible to connect a GitHub repository to the Heroku application. Type part of the repository name in the search field and press ‘Search’. Select the appropriate repository from the search results.

When the repository connection is successful it is possible to deploy a branch on Heroku. Scroll down to the ‘Manual deploy”, select the correct branch and hit the ‘Deploy Branch’ button.

This will start the build process creating the Python environment according to the requirements file. The first time this will take some time but consecutive builds will use a cached environment (until the requirements change).
Check the application log (top right ‘More’ button) and wait for the message that the build succeeded. The app is now available at https://privacyfilter.herokuapp.com/. We can now run the same API test as on the local instance using the /docs entry point.
Congratulations, you have a Privacy filter up and running!
Please note that the free version of Heroku is limited to containers of 500MB. Running the full privacy filter requires more space so requires the Hobby subscription from Heroku. To be able to run it in the free version, I removed the street names from the filters since these take up the most space.
All source code of this project can be found om GitHub: PrivacyFilter.
I hope you enjoyed this article. For inspiration check some of my other articles:
- Remove personal information rom text with Python
- Parallel web requests with Python
- All public transport leads to Utrecht, not Rome
- Visualize the crowdedness of Dutch trains with Open Data and Kepler
- Visualization of travel times with OTP and QGIS
Disclaimer: The views and opinions included in this article belong only to the author.