Q1. What is a RESTful API?
***
A RESTful API, or REST API, is a way for computer systems to exchange information over the internet. It's based on the Representational State Transfer (REST) architectural style, which uses standard HTTP methods (like GET, POST, PUT, DELETE) to interact with resources. Essentially, it provides a set of rules for how clients and servers should communicate when accessing and manipulating data.

Q2.  Explain the concept of API specification.
***
An API specification is a formal document that outlines how an API should function and interact with other systems. It acts as a blueprint, defining the structure, data formats, and behavior of the API. This allows developers to understand how to use the API without needing to see the underlying code or implementation details.

Q3. What is Flask, and why is it popular for building APIs?
***
Flask is a lightweight micro web framework in Python, well-suited for building RESTful APIs due to its flexibility and simplicity. Its popularity stems from being easy to learn, maintain, and extend. Flask is often preferred for API development because it provides a streamlined approach to building web applications and APIs without unnecessary overhead.

Q4. What is routing in Flask?
***
In Flask, routing is the process of mapping specific URLs to Python functions. When a user accesses a URL, Flask uses the routing system to determine which function should handle that request. This allows you to build dynamic web applications where different URLs trigger different actions.
Here's how routing works in Flask:
@app.route() Decorator: The primary way to define routes is by using the @app.route() decorator. This decorator is applied to a Python function, associating it with a specific URL pattern.

Q5. How do you create a simple Flask application?
***


In [None]:
from flask import Flask

app = Flask(__name__)

@app.route("/")
def hello_world():
    return "<p>Hello, World!</p>"
if __name__ == "__main__":
    app.run(debug=True)


Q6. What are HTTP methods used in RESTful APIs?
***
Ans. In RESTful APIs, the primary HTTP methods used for interacting with resources are GET, POST, PUT, PATCH, and DELETE. These methods correspond to the CRUD operations of Create, Read, Update, and Delete.

Q7. What is the purpose of the @app.route() decorator in Flask?
***
Ans. The @app.route() decorator in Flask serves the purpose of associating a URL path with a Python function, thereby defining a "route" within a web application. When a user's web browser requests a specific URL, Flask uses these defined routes to determine which Python function should be executed to handle that request and generate a response.

Q8. What is the difference between GET and POST HTTP methods?
***
Ans. HTTP GET method is primarily utilised at the client-side to transmit a request to a particular server to get the data. Through this technique, the server allows us to accept the data and not modify its state. The HTTP Get method is used just for the view purpose, and we cannot make any changes.

HTTP POST Post method is primarily utilised at the client-side to transmit data to a particular server in order to construct certain data. This technique ultimately leads to the creation of new data or revamping an existing one.

Q9. How do you handle errors in Flask APIs?
***
Ans. Error handling in a Flask API primarily involves using Flask's built-in error handling mechanisms and potentially creating custom exception classes for more specific scenarios.
* Using Flask's @app.errorhandler Decorator:
* Raising Werkzeug Exceptions:
* Custom Exception Classes:

Q10. How do you connect Flask to a SQL database?
***
Ans. Flask doesn’t have a built-in way to handle databases, so it relies on SQLAlchemy, a powerful library that makes working with databases easier. SQLAlchemy provides an Object Relational Mapper (ORM),

Q11. What is the role of Flask-SQLAlchemy?
***
Ans. Using raw SQL in Flask web applications to perform CRUD operations on database can be tedious. Instead, SQLAlchemy, a Python toolkit is a powerful OR Mapper that gives application developers the full power and flexibility of SQL. Flask-SQLAlchemy is the Flask extension that adds support for SQLAlchemy to your Flask application.

Q12. What are Flask blueprints, and how are they useful?
***
Ans. Flask blueprints are a way to organize your Flask application into reusable and most importantly maintainable units. With blueprints, you can break your application into smaller, more manageable pieces, making it easier to maintain and scale.

Q13. What is the purpose of Flask's request object?
***
Ans. The request object in Flask serves as a central point of access to the incoming HTTP request data sent by a client to the server. Its primary purpose is to provide a convenient and structured way for developers to interact with various components of an HTTP request within their Flask view functions.
* Accessing Form Data:
* Retrieving Query Parameters:
* Handling File Uploads:
* Inspecting Headers:
* Accessing Cookies:
* Determining HTTP Method:
* Accessing Request Body (e.g., JSON):
* Obtaining Request Context Information:

Q14. How do you create a RESTful API endpoint using Flask?
***
Ans. Creating a RESTful API endpoint using Flask involves defining routes that correspond to specific HTTP methods (GET, POST, PUT, DELETE) for interacting with resources.

In [None]:
#1. Basic Flask Endpoint:
from flask import Flask, jsonify, request

app = Flask(__name__)

items = [
    {"id": 1, "name": "Item A", "description": "This is item A"},
    {"id": 2, "name": "Item B", "description": "This is item B"}
]

@app.route('/items', methods=['GET'])
def get_items():
    return jsonify(items)

@app.route('/items/<int:item_id>', methods=['GET'])
def get_item(item_id):
    item = next((item for item in items if item['id'] == item_id), None)
    if item:
        return jsonify(item)
    return jsonify({"message": "Item not found"}), 404

@app.route('/items', methods=['POST'])
def create_item():
    new_item = request.json
    if not new_item or 'name' not in new_item:
        return jsonify({"message": "Name is required"}), 400

    new_item['id'] = len(items) + 1
    items.append(new_item)
    return jsonify(new_item), 201

if __name__ == '__main__':
    app.run(debug=True)

Q15. What is the purpose of Flask's jsonify() function?
***
Ans. Flask's jsonify() function's primary purpose is to convert Python dictionaries or lists into a JSON (JavaScript Object Notation) response, which is commonly used for data exchange in web applications. It simplifies the process by automatically handling the serialization and setting the appropriate Content-Type header to application/json.

Q16. Explain Flask’s url_for() function?
***
Ans. Flask's url_for() function dynamically builds a URL for a specific view function. Instead of hard-coding URLs in templates or Python code, url_for() generates them based on the name of the view function and any required arguments. This approach offers several benefits:
* Maintainability
* Flexibility
* Automatic Escaping
* Blueprint Support
* Absolute Paths

The url_for() function takes the name of the view function as its first argument. For routes with variable parts, keyword arguments are passed corresponding to those variables.

In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def index():
    return 'Home Page'

@app.route('/user/<username>')
def show_user_profile(username):
    return f'User: {username}'

@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f'Post ID: {post_id}'

with app.test_request_context():
    print(url_for('index'))
    print(url_for('show_user_profile', username='john_doe'))
    print(url_for('show_post', post_id=123))
    print(url_for('show_post', post_id=456, _external=True))

Q17. How does Flask handle static files (CSS, JavaScript, etc.)?
***
Ans. Flask handles static files like CSS, JavaScript, and images by serving them from a designated "static" folder within our application's root directory.

salient features of Flask's static file handling are:
* Dedicated Static Folder.
* url_for() for Linking.

Q18. What is an API specification, and how does it help in building a Flask API?
***
Ans. Key Components of an API Specification:

* Endpoints: URLs for accessing specific resources (e.g., /users, /products/<id>)

* HTTP Methods: Actions supported by each endpoint (e.g., GET, POST, PUT, DELETE)

* Request Parameters: Expected query parameters, path variables, headers, or body data

* Response Format: Structure and type of response data (usually JSON or XML)

* Status Codes: HTTP codes for success, errors, and other outcomes (e.g., 200 OK, 404 Not Found)

* Authentication: How clients prove their identity (e.g., API keys, JWT tokens)


Q19. What are HTTP status codes, and why are they important in a Flask API?
***
Ans. HTTP status codes are three-digit codes that indicate the outcome of an API request. They are included in the API's response to the API client, and they include important information that helps the client know how to proceed.


In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route("/success")
def success():
    return jsonify({"message": "All good!"}), 200

@app.route("/not_found")
def not_found():
    return jsonify({"error": "Resource not found"}), 404

@app.route("/bad_request")
def bad_request():
    return jsonify({"error": "Invalid input"}), 400

Q20. How do you handle POST requests in Flask?
***
Ans. Handling POST requests in Flask involves defining a route that accepts the POST method and then extracting data from the incoming request.
1. Define a Route for POST Requests.

Use the @app.route() decorator and specify methods=['POST'] to indicate that the decorated function should handle POST requests to that URL.


In [None]:
from flask import Flask, request, redirect, url_for

app = Flask(__name__)

@app.route('/submit_form', methods=['POST'])
def handle_form_submission():
    # ... code to handle the POST request ...
    return "Form submitted successfully!"

2. Accessing Form Data:
For form submissions (where the method attribute of the HTML form is "post"), the data is typically sent as form data. Access this data using request.form.

In [None]:
@app.route('/submit_form', methods=['POST'])
def handle_form_submission():
    username = request.form.get('username')  # 'username' is the 'name' attribute of the input field
    password = request.form.get('password')
    # ... process username and password ...
    return f"Welcome, {username}!"

3. Accessing JSON Data:
If the client sends data as JSON in the request body (common for API endpoints), use request.get_json() to parse the JSON data into a Python dictionary.

In [None]:
@app.route('/api/create_user', methods=['POST'])
def create_user():
    user_data = request.get_json()
    if user_data:
        username = user_data.get('username')
        email = user_data.get('email')
        # ... process user_data ...
        return f"User {username} created successfully!"
    return "Invalid data", 400

4. Handling File Uploads:
For file uploads, ensure your HTML form has enctype="multipart/form-data". Access uploaded files using request.files.

In [None]:
@app.route('/upload', methods=['POST'])
def upload_file():
    if 'file' in request.files:
        uploaded_file = request.files['file']
        if uploaded_file.filename != '':
            uploaded_file.save(f'/path/to/save/{uploaded_file.filename}')
            return "File uploaded successfully!"
    return "No file uploaded."

5. Common Practices:
Validation:
Always validate incoming data to ensure it meets your requirements and prevent security vulnerabilities.

Q21. How would you secure a Flask API?
***
Securing a Flask API involves implementing various measures across different layers of your application.
1. Authentication and Authorization:

Token-based Authentication (e.g., JWT):
This is a common and recommended approach for APIs. Users log in, receive a signed JSON Web Token (JWT), and include this token in subsequent requests for authentication. Libraries like Flask-JWT-Extended or PyJWT can facilitate this.

OAuth 2.0:
For more complex scenarios involving third-party applications or delegated access, integrate OAuth 2.0.
Role-Based Access Control (RBAC):
Define roles (e.g., admin, user) and assign specific permissions to each role. Implement authorization checks at the endpoint level to ensure users only access resources they are permitted to. Libraries like Flask-Security-Too can help with user management and role-based access.
2. Data Security:
HTTPS/TLS:
Always use HTTPS to encrypt data in transit, protecting against eavesdropping and man-in-the-middle attacks.
Secure Password Storage:
Never store plain-text passwords. Use strong, one-way cryptographic hashing algorithms (e.g., bcrypt) with a salt for password storage.
Data Encryption at Rest:
If sensitive data is stored in a database or file system, consider encrypting it at rest.
3. Input Validation and Sanitization:
Prevent Injection Attacks:
Validate and sanitize all user input to prevent SQL injection, XSS (Cross-Site Scripting), and other injection vulnerabilities. Use ORMs or parameterized queries for database interactions.
Input Length and Type Checks:
Ensure inputs conform to expected types and lengths to prevent buffer overflows or unexpected behavior.
4. Session Management (if applicable):
Secure Session Cookies: If using Flask sessions, ensure cookies are secure (e.g., HttpOnly, Secure flags) and the SECRET_KEY is strong and kept confidential, preferably loaded from environment variables.
5. Rate Limiting and Throttling:
Prevent Brute-Force Attacks and Abuse: Implement rate limiting to restrict the number of requests a user or IP address can make within a given time frame. Libraries like Flask-Limiter can assist.

Q22. What is the significance of the Flask-RESTful extension?
***
Ans. Flask-RESTful is a Flask extension that simplifies the development of REST APIs. It provides a structured way to handle resources and HTTP methods, making it easier to build and organize APIs using Python and Flask. Essentially, it streamlines the process of creating web services that adhere to REST architectural principles.
1. Structure and Organization
2. Simplified API Development
3. Adherence to RESTful Principles
4. Efficiency and Scalability

Q23. What is the role of Flask’s session object?
***
Ans. In Flask, the session object provides a way to store user-specific data across multiple requests, similar to how cookies work but with added security features. It acts like a dictionary where you can store and retrieve data associated with a particular user's session. Flask uses cryptographically signed cookies to store session data on the user's browser, making it difficult for unauthorized users to tamper with the data.

salient features:
* User-Specific Data
* Persistence Across Requests
* Secure Storage
* Dictionary-Like Interface

In [None]:
    from flask import Flask, session

    app = Flask(__name__)
    app.secret_key = 'your_secret_key'  # Set a secret key for signing cookies

    @app.route('/set_session/<name>')
    def set_session(name):
        session['name'] = name
        return f'Session variable set to {name}'

    @app.route('/get_session')
    def get_session():
        if 'name' in session:
            name = session['name']
            return f'Hello {name}!'
        else:
            return 'Session variable not found'

# Practical
***



Q1. How do you create a basic Flask application?
***
Ans.

In [None]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def hello():
    return "Hello, World!"

if __name__ == '__main__':
    app.run(debug=True)

Q2. How do you serve static files like images or CSS in Flask?
***
Ans.




In [None]:
from flask import Flask, render_template
app = Flask(__name__)

@app.route("/")
def index():
   return render_template("index.html")

if __name__ == '__main__':
   app.run(debug = True)



<html>
   <head>
      <script type = "text/javascript"
         src = "{{ url_for('static', filename = 'hello.js') }}" ></script>
   </head>
   
   <body>
      <input type = "button" onclick = "sayHello()" value = "Say Hello" />
   </body>
</html>


In [None]:
function sayHello() {
   alert("Hello World")
}

Q3. How do you define different routes with different HTTP methods in Flask?
***
Ans. In Flask, you define routes using the @app.route() decorator and can specify which HTTP methods (like GET, POST, PUT, DELETE) a route should accept.

In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/user', methods=['GET', 'POST'])
def user():
    if request.method == 'GET':
        return jsonify({"message": "You sent a GET request"})
    elif request.method == 'POST':
        data = request.json
        return jsonify({"message": "POST received", "data": data}), 201

if __name__ == '__main__':
    app.run(debug=True)

Q4.  How do you render HTML templates in Flask?
***
Ans. Rendering HTML templates in Flask is done using the render_template() function and placing your HTML files in a special folder named templates/.

1. Project Structure
your_project/
│
├── app.py
├── templates/
│   └── home.html


In [None]:
!pip install flask-ngrok
from flask import Flask, render_template_string
from flask_ngrok import run_with_ngrok

app = Flask(__name__)
run_with_ngrok(app)  # Starts ngrok tunnel

# Define a simple HTML template as a string
html_template = """
<!DOCTYPE html>
<html>
<head>
    <title>Flask on Colab</title>
</head>
<body>
    <h1>Hello, {{ name }}!</h1>
</body>
</html>
"""

@app.route('/')
def home():
    return render_template_string(html_template, name="Colab User")

app.run()

Q5. How can you generate URLs for routes in Flask using url_for?
***
In Flask, the url_for() function is used to dynamically generate URLs for your routes. This is much better than hardcoding URLs because it's flexible, maintainable, and works even if you change route paths later.


In [None]:
!pip install flask-ngrok
from flask import Flask
from flask_ngrok import run_with_ngrok

app = Flask(__name__)
run_with_ngrok(app)  # Automatically starts ngrok when app.run() is called

@app.route('/')
def hello():
    return "Hello from Flask in Google Colab!"

app.run()




Q6. How do you handle forms in Flask?
***


```
#CSS
my_project/
├── app.py
└── templates/
    └── form.html

```


```
#html
<!DOCTYPE html>
<html>
<head>
    <title>Flask Form</title>
</head>
<body>
    <h2>Enter your name</h2>
    <form method="POST">
        <input type="text" name="username" placeholder="Your name">
        <input type="submit" value="Submit">
    </form>
</body>
</html>

```





In [None]:
from flask import Flask, render_template, request

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def index():
    if request.method == 'POST':
        username = request.form['username']
        return f"<h1>Hello, {username}!</h1>"
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)


Q7. How can you validate form data in Flask?

---



In [None]:
from flask import Flask, request, render_template_string

app = Flask(__name__)

form_html = '''
<form method="POST">
  Name: <input type="text" name="name"><br>
  <input type="submit" value="Submit">
</form>
'''

@app.route('/', methods=['GET', 'POST'])
def form():
    error = None
    if request.method == 'POST':
        name = request.form.get('name')
        if not name:
            error = "Name is required."
        else:
            return f"<h1>Hello, {name}!</h1>"
    return render_template_string(form_html + ('<p style="color:red;">' + error + '</p>' if error else ''))

if __name__ == '__main__':
    app.run(debug=True)


Q8. How do you manage sessions in Flask?
***

In [None]:
#Import & Configure
from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'your_secret_key'  # Required to use sessions


In [None]:
#2. Store Data in a Session
@app.route('/login', methods=['POST'])
def login():
    username = request.form['username']
    session['username'] = username  # Store user info in session
    return redirect(url_for('profile'))

In [None]:
#3. Access Session Data
@app.route('/profile')
def profile():
    if 'username' in session:
        return f"Logged in as {session['username']}"
    return redirect(url_for('login_form'))

In [None]:
#4. Remove Data from Session (Logout)
@app.route('/logout')
def logout():
    session.pop('username', None)  # Safely remove data
    return "Logged out"

Q9. How do you redirect to a different route in Flask?
***

In [None]:
from flask import Flask, redirect, url_for
app = Flask(__name__)
@app.route('/')
def home():
    return 'Home Page'
@app.route('/login')
def login():
    return redirect(url_for('home'))

Q10. How do you handle errors in Flask (e.g., 404)?
***

In [None]:
#Handle 404 Not Found
from flask import Flask, render_template
app = Flask(__name__)
@app.errorhandler(404)
def not_found_error(error):
    return render_template("404.html"), 404


In [None]:
# Handle Other Errors (500, 403, etc.)
@app.errorhandler(500)
def internal_error(error):
    return "Internal server error occurred.", 500

@app.errorhandler(403)
def forbidden_error(error):
    return "Access forbidden.", 403

Q11. How do you structure a Flask app using Blueprints?
***

In [None]:
 #Define Blueprint Routes
 from flask import Blueprint, render_template

home_bp = Blueprint('home', __name__, template_folder='../templates')

@home_bp.route('/')
def home():
    return render_template('home.html', name='Blueprint World')

In [None]:
 #Main App File
 from flask import Flask
from home.routes import home_bp

app = Flask(__name__)
app.register_blueprint(home_bp)

if __name__ == '__main__':
    app.run(debug=True)



```
#Template Example
<!DOCTYPE html>
<html>
<head><title>Home</title></head>
<body>
    <h1>Hello, {{ name }}!</h1>
</body>
</html>

```



Q12. How do you define a custom Jinja filter in Flask?
***

In [None]:
#Define the Filter Function
from flask import Flask

app = Flask(__name__)
def reverse_string(s):
    return s[::-1]
app.jinja_env.filters['reverse'] = reverse_string

Q13. How can you redirect with query parameters in Flask?
***

In [None]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('greet', name='Alice', age=25))

@app.route('/greet')
def greet():
    name = request.args.get('name')
    age = request.args.get('age')
    return f"Hello {name}, you are {age} years old."

Q14. How do you return JSON responses in Flask?
***
```
{
  "name": "Flask",
  "version": 2.0,
  "status": "active"
}
```

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {
        "name": "Flask",
        "version": 2.0,
        "status": "active"
    }
    return jsonify(data)


Q15. How do you capture URL parameters in Flask?
***

In [None]:
from flask import Flask
app = Flask(__name__)
@app.route('/user/<username>')
def show_user(username):
    return f"Hello, {username}!"