Assessing Your Current State

Before initiating the upgrade process, it's crucial to assess your current project. Identify the version of React Native you're currently using and research the features and improvements introduced in subsequent versions. This will help you understand the benefits and potential challenges you might encounter during the upgrade, and evaluate if the upgrade is worth the effort.

Planning and Preparation

Review the release notes: Thoroughly examine the release notes for the versions between your current version and the latest release to understand the changes and potential impacts on your codebase.

Update dependencies: Check if third-party libraries and dependencies are compatible with the new React Native version and update them to their latest versions for compatibility and improvements.

Backup your project: Create a backup of your project to protect against any unforeseen issues during the upgrade process. For instance, create a backup branch in git and store your current version of the app there, and start working on the upgrades in a new branch.

Prepare a test plan: Develop a comprehensive test plan to ensure all features and scenarios are thoroughly tested, covering different devices, operating systems, and screen sizes.

The Touchpoints

1. Core Native Code and Third-Party Libraries: Update native modules, Java/Kotlin (for Android), Objective-C/Swift (for iOS), and third-party libraries to ensure compatibility with the upgraded React Native version.

2. JavaScript APIs, Syntax, and UI Components: Adjust JavaScript APIs, syntax, and UI components to comply with the new version's standards and incorporate any changes introduced in the upgraded React Native version.

3. React Native CLI and Tooling, Package Managers: Review and update the React Native CLI, associated tooling, and package managers (e.g., npm, Yarn) to maintain compatibility with the new version.

4. Platform-Specific Code and Device Compatibility: Adapt platform-specific code blocks and thoroughly test the app on various devices and operating system versions to identify and resolve compatibility issues.

5. App State Management and Performance Optimization: Verify compatibility of the state management solution (e.g., Redux, MobX) and leverage performance optimizations introduced in the upgraded React Native version to enhance app performance.

Start Small, Go Incremental

Starting with a small module and using an incremental approach can significantly simplify the upgrade process. Here are more ideas on how to implement this approach effectively:

1. Start Small and Isolated: Begin by selecting a specific module or feature within your app to upgrade first. Create a dedicated branch for the upgrade process.

2. Update Dependencies: Start by updating relevant dependencies and third-party libraries used in the selected module.

3. Upgrade React Native Incrementally: Gradually upgrade the React Native version in the isolated branch, ensuring compatibility with the new version.

4. Test and Validate: Thoroughly test the upgraded module to identify and fix any issues. Perform comprehensive testing on various devices and platforms.

5. Review, Refactor, and Optimize: Take the opportunity to review the code, refactor as needed, and implement any performance optimizations.

6. Merge Changes Incrementally: After successful testing, merge the upgraded module back into the main codebase.

7. Repeat for Other Modules: Continue this incremental upgrade approach with other isolated modules or features, one at a time.

Handling Compatibility Issues & Breaking Changes

React Native upgrades often come with compatibility issues and breaking changes that can impact your app's functionality. Some issues I've faced during the upgrades and the solutions I implemented are documented below:

1. Deprecation and Removal of APIs: Address changes to existing APIs that are deprecated or removed in the upgraded React Native version.

2. Third-Party Library Compatibility: Check compatibility with third-party libraries and update them to work with the new React Native version.

3. Native Modules and Dependencies: Update custom native modules and dependencies to ensure compatibility with the upgraded React Native version.

4. Behavioral Changes in Components: Adjust components and modules affected by changes in behavior or props.

5. File Structure and Naming: Accommodate any changes to the folder structure or file naming conventions introduced in the new version.

6. Animation and Interaction Modifications: Handle modifications in animations, gestures, and keyboard interactions due to the React Native upgrade.

Community Collaboration

Engaging with the community is really essential for all kinds of developers. Community forums, repositories, and blogs offer valuable guidance, solutions, and collective knowledge to overcome compatibility challenges and breaking changes effectively. By actively participating in discussions and accessing official documentation, developers stay informed about best practices, ensuring smoother upgrade journeys.

Giving back to the community is equally vital. Sharing upgrade experiences, writing blogs, and contributing to discussions strengthens the community and enables others to navigate upgrades more successfully. The culture of mutual support and continuous improvement empowers developers to optimize their workflows while enhancing the growth and success of the entire React Native community.

Concluding...

Commencing a React Native version upgrade requires meticulous assessment and thoughtful planning. Through careful evaluation of your app's current state and strategic preparation, you lay a solid foundation for a successful upgrade process. As you progress, identifying touchpoints like core native code, third-party libraries, and custom modules becomes pivotal. Incremental adaptation minimizes compatibility issues and breaking changes, ensuring a smoother transition.

Handling compatibility challenges and breaking changes demands a strategic approach. Keeping a keen eye on deprecated APIs, ensuring third-party library compatibility, and updating custom native modules are essential steps to ensure a seamless transition. Throughout the upgrade journey, the React Native community becomes a valuable asset. Engaging with forums, repositories, and webinars offers access to collective knowledge and shared expertise while contributing back empowers the community and fostering a supportive ecosystem.

By staying updated, developers position their apps for future growth and security in a rapidly evolving mobile landscape. In conclusion, as you set forth on your React Native upgrade journey, assess, strategize, collaborate, and embrace the advantages of the latest version. This approach paves the way for a smoother, more rewarding upgrade experience, leading to a more powerful, innovative, and successful mobile application.

References and Acknowledgements

• https://react-native-community.github.io/upgrade-helper/

• https://reactnative.dev/docs/upgrading

• https://medium.com/game-development-stuff/how-to-easily-upgrade-react-native-and-the-project-dependencies-6af458ada81c

• Thanks Anas for the thumbnail ❤️.

Authentication

To ensure that applications and clients trying to access data are authentic, APIs must be equipped with a process to certify the identity of users trying to access resources on the server. This is what is known as API authentication. There are several authentication methods that can be used to secure APIs, including:

• OAuth: a protocol that enables applications to authenticate and authorize access to APIs on behalf of users.

• API Key Authentication: a method where a unique key is generated for each user and used to authenticate API requests.

• JSON Web Token (JWT): a compact, URL-safe means of representing claims to be transferred between parties.

• User-based Authentication: a method where each user has a unique username and password to authenticate API requests.

• SAML: An open standard for exchanging authentication and authorization data between parties, often used for single sign-on (SSO).

• OpenID Connect: A protocol built on OAuth 2.0 for standardized user authentication and identity information exchange.

• LDAP: A protocol for accessing and maintaining directory information services over a network, often used for authentication and authorization in enterprise applications.

Authorization

Authorization is the next step after successful authentication. It is the process of granting or denying access to a specific resource based on the authenticated user's identity and level of permission. Some common methods of authorization include:

• Role-based access control (RBAC): a method that restricts access based on the roles that users have within the system.

• Attribute-based access control (ABAC): a method that grants access based on specific attributes or characteristics of the user.

• Access Control Lists (ACL): a list that contains rules that grant or deny access to specific entities.

• Adaptive Access Control: A method of access control that uses real-time risk assessments to dynamically adjust access privileges based on the user's behavior and other contextual factors. It can help to prevent unauthorized access to APIs by detecting and responding to suspicious activity in real-time.

API Rate Limiting

API rate limiting is a technique used to prevent API abuse by limiting the number of requests that can be made over a period of time. This can help to ensure API availability and prevent system overload or performance issues caused by excessive API usage.

API rate limiting can be implemented in a number of ways, such as:

1. Fixed Rate Limiting: This approach sets a fixed limit on the number of requests that can be made per unit of time, such as 100 requests per minute. Once the limit is reached, further requests are blocked or delayed until the next time period.

2. Dynamic Rate Limiting: This approach dynamically adjusts the rate limit based on real-time traffic patterns and usage patterns. For example, it may allow more requests during off-peak hours or for certain users or applications that have a higher priority.

3. Token Bucket Algorithm: This algorithm uses a token bucket to limit the rate of incoming requests. Tokens are added to the bucket at a fixed rate, and each request consumes a token. If the bucket is empty, further requests are blocked until more tokens are added.

API rate limiting can be enforced at different levels, such as on a per-user basis, per-application basis, or across the entire API. It is important to carefully tune the rate limits to balance API availability with protection against abuse, and to provide informative error messages to API clients when rate limits are exceeded.

In summary, API rate limiting is an important tool for ensuring API availability and preventing abuse. It can be implemented in a variety of ways and at different levels, and should be carefully tuned to balance performance and security requirements.

API encryption

Encryption typically involves two processes: encryption and decryption. Encryption is the process of converting plaintext data into a form that is unreadable without the appropriate key or password. Decryption is the process of converting the encrypted data back into plaintext.

There are several encryption techniques that can be used to secure APIs, including:

• SSL/TLS: Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are encryption protocols that are commonly used to secure web traffic, including API requests and responses. SSL/TLS encrypts data in transit between the client and server using a combination of symmetric and asymmetric encryption.

• AES: Advanced Encryption Standard (AES) is a symmetric encryption algorithm that is widely used to encrypt data at rest and in transit. AES can use different key sizes and modes of operation to provide varying levels of security.

• Public Key Cryptography: Public key cryptography is an asymmetric encryption technique that uses a pair of keys, one public and one private, to encrypt and decrypt data. Public key cryptography is commonly used for secure key exchange and digital signatures.

API encryption is an essential part of API security. It helps to protect sensitive information from being intercepted or tampered with during transmission, and ensures that only authorized parties can access the data.

API versioning

API versioning is a crucial aspect of API design and development. It involves assigning a unique identifier or version number to each API, which allows developers to manage changes and ensure backward compatibility.

As APIs evolve and new features are added, it is essential to maintain compatibility with existing clients and avoid breaking changes that may result in service disruptions. By versioning APIs, developers can implement changes to the API without breaking the functionality of existing clients.

There are different approaches to versioning APIs, including:

1. URL Versioning: In this approach, the version number is included in the API endpoint URL. For example, /api/v1/users.

2. Query Parameter Versioning: In this approach, the version number is included as a query parameter in the API endpoint URL. For example, /api/users?version=1.

3. Header Versioning: In this approach, the version number is included in a custom header in the API request. For example, X-API-Version: 1.

It is important to choose a versioning approach that aligns with the requirements of the API and the needs of the developers using it. Additionally, it is important to document the API versioning strategy and communicate it to API consumers to ensure that they are aware of changes and can plan accordingly.

Properly managing API versions helps ensure that API consumers have a stable and reliable service and reduces the risk of breaking changes and service disruptions.

API Logging and Monitoring

API logging and monitoring are essential for ensuring the security and reliability of APIs. Logging involves recording all requests and responses made to the API, along with any errors or exceptions that occur. This information can be used to identify and troubleshoot issues, as well as monitor usage patterns, and track performance metrics.

Monitoring involves actively tracking the API for anomalies, unusual behavior, and potential security threats. This can involve setting up automated alerts and notifications for specific events, such as failed login attempts or excessive API usage. By proactively monitoring APIs, developers can quickly identify and respond to potential issues before they escalate.

Some key considerations for API logging and monitoring include:

• Defining clear logging and monitoring requirements during API design and development

• Selecting appropriate tools and systems for capturing and analyzing API logs and metrics

• Regularly reviewing and analyzing logs to identify patterns and trends

• Establishing alert thresholds and notification mechanisms to respond to potential security threats and service disruptions

• Continuously improving logging and monitoring practices based on feedback and insights gained from analysis

API Testing

API testing is essential for ensuring the security and reliability of APIs. There are different types of API tests, including functional tests, load tests, security tests, and integration tests. Each type of test focuses on a specific aspect of the API's functionality and performance.

Functional tests focus on ensuring that the API functions as intended, and that all features and capabilities are working correctly. Load tests focus on testing the API's ability to handle large volumes of traffic and requests, and to ensure that it can maintain performance under heavy loads.

Security tests focus on identifying potential security vulnerabilities and threats, such as SQL injection, cross-site scripting, and unauthorized access. Integration tests focus on testing the API's ability to integrate with other systems and services, such as third-party APIs and databases.

Access Control List (ACL)

Access Control Lists (ACLs) are a method of access control used to define and enforce permissions for resources on a server or network. ACLs are essentially a list of rules that specify which users or groups are allowed to access certain resources or perform specific actions. They can be used in combination with other authentication and authorization methods to provide fine-grained control over API access. ACLs require careful management and configuration to ensure that permissions are properly defined and enforced.

Here are some common access control methods used in API security:

1. Role-based Access Control (RBAC): is a widely used access control method that assigns permissions based on the role of the user or client. RBAC is often used in large organizations where there are many users with different levels of access to resources. With RBAC, access is granted based on predefined roles, which are then assigned to users or groups of users. For example, a user with an "admin" role might have access to more resources than a user with a "guest" role. RBAC is a simple and effective way to manage access control for large groups of users, and it can help to minimize the risk of unauthorized access or data breaches. However, RBAC can be inflexible and may not be well-suited to situations where more granular access control is required.

2. Attribute-based Access Control (ABAC): is a method of access control that assigns permissions based on various attributes of the user or client. Attributes can include factors such as the user's location, job title, or department, as well as other criteria such as the time of day or the type of device being used to access the resource. ABAC allows for a more granular level of control over access permissions than other methods, such as role-based access control (RBAC), which assigns permissions based solely on the user's role. ABAC policies can be complex and difficult to manage, but they can be particularly useful in environments where access permissions need to be tightly controlled based on specific criteria.

3. Mandatory Access Control (MAC): is an access control method used to enforce security policies on a system. In this method, access to resources is controlled by a set of rules that are predefined and enforced by the operating system or network. This means that users cannot modify or override the rules to gain access to resources that they should not have access to. The policies are typically defined by a security administrator, and they are enforced at the system level, rather than the application level. MAC is often used in environments where the security of the system is critical, such as government or military systems, or in situations where there is a need to protect sensitive data or resources. MAC can be more complex to implement and manage than other access control methods, but it provides a high level of security and control.

4. Discretionary Access Control (DAC): is a type of access control method that allows the owner of a resource to determine who has access to it and what actions they can perform. In DAC, the owner of a resource has full control over who is granted access and what they can do once they have access. This can be useful in situations where the resource owner needs to maintain tight control over who can access the resource and how it is used. However, DAC can also be more prone to human error and abuse, as it relies on individuals to make access control decisions rather than a centralized system of rules and policies. DAC is often used in conjunction with other access control methods to provide additional layers of security and control.

5. Context-based Access Control (CBAC): takes into account contextual information about the request before granting access. CBAC uses contextual factors such as location, time of day, the device being used, and user behavior to determine whether a request is legitimate or not. This method is useful for organizations that need to enforce stricter security policies in certain situations. For example, an organization might restrict access to certain resources from outside the office network or only allow access during specific times of the day. CBAC can be challenging to implement as it requires collecting and analyzing contextual data, but it can provide a high level of security when properly configured.

The Principle of Least Privilege (PoLP)

PoLP is a security concept that states that a user or process should only have access to the resources necessary to perform their job or function. This means that users should not have any unnecessary privileges or permissions that could potentially be exploited by attackers. The goal of the PoLP is to limit the potential damage that can be caused by a compromised account or process. By restricting access to resources, the PoLP helps to prevent attackers from moving laterally through a system and accessing additional sensitive data or resources. Implementing the PoLP can be challenging, as it requires careful analysis of user roles and permissions, as well as regular monitoring and maintenance to ensure that privileges are not being abused. However, it is an important principle to follow in order to maintain a secure API and prevent unauthorized access to sensitive data.

Conclusion

In conclusion, API security is a critical component of modern web application security. While the methods and best practices outlined in this blog, such as authentication and access control, are effective in securing APIs, it is important to note that there are many other strategies and techniques available. It is up to each organization to carefully evaluate their security needs and implement appropriate measures to protect their APIs and the data they contain. Regularly reviewing and updating API security policies and procedures is also crucial in ensuring that they remain effective and relevant in the face of evolving security threats.

What is Script Kit?

How often do you avoid scripting something because it takes too much effort?

Script Kit makes it easy to create and run scripts that solve your daily problems. Create a new script from the prompt then your script opens in the editor of your choice. Write a few lines of JavaScript. Then run the script from the prompt.

Simply put, Script Kit helps you script away the friction of your day. - from scriptkit.com

One of the main advantages of ScriptKit is its ease of use. With its intuitive interface, users can quickly create scripts to automate a wide range of tasks, from simple file management to complex workflows involving multiple steps and integrations.

Some of ScriptKit's key features include:

1. Ease of Use: ScriptKit supports JavaScript and TypeScript. so anyone familiar with basic javascript can start their automation journey with Scriptkit.

2. Task Runner: ScriptKit includes a task runner that allows users to automate common development tasks, like running build commands or deploying code to a remote server. Users can define tasks using a simple syntax, and then run them with a single click.

3. Integration with Popular Tools: ScriptKit integrates with a variety of popular developer tools and services, including GitHub, GitLab, and Slack. This allows users to create custom workflows that leverage these tools to streamline their development process.

4. Sharing and Collaboration: ScriptKit allows users to share their scripts with others, either by exporting them as standalone scripts or by sharing them directly from within the app. This makes it easy for teams to collaborate on scripts and share automation workflows.

5. other key features are mentioned here

One of the best things about ScriptKit is that it's now available on Windows and Linux, in addition to macOS. This means that developers on all three major desktop platforms can take advantage of ScriptKit's powerful automation features and streamline their workflow. And because ScriptKit uses JavaScript and TypeScript, developers can easily port their existing scripts between platforms without having to learn a new language or toolset.

here's Matt Pocock's video on ScriptKit 👇🏼

A small example I tried out to learn more about Scriptkit

This script accepts a git URL, lets you select a folder where to clone that repo, and opens the cloned repo in vs code.

import "@johnlindquist/kit";

const git_url = await arg("enter git url");

cd(await selectFolder());

await $`git clone ${git_url} -q`;
await $`code ${git_url.split("/").at(-1).split(".")[0]}`;

Overall, ScriptKit is a powerful automation tool for developers on all major desktop platforms. With its powerful code editor, task runner, and integration with popular developer tools and services, ScriptKit is a must-have tool for developers looking to boost their productivity and save time.

References

• https://www.scriptkit.com/

• https://www.youtube.com/watch?v=C14MSrJGGBg

• https://github.com/johnlindquist/kit/blob/main/API.md

• https://www.scriptkit.com/blog

Disclaimer

In this post, I'm not adding any machine learning theories or concepts behind the model we're building as I'm on my path to learning more about the Theory behind the Machine learning algorithms. This article is based on my researches for completing a challenge to participate in the AI Bootcamp by the Tinkerhub Foundation. I'm the kind of person who wants to see an initial output to get motivated to learn more. So whenever I start to learn something I'd build and deploy a real-world application initially and then start learning how things work behind the scene, and this is one of such adventures.

Prerequisites

Some experience in building softwares of any kind is recommended, although we're using python as the programming language, deep knowledge in python is not required as you can easily follow if you have any other programming experience.

Let's get started

We're gonna use the Keras API to build and train the image classifier model using the tensorflow library and the dataset used is the popular cifar-10 dataset. As I told you that I've almost zero experience with Machine Learning stuffs I've referred this article for building the model.

Training the model

The code below is used to train the model.

import tensorflow as tf  

# Display the version
print(tf.__version__)    

# other imports
import numpy as np
import matplotlib.pyplot as plt
from tensorflow.keras.layers import Input, Conv2D, Dense, Flatten, Dropout
from tensorflow.keras.layers import GlobalMaxPooling2D, MaxPooling2D
from tensorflow.keras.layers import BatchNormalization
from tensorflow.keras.models import Model
from tensorflow.keras.models import load_model


# Load in the data
cifar10 = tf.keras.datasets.cifar10

# Distribute it to train and test set
(x_train, y_train), (x_test, y_test) = cifar10.load_data()
print(x_train.shape, y_train.shape, x_test.shape, y_test.shape)


# Reduce pixel values
x_train, x_test = x_train / 255.0, x_test / 255.0

# flatten the label values
y_train, y_test = y_train.flatten(), y_test.flatten()


# visualize data by plotting images
fig, ax = plt.subplots(5, 5)
k = 0

for i in range(5):
    for j in range(5):
        ax[i][j].imshow(x_train[k], aspect='auto')
        k += 1

plt.show()


# number of classes
K = len(set(y_train))

# calculate total numer of classes
# for output layer
print("number of classes:", K)

# Build the model using the functional API
# input layer
i = Input(shape=x_train[0].shape)
x = Conv2D(32, (3, 3), activation='relu', padding='same')(i)
x = BatchNormalization()(x)
x = Conv2D(32, (3, 3), activation='relu', padding='same')(x)
x = BatchNormalization()(x)
x = MaxPooling2D((2, 2))(x)

x = Conv2D(64, (3, 3), activation='relu', padding='same')(x)
x = BatchNormalization()(x)
x = Conv2D(64, (3, 3), activation='relu', padding='same')(x)
x = BatchNormalization()(x)
x = MaxPooling2D((2, 2))(x)

x = Conv2D(128, (3, 3), activation='relu', padding='same')(x)
x = BatchNormalization()(x)
x = Conv2D(128, (3, 3), activation='relu', padding='same')(x)
x = BatchNormalization()(x)
x = MaxPooling2D((2, 2))(x)

x = Flatten()(x)
x = Dropout(0.2)(x)

# Hidden layer
x = Dense(1024, activation='relu')(x)
x = Dropout(0.2)(x)

# last hidden layer i.e.. output layer
x = Dense(K, activation='softmax')(x)

model = Model(i, x)

# model description
model.summary()


# Compile
model.compile(optimizer='adam',
              loss='sparse_categorical_crossentropy',
              metrics=['accuracy'])

_epochs = 10

# Fit
r = model.fit(
  x_train, y_train, validation_data=(x_test, y_test), epochs=_epochs)


# Fit with data augmentation
# Note: if you run this AFTER calling
# the previous model.fit()
# it will CONTINUE training where it left off
batch_size = 32
data_generator = tf.keras.preprocessing.image.ImageDataGenerator(
  width_shift_range=0.1, height_shift_range=0.1, horizontal_flip=True)

train_generator = data_generator.flow(x_train, y_train, batch_size)
steps_per_epoch = x_train.shape[0] // batch_size

r = model.fit(train_generator, validation_data=(x_test, y_test),
              steps_per_epoch=steps_per_epoch, epochs=_epochs)


# Plot accuracy per iteration
plt.plot(r.history['accuracy'], label='acc', color='red')
plt.plot(r.history['val_accuracy'], label='val_acc', color='green')
plt.legend()


# label mapping

labels = '''airplane automobile bird cat deer dog frog horse ship truck'''.split()

# select the image from our test dataset
image_number = 0

# display the image
plt.imshow(x_test[image_number])

# load the image in an array
n = np.array(x_test[image_number])

# reshape it
p = n.reshape(1, 32, 32, 3)

# pass in the network for prediction and
# save the predicted label
predicted_label = labels[model.predict(p).argmax()]

# load the original label
original_label = labels[y_test[image_number]]

# display the result
print("Original label is {} and predicted label is {}".format(
    original_label, predicted_label))

  # save the model
model.save('cifar-10.model.h5')

I would prefer using the google colab for the initial experiments, you can easily download the final model (.h5) file from the files section of the colab notebook. the model training may take almost 8 minutes for each iteration. I'm not going for a more detailed explanation of each line of code, you can find them in-depth from the keras/tensorflow documentaions.

Building An API with the trained model

After executing the above code in the google colab notebook, You can download the model from the files section

For creating an API we're using the Flask framework. First, create a new project folder

mkdir ~/image-classifier-demo
cd image-classifier-demo

Then create a new python virtual environment

python3 -m venv demo-env

Now activate your virtual environment

source demo-env/bin/activate

Installing required packages

pip install --upgrade tensorflow-cpu flask flask-cors opencv-python-headless gunicorn

after installing all the packages let's start coding. First, create a file called predict.py to add the image processing and prediction.

from tensorflow.keras.preprocessing.image import img_to_array
from tensorflow.keras.models import load_model
import cv2
import numpy as np


names = '''airplane automobile bird cat deer dog frog horse ship truck'''.split()
model = load_model("models/cifar-10.model.h5.h5")

# Process image and predict label

def processImg(IMG_PATH):
    # Preprocess image
    image = cv2.imread(IMG_PATH)
    image = cv2.resize(image, (32, 32))
    image = image.astype("float") / 255.0
    image = img_to_array(image)
    image = np.expand_dims(image, axis=0)

    res = model.predict(image)

    label = np.argmax(res)
    labelName = names[label]
    print("The image is of ", labelName)
    print("confidence: ", np.max(res))

    ret = dict()
    ret['label'] = labelName
    ret['confidence'] = str(np.max(res))
    return ret

this function predicts the label and the confidence of the given image. to test it out add a test image to the folder and invoke the function with the relative path of the image as given below

processImg('./test-image.jpg')

So this is the major part of the API and now we only need to connect it with an API route. For that, we use the Flask web server. create an app.py file

from flask import Flask, render_template, request, jsonify
from flask_cors import CORS
from predict import processImg

# Initializing flask application
app = Flask(__name__)
cors = CORS(app)

@app.route("/predict", methods=["POST"])
def processReq():
    data = request.files["img"]
    data.save("img.jpg")

    resp = processImg("img.jpg")

    text = "it is a <b>"+resp['label'] + \
        "</b> with confidence <b>"+resp['confidence']+"</b>"

    return text

if __name__ == '__main__':
    app.run()

The above code creates a web server with a post route /predict. You can test the API by uploading an image to the POST API using any API testing tools like postman or insomnia.

🚀 Deploy the API

So we have built the API, now we'll deploy it to the internet with the help of heroku, there are many other platforms to deploy, we are now choosing heroku for simplicity.

create a Procfile with the below command. a proc file is required for heroku to run our code. learn more

web: gunicorn app:app

Now compile all the packages we use to a requirements.txt file

pip freeze > requirements.txt

now we are all set for deployment. create an account on https://www.heroku.com/. then install heroku cli from here
https://devcenter.heroku.com/articles/heroku-cli

login to heroku from command line

heroku login

initialize git

git init 
git add .
git commit -m "Initial Commit"

create a new heroku app

heroku create image-classifier-demo

push our code to the heroku git repo

git push heroku master

Hurraaaay we've deployed our very first Machine learning API to the internet. the remote URL for the API will the provided by the heroku cli upon successful deployment or you can visit the heroku dashboard for API URL.

I've updated the basic API with an HTML form and pushed it to a git repo for reference. The link to the repo is given below

https://github.com/faris-mohamed10/tinkerhub-image-clasifier

Conclusion

Thank you for spending your valuable time reading my article. Since it is my first attempt at writing, there may be some mistakes in the article. Feel free to shoot your suggestions below. Happy coding and wish you all the best.

References

• https://www.geeksforgeeks.org/cifar-10-image-classification-in-tensorflow/

• https://linuxize.com/post/how-to-install-tensorflow-on-ubuntu-20-04/

• https://devcenter.heroku.com/articles/getting-started-with-python