# Theory Questions

1.

  - A RESTful API (Representational State Transfer Application Programming Interface) is a type of web API that follows the principles and constraints of REST architecture. It's used for building scalable and easily maintainable web services that allow communication between clients (like browsers or mobile apps) and servers over HTTP.

2.

  - Key Concepts of RESTful APIs

    * Stateless: Each request from the client to the server must contain all the information needed to understand and process the request.
    * Resource-Based: Everything is treated as a resource, such as a user, a blog post, or a product. Resources are identified by URIs (Uniform Resource Identifiers)
    * SON (or XML): Data is typically exchanged in JSON format, though XML can also be used.

3.

  - Flask is a lightweight, Python-based web framework used for building web applications and APIs. It’s especially popular for creating RESTful APIs due to its simplicity, flexibility, and ease of use.

  Here are the key reasons
    * Simplicity & Minimalism
    *  Python-Based
    *  Routing Made Easy

4.

  - Routing in Flask refers to the mechanism that associates specific URLs (web addresses) with functions in your code. These functions are known as view functions, and they define what should happen when a user visits a particular URL or sends a request to your API.

In short: Routing tells Flask what code to run when a certain URL is accessed.

5.

  - Here's a step-by-step guide to help you get started.
    * Step 1: Install Flask
    * Step 2: Create the Flask App
    * Step 3: Run the Application
    * Step 4: Add More Routes
    * folder Structure for Small Apps

6.

  - Common HTTP Methods in RESTful APIs

    * GET /users
    * GET /users/1
    * POST /users
    * PUT /users/1
    * PATCH /users/1
    * DELETE /users/1


7.

  - The @app.route() decorator in Flask is used to bind a URL path to a specific function, called a view function. This tells Flask what function to run when a user accesses a specific URL.

    * It defines a route (a URL endpoint).
    * It associates that route with a Python function.
    * It specifies which HTTP methods are allowed for that route (optional).


8.

  - The main difference between GET and POST HTTP methods lies in how data is sent to the server and what the request is intended to do.
           GET - Retrieve data (Read)
                 Sent in the URL query string
                 Visible in the URL
                 Can be cached

          POST - Send data (Create)
                 Sent in the request body
                 Hidden from the URL
                 Not cached by default

9.

  - Flask gives you several tools to handle errors gracefully.
     * Using abort() to Trigger HTTP Errors
     * Custom Error Handlers with @app.errorhandler
     * Handling Exceptions
     * Using Flask Extensions for Validation (Optional)
     
10.

   - Steps to Connect Flask to a SQL Database
     * Install Flask-SQLAlchemy
     * Set Up a Flask App with SQLAlchemy
     * Add, Query, and Modify Records
     * Use Other SQL Databases

11.

   - Role of Flask-SQLAlchemy
     * Integration with Flask
     * Simplified Configuration
     * ORM (Object-Relational Mapping)
     * Session Management
     * Helper Methods and Convenience

12.

   - Flask Blueprints are a way to organize and structure your Flask application by grouping related routes, templates, static files, and other code into reusable modules.

   Why Use Blueprints?
     * Better Organization
     * Reusability
     * Collaboration
     * Scalability

13.

   - Purpose of Flask's request Object
     * Access client data sent to the server.
     * Extract request details like method (GET, POST), URL, headers.
     * Read input from forms, JSON payloads, or query strings.
     * Handle file uploads.
     * Manage cookies and session data (in combination with other Flask tools).

14.

   - Step-by-step: Create a RESTful API Endpoint in Flask
     * Install Flask if you haven’t already
     * Create a Python file (app.py) and write this code
     
15.

   - Purpose of jsonify()
     * Serialize Python data to JSON automatically.
     * Set the correct Content-Type: application/json header in the HTTP response.
     * Make it easy to return JSON data from your Flask routes, which is essential for building APIs.

16.

   - Flask’s url_for() function is a handy utility to generate URLs for your routes by using the endpoint (function) name instead of hardcoding URLs.
   

     Purpose of url_for()
       * Build URLs dynamically based on your route function names.
       * Avoid hardcoding URLs in your templates or Python code.
       * Automatically handle URL changes, making your app more maintainable.

17.

   - How Flask Handles Static Files
       * By default, Flask looks for a folder named static in your project directory.
       * Files placed in the static folder are served automatically at the URL path /static/.

18.

   - An API specification is a formal, structured document or standard that defines how an API behaves, what endpoints it exposes, what requests it accepts, and what responses it returns. It acts like a blueprint or contract between the API provider and the consumers (developers or applications).

     
      How an API Specification Helps in Building a Flask API
        * Clear Contract
        * Consistency
        * Documentation
        * Validation
        * Faster Development
        * Tooling Support

19.

   - HTTP status codes are standardized numeric codes returned by a server in response to a client’s HTTP request. They indicate whether the request was successful, if there was an error, or if further action is needed.


      Why Are They Important in a Flask API
       * Communicate Result Clearly
       * Standardized Meaning
       * Control Flow
       * Debugging & Monitoring
       * RESTful Best Practice

20.
   - Step-by-step: Handling POST Requests in Flask,Define a route that accepts POST requests
        * methods=['POST'] tells Flask this route accepts POST requests.
        * request.get_json() parses JSON payload sent by the client.
        * Alternatively, use request.form for form-encoded data.
        * Respond with JSON and an appropriate HTTP status.

21.

   -Securing a Flask API is crucial to protect your data and services from unauthorized access and attacks. Here are some key strategies and best practices to secure your Flask API:
        * Use Authentication & Authorization
        * Use HTTPS
        * Input Validation and Sanitization
        * Rate Limiting
        * Secure Error Handling
        * Use Secure Headers
        * Protect Against Cross-Site Request Forgery (CSRF)
        * Keep Dependencies Up-to-date
        * Limit Exposure

22.

   - Significance of Flask-RESTful
        * Resource-based Routing
        * Request Parsing & Validation
        * Automatic Response Formatting
        * Error Handling
        * Cleaner Code Organization

23.

   - Flask’s session object plays a key role in storing data on a per-user basis across multiple requests, allowing you to maintain user-specific information (like login status or preferences) during their interaction with your web app or API.

   

# Practical Questions

In [None]:
#1

from flask import Flask

app = Flask(__name__)

@app.route('/')
def hello():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#2

#Project Structure

 your_project/
├── app.py
├── static/
│   ├── style.css
│   └── logo.png
└── templates/
    └── index.html

#Code

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)

#templates/index.html
<!DOCTYPE html>
<html>
<head>
    <title>Static Files Example</title>
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
    <h1>Welcome to Flask Static Files</h1>
    <img src="{{ url_for('static', filename='logo.png') }}" alt="Logo">
</body>
</html>
#static/style.css
body {
    background-color: #f0f0f0;
    font-family: Arial, sans-serif;
}

h1 {
    color: #333;
}


In [None]:
#3
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/items', methods=['GET', 'POST'])
def items():
    if request.method == 'GET':
        # Handle GET request: return list of items
        return jsonify({"items": ["item1", "item2", "item3"]})

    if request.method == 'POST':
        # Handle POST request: create a new item
        data = request.get_json()
        item_name = data.get('name')
        # Here, you would normally save the item
        return jsonify({"message": f"Item '{item_name}' created"}), 201

@app.route('/items/<int:item_id>', methods=['GET', 'PUT', 'DELETE'])
def item_detail(item_id):
    if request.method == 'GET':
        return jsonify({"item": f"item {item_id}"})

    if request.method == 'PUT':
        data = request.get_json()
        # Update item logic here
        return jsonify({"message": f"Item {item_id} updated"})

    if request.method == 'DELETE':
        # Delete item logic here
        return jsonify({"message": f"Item {item_id} deleted"})

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#4
#Project structure:
your_project/
├── app.py
└── templates/
    └── hello.html

#Code
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('hello.html', name='Alice')

if __name__ == '__main__':
    app.run(debug=True)
#templates/hello.html
<!DOCTYPE html>
<html>
<head>
    <title>Hello Page</title>
</head>
<body>
    <h1>Hello, {{ name }}!</h1>
</body>
</html>


In [None]:
#5

from flask import Flask, url_for, redirect

app = Flask(__name__)

@app.route('/')
def home():
    # Generate URL for 'profile' endpoint with username argument
    profile_url = url_for('profile', username='alice')
    return f"Go to profile page: <a href='{profile_url}'>Alice's Profile</a>"

@app.route('/user/<username>')
def profile(username):
    return f"Welcome to {username}'s profile!"

@app.route('/redirect-to-profile')
def redirect_to_profile():
    # Redirect to profile page using url_for
    return redirect(url_for('profile', username='bob'))

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#6

#Basic Flask Form Handling (without Flask-WTF)
#📁 app.py
from flask import Flask, render_template, request

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('form.html')

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')
    email = request.form.get('email')
    return f"Name: {name}, Email: {email}"

if __name__ == '__main__':
    app.run(debug=True)
#📁 templates/form.html
<!DOCTYPE html>
<html>
<head>
    <title>Basic Form</title>
</head>
<body>
    <h2>Enter your details</h2>
    <form method="POST" action="/submit">
        <label>Name: <input type="text" name="name"></label><br><br>
        <label>Email: <input type="email" name="email"></label><br><br>
        <input type="submit" value="Submit">
    </form>
</body>
</html>


In [None]:
#7

#📁 app.py
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def index():
    error = None
    if request.method == 'POST':
        name  = request.form.get('name', '').strip()
        email = request.form.get('email', '').strip()

        # Basic validation logic
        if not name or not email:
            error = "Both name and email are required."
        elif '@' not in email or '.' not in email.split('@')[-1]:
            error = "Please enter a valid email address."
        else:
            # Successful submission
            return f"Hello, {name}! We’ll reach you at {email}."

    return render_template('form.html', error=error)

if __name__ == '__main__':
    app.run(debug=True)
#📁 templates/form.html
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>Manual Validation</title>
</head>
<body>
  <h2>Enter your details</h2>
  <form method="POST" action="/">
    <label>Name:
      <input type="text" name="name" value="{{ request.form.name }}">
    </label><br><br>

    <label>Email:
      <input type="email" name="email" value="{{ request.form.email }}">
    </label><br><br>

    <input type="submit" value="Submit">
  </form>

  {% if error %}
    <p style="color: red;">{{ error }}</p>
  {% endif %}
</body>
</html>


In [None]:
#8

#📁 app.py
from flask import Flask, session, redirect, url_for, request, render_template

app = Flask(__name__)
app.secret_key = 'super_secret_key'  # Needed for session encryption

@app.route('/')
def home():
    username = session.get('username')
    if username:
        return f"Welcome back, {username}! <a href='/logout'>Logout</a>"
    return "<a href='/login'>Login</a>"

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']
        return redirect(url_for('home'))
    return '''
        <form method="POST">
            <input type="text" name="username" placeholder="Enter username">
            <input type="submit" value="Login">
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None)  # Remove user from session
    return redirect(url_for('home'))

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#9

#📁 app.py
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return '<h2>Home Page</h2><a href="/go">Go to Dashboard</a>'

@app.route('/go')
def go():
    return redirect(url_for('dashboard'))  # Redirect to /dashboard

@app.route('/dashboard')
def dashboard():
    return '<h2>Welcome to the Dashboard!</h2>'

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#10

#📁 app.py
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return '<h2>Home Page</h2>'

@app.route('/trigger-error')
def trigger_error():
    # Simulate a 500 error
    raise Exception("Something went wrong!")

# Custom 404 Not Found handler
@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html'), 404

# Custom 500 Internal Server Error handler
@app.errorhandler(500)
def internal_server_error(e):
    return render_template('500.html'), 500

if __name__ == '__main__':
    app.run(debug=True)
#📁 templates/404.html
<!DOCTYPE html>
<html>
<head><title>Page Not Found</title></head>
<body>
  <h1>404 - Page Not Found</h1>
  <p>The page you're looking for doesn't exist.</p>
  <a href="/">Go to Home</a>
</body>
</html>


In [None]:
#11


my_flask_app/
├── app.py
├── config.py
├── extensions.py
├── blueprints/
│   ├── __init__.py
│   ├── main/
│   │   ├── __init__.py
│   │   ├── routes.py
│   │   └── templates/
│   │       └── main/
│   │           └── home.html
│   └── auth/
│       ├── __init__.py
│       ├── routes.py
│       └── templates/
│           └── auth/
│               ├── login.html
│               └── register.html
└── templates/
    └── base.html


In [None]:
#12

#📁 app.py
from flask import Flask, render_template

app = Flask(__name__)

# Custom Jinja filter to reverse strings
@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

@app.route('/')
def index():
    name = "FlaskUser"
    return render_template('index.html', name=name)

if __name__ == '__main__':
    app.run(debug=True)

#📁 templates/index.html
<!DOCTYPE html>
<html>
<head><title>Custom Filter Example</title></head>
<body>
  <h1>Original: {{ name }}</h1>
  <h2>Reversed: {{ name | reverse }}</h2>
</body>
</html>


In [None]:
#13

#📁 app.py
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return '''
        <form action="/start">
            <input type="text" name="username" placeholder="Enter your name">
            <input type="submit" value="Go">
        </form>
    '''

@app.route('/start')
def start():
    username = request.args.get('username')
    # Redirect to /greet with query param
    return redirect(url_for('greet', user=username))

@app.route('/greet')
def greet():
    user = request.args.get('user', 'Guest')
    return f"<h2>Hello, {user}!</h2>"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#14

from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/user')
def get_user():
    user_data = {
        "id": 123,
        "name": "Alice",
        "email": "alice@example.com"
    }
    return jsonify(user_data)

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#15

from flask import Flask

app = Flask(__name__)

# Capture a string parameter called 'username'
@app.route('/user/<username>')
def show_user(username):
    return f"Hello, {username}!"

# Capture an integer parameter called 'post_id'
@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f"Post ID: {post_id}"

if __name__ == '__main__':
    app.run(debug=True)
