Web后端开发路径
服务器端开发与系统架构
后端技术栈
编程语言
├── Python (Django/Flask/FastAPI)
├── JavaScript (Node.js/Express)
├── Java (Spring Boot)
├── Go (Gin/Echo)
└── Rust (Actix/Axum)
数据库
├── 关系型:MySQL, PostgreSQL
├── NoSQL:MongoDB, Redis
└── 搜索:Elasticsearch
基础设施
├── Linux服务器
├── Docker容器
├── Nginx反向代理
└── 云服务 (AWS/阿里云)
Python后端:FastAPI
from fastapi import FastAPI, HTTPException
from pydantic import BaseModel
from typing import Optional, List
app = FastAPI()
# 数据模型
class User(BaseModel):
id: Optional[int] = None
name: str
email: str
age: int
# 模拟数据库
users_db = []
@app.get("/")
async def root():
return {"message": "Welcome to API"}
@app.get("/users", response_model=List[User])
async def get_users():
return users_db
@app.get("/users/{user_id}")
async def get_user(user_id: int):
for user in users_db:
if user.id == user_id:
return user
raise HTTPException(status_code=404, detail="User not found")
@app.post("/users", response_model=User)
async def create_user(user: User):
user.id = len(users_db) + 1
users_db.append(user)
return user
@app.put("/users/{user_id}")
async def update_user(user_id: int, user: User):
for i, u in enumerate(users_db):
if u.id == user_id:
user.id = user_id
users_db[i] = user
return user
raise HTTPException(status_code=404, detail="User not found")
@app.delete("/users/{user_id}")
async def delete_user(user_id: int):
for i, user in enumerate(users_db):
if user.id == user_id:
users_db.pop(i)
return {"message": "User deleted"}
raise HTTPException(status_code=404, detail="User not found")
Node.js后端:Express
const express = require('express');
const app = express();
app.use(express.json());
let users = [];
// 获取所有用户
app.get('/api/users', (req, res) => {
res.json(users);
});
// 获取单个用户
app.get('/api/users/:id', (req, res) => {
const user = users.find(u => u.id === parseInt(req.params.id));
if (!user) return res.status(404).json({ error: 'Not found' });
res.json(user);
});
// 创建用户
app.post('/api/users', (req, res) => {
const user = {
id: users.length + 1,
name: req.body.name,
email: req.body.email
};
users.push(user);
res.status(201).json(user);
});
// 中间件示例
const authMiddleware = (req, res, next) => {
const token = req.headers.authorization;
if (!token) {
return res.status(401).json({ error: 'Unauthorized' });
}
// 验证token...
next();
};
app.get('/api/protected', authMiddleware, (req, res) => {
res.json({ message: 'Protected data' });
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
数据库操作:SQLAlchemy
from sqlalchemy import create_engine, Column, Integer, String
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import sessionmaker
# 创建引擎
engine = create_engine('sqlite:///app.db')
Base = declarative_base()
# 定义模型
class User(Base):
__tablename__ = 'users'
id = Column(Integer, primary_key=True)
name = Column(String(50), nullable=False)
email = Column(String(100), unique=True)
def to_dict(self):
return {"id": self.id, "name": self.name, "email": self.email}
# 创建表
Base.metadata.create_all(engine)
# 创建会话
Session = sessionmaker(bind=engine)
session = Session()
# CRUD操作
def create_user(name, email):
user = User(name=name, email=email)
session.add(user)
session.commit()
return user
def get_users():
return session.query(User).all()
def get_user(user_id):
return session.query(User).filter(User.id == user_id).first()
认证与安全
import jwt
import bcrypt
from datetime import datetime, timedelta
SECRET_KEY = "your-secret-key"
# 密码加密
def hash_password(password: str) -> str:
return bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
def verify_password(password: str, hashed: str) -> bool:
return bcrypt.checkpw(password.encode(), hashed.encode())
# JWT Token
def create_token(user_id: int) -> str:
payload = {
"user_id": user_id,
"exp": datetime.utcnow() + timedelta(hours=24)
}
return jwt.encode(payload, SECRET_KEY, algorithm="HS256")
def verify_token(token: str) -> dict:
try:
return jwt.decode(token, SECRET_KEY, algorithms=["HS256"])
except jwt.ExpiredSignatureError:
raise Exception("Token expired")
except jwt.InvalidTokenError:
raise Exception("Invalid token")
学习路线图
第1阶段:基础 (2-3个月)
├── HTTP协议深入
├── RESTful API设计
├── 数据库SQL
└── 一门后端语言
第2阶段:进阶 (2-3个月)
├── ORM框架
├── 认证授权
├── 缓存策略
└── 消息队列
第3阶段:架构 (2-3个月)
├── 微服务设计
├── Docker容器化
├── CI/CD流水线
└── 监控与日志
第4阶段:专业化 (持续)
├── 分布式系统
├── 高并发处理
├── 安全防护
└── 性能优化
本章小结
- API设计:RESTful规范
- 数据库:ORM简化操作
- 安全:认证与加密
- 架构:从单体到微服务
→ 继续阅读:37-移动App开发入门