Building a Pure HTTP REST API Server From Scratch | AI Systems Design From Scratch

🏠 Documentation Hub 📝 Engineering Blog 💻 GitHub Repository

Building a Relational SQL Database Engine Abstraction From Scratch

Amin Boulouma — Software Engineer

Every time a web browser or client application fetches data from a backend service, it relies on an application-layer network protocol: Hypertext Transfer Protocol (HTTP). In standard development, web servers like NGINX, Apache, or Python frameworks like Flask and FastPI capture these requests automatically. They shield engineers from raw TCP/IP data buffers by providing pre-parsed request parameters and automated status routing abstractions.

To genuinely master distributed backend architectures, we must peer beneath these framework abstractions to look directly at the underlying mechanics of text serialization and socket-multiplexing.

Adhering to our repository’s strict zero-dependency mandate, we will engineer a robust HTTP/1.1 web server from first principles using nothing but the Python standard library.

The Networked REST API Architecture

Our backend routing engine is encapsulated inside a unified controller class: REST_API. This runtime server manages a master listening socket loop, captures application-layer request lines, isolates text tokens, and serializes raw compliance-valid HTTP plain-text responses back across the wire channel.

Here is the complete codebase block matching our strict system integration matrix:

import socket
import utils

class REST_API:
    def __init__(self, host='127.0.0.1', port=8080):
        self.host = host
        self.port = port 

    def start_server(self):
        """Initializes the master server socket and boots the connection-polling interface loop."""
        server_socket = utils.create_socket_server(self.host, self.port, 'REST API')

        while True:
            try:
                # Block thread processing until a remote client opens a transport connection path
                client_socket, client_address = server_socket.accept()
                print(f"Connection from {client_address}")

                # 1. Read incoming HTTP plain-text request blocks from the transport buffer
                request = client_socket.recv(4096).decode('utf-8')
                print(f'Received request: {request}')

                if not request.strip():
                    client_socket.close()
                    continue

                # 2. Tokenize raw text lines into standard HTTP parameters
                method, path = self._parse_request(request)
                print(f"Routed Primitive: {method} -> Targeted Resource: {path}")

                # 3. Route parameters through the application layer mapping layer
                response = self._handle_request(method, path)

                # 4. Flush the serialized text blocks back out across the socket interface wire
                client_socket.sendall(response.encode('utf-8'))
                
                # 5. Sever the ephemeral client channel to prevent socket resource leaks
                client_socket.close()
                
            except (KeyboardInterrupt, EOFError):
                print("\nShutdown sequence initiated. Closing master API socket listener.")
                server_socket.close()
                break
            except Exception as e:
                print(f"Application Runtime Exception: {e}")
                try:
                    client_socket.close()
                except:
                    pass

    def _parse_request(self, request):
        """Deconstructs the raw HTTP header stream to isolate the Method Verb and Target Path URL."""
        # HTTP Standard isolates the request line as the absolute first row of the packet buffer
        first_line = request.splitlines()[0]
        parts = first_line.split()
        
        # Guardrail check for minimal valid HTTP request formatting (Method, Path, Protocol Version)
        if len(parts) < 2:
            return "GET", "/"
            
        return parts[0], parts[1]
    
    def _handle_request(self, method, path):
        """Evaluates REST verbs and URI tokens to compile a strict HTTP compliance plain-text response."""
        # Note: Crucial HTTP specification compliance requires separating headers from bodies via double newlines (\r\n\r\n)
        if method == 'GET':
            if path == '/':
                response = "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\nHello, World!"
            elif path == '/hello': 
                response = "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\nHello from the server!"
            else:
                response = "HTTP/1.1 404 Not Found\r\nContent-Type: text/plain\r\n\r\nFile not found!"
                
        elif method == 'POST':
            print("Received POST data payload frame.")
            response = "HTTP/1.1 201 Created\r\nContent-Type: application/json\r\n\r\n{\"message\": \"Data Received\"}"
            
        elif method == 'PUT':
            print("Data update request received!")
            response = "HTTP/1.1 200 OK\r\nContent-Type: application/json\r\n\r\n{\"message\": \"Data Updated!\"}"
            
        elif method == 'DELETE':
            response = "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\nData Deleted!"
            
        else:
            response = "HTTP/1.1 405 Method Not Allowed\r\nContent-Type: text/plain\r\n\r\nMethod not allowed!"
            
        return response
    
if __name__ == "__main__":
    app = REST_API('127.0.0.1', 8080)
    app.start_server()

Architectural Mechanisms Breakdown

1. HTTP Request Line Deconstruction

Our internal parsing worker (_parse_request) leverages first-principles string indexing to interpret network frames. According to Internet Engineering Task Force (IETF) specification patterns, an HTTP frame is structured around an initial command string row:

GET /hello HTTP/1.1
Host: 127.0.0.1:8080

By applying spatial string splits (request.splitlines()[0].split()), our engine strips away auxiliary trailing network headers, instantly exposing the primary action primitive (parts[0]) and the target file system URI (parts[1]) in an efficient, lightweight extraction pass.

2. Strict HTTP Header Framing Boundaries

In the original protocol template structures, responses were compiled using single newline characters (\n). While modern resilient browser parsers can occasionally infer boundaries from single transitions, the formal HTTP/1.1 protocol specification strictly mandates Carriage Return + Line Feed sequence pairs (\r\n).

Furthermore, separating functional network headers (like Content-Type) from the raw data body requires an explicit empty line transition (\r\n\r\n). Our updated architecture implements this standard across all routing blocks:

response = "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\nHello, World!"

Ensuring this demarcation line is formed flawlessly protects your streaming bytes from being dropped or classified as a corrupted header chunk by strict downstream API clients.

3. REST Status Mapping Boundaries

The handler logic implements an authentic RESTful routing matrix, binding distinct CRUD actions directly to semantic HTTP status codes:

200 OK: Returned for successful reads (GET), updates (PUT), and removals (DELETE).
201 Created: Explicitly dispatched upon successful ingestion of new record payloads via POST.
404 Not Found: Triggered to gracefully alert the client if an unconfigured resource path is hit.
405 Method Not Allowed: Acts as an explicit validation guardrail if an unknown system verb tries to communicate with our socket channel.

Verifying the REST API Backend

To test this backend microservice engine, execute it locally inside your primary shell window while passing network requests using your previously constructed client tool (py_http_client.py) or standard terminal utility commands like curl.

1. Launch the Server Infrastructure

python py_http_server.py

2. Stream Probing Requests (Alternative Terminal Window)

curl -i [http://127.0.0.1:8080/hello](http://127.0.0.1:8080/hello)

Target Execution Logs (Server Console Output)

REST API Daemon actively listening on 127.0.0.1:8080
Connection from ('127.0.0.1', 59421)
Received request: GET /hello HTTP/1.1
Host: 127.0.0.1:8080

GET /hello
Routed Primitive: GET -> Targeted Resource: /hello

Infrastructure Scaling Roadmap

While this server engine handles basic state mapping, route evaluation, and protocol parsing loops, it functions as a single-threaded blocker—meaning it can only process one active network connection at a time.

To scale this infrastructure module into a reliable, concurrent application-tier platform, our engineering goals target these upcoming code sprints:

Asynchronous Selector Engine: Integrating Python’s native selectors or threading module library to spin out distinct worker processes for client connections, freeing the core loop to instantly intercept secondary incoming sockets.
Regular Expression URI Tree Matching: Upgrading path lookups from simple string comparisons to a compiled Regex Route Tree, enabling dynamic route parameters (e.g., parsing /users/<user_id>).
Stream Buffer Body Splitting: Refactoring the payload receiver to scan for the Content-Length header, enabling the server to dynamically buffer and parse multi-line JSON dictionaries passed during high-density POST and PUT transactions.

Connect with Amin Boulouma Official