#Restful API & Flask

1.  What is a RESTful API ?
 - A RESTful API (Representational State Transfer API) is a web service that follows REST principles, using standard HTTP methods (GET, POST, PUT, DELETE) to interact with resources, typically represented in JSON or XML format. It is stateless, meaning each request contains all necessary information.

2. Explain the concept of API specification .
 - An API specification is a detailed document that defines how an API works. It outlines the endpoints, methods, request/response formats, parameters, and authentication rules, serving as a blueprint for developers to understand and use the API correctly.

3. What is Flask, and why is it popular for building APIs ?
 - Flask is a lightweight Python web framework used for building web applications and APIs. It is popular for APIs because it is simple, flexible, and easy to use, offering minimal boilerplate and allowing developers to add only the necessary components. Its extensibility and support for RESTful routing make it ideal for API development.

4. What is routing in Flask ?
 - Routing in Flask is the process of mapping URLs to specific functions (view functions) in the application. It defines how the app responds to client requests for different endpoints. Routes are created using the @app.route() decorator.

5. How do you create a simple Flask application ?
 - To create a simple Flask application, follow these steps:
# 1. Install Flask:  






In [None]:
pip install flask


# 2. Create a Python file (e.g., app.py) with the following code:

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


# 3. Run the application:



In [None]:
python app.py


# 4. Access the app in your browser at:




In [None]:
http://127.0.0.1:5000


6. What are HTTP methods used in RESTful APIs ?
- The common **HTTP methods** used in RESTful APIs are:

1. **GET:** Retrieves data from the server.  
2. **POST:** Sends new data to the server.  
3. **PUT:** Updates existing data or creates it if it doesn’t exist.  
4. **PATCH:** Partially updates existing data.  
5. **DELETE:** Removes data from the server.



7. What is the purpose of the @app.route() decorator in Flask ?
  - The @app.route() decorator in Flask is used to define a route for a specific URL endpoint. It binds a view function to the URL, specifying what the app should do when that endpoint is accessed.
8. What is the difference between GET and POST HTTP methods ?
  -  ​In HTTP, GET and POST are two fundamental request methods, each serving distinct purposes:
    -   GET: Used to retrieve data from a server. Parameters are appended to the URL, making them visible in the browser's address bar. GET requests can be cached, bookmarked, and remain in the browser history. They are typically employed for actions that do not modify server data.
    - POST: Used to submit data to a server for processing, such as form submissions. Data is included in the request body, not the URL, enhancing security for sensitive information. POST requests are not cached, cannot be bookmarked, and do not remain in the browser history. They are suitable for actions that may change server data.
9. How do you handle errors in Flask APIs ?
  - ​Effective error handling in Flask APIs is essential for creating robust and user-friendly applications. Here are some strategies to manage errors gracefully:​  
     - Using the @app.errorhandler Decorator: This decorator allows you to define custom responses for specific HTTP error codes. For example, to handle a 404 (Not Found) error:
        ​


In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def not_found(error):
    return jsonify(error="Resource not found"), 404


This approach ensures that when a 404 error occurs, the API returns a JSON response with a relevant message and status code.

2. Raising HTTP Exceptions with abort(): The abort() function can be used to trigger an HTTP error response manually. For instance, to return a 400 (Bad Request) error when a condition isn't met:




In [None]:
from flask import Flask, abort

app = Flask(__name__)

@app.route('/example')
def example():
    if some_condition:
        abort(400, description="Invalid request parameters")
    return 'Success'


This method is useful for validating input and immediately responding with an appropriate error when necessary.

3. Creating Custom Exception Classes: For more granular control, you can define custom exception classes and register corresponding error handlers.

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

class InvalidUsage(Exception):
    status_code = 400

    def __init__(self, message, status_code=None):
        super().__init__()
        self.message = message
        if status_code is not None:
            self.status_code = status_code

    def to_dict(self):
        return {"error": self.message}

@app.errorhandler(InvalidUsage)
def handle_invalid_usage(error):
    response = jsonify(error.to_dict())
    response.status_code = error.status_code
    return response

@app.route('/custom')
def custom_error():
    raise InvalidUsage("This is a custom error message", status_code=410)


This setup allows you to raise InvalidUsage exceptions within your routes, and Flask will handle them using the specified error handler.

4. Logging Errors: Implementing logging is crucial for monitoring and debugging purposes. Flask’s app.logger can be configured to log errors:

In [None]:
import logging
from flask import Flask

app = Flask(__name__)

handler = logging.FileHandler('error.log')
handler.setLevel(logging.ERROR)
app.logger.addHandler(handler)

@app.errorhandler(500)
def internal_error(error):
    app.logger.error(f"Server Error: {error}")
    return "Internal server error", 500


This configuration logs error messages to a file, aiding in diagnosing issues post-occurrence.

5. Handling Errors in Asynchronous Code: When dealing with asynchronous operations, ensure that exceptions are caught and handled appropriately within the asynchronous context to prevent unhandled exceptions from causing application crashes.

10.  How do you connect Flask to a SQL database ?
  - ​To connect a Flask application to a SQL database, you can use the Flask-SQLAlchemy extension, which integrates SQLAlchemy—a powerful SQL toolkit and Object-Relational Mapping (ORM) library—with Flask. Here's how to set it up:​
     -  1. Install Flask-SQLAlchemy:
      -  Begin by installing the Flask-SQLAlchemy extension using pip:

In [None]:
pip install Flask-SQLAlchemy


2. Configure the Flask Application:
  - In your Flask application file (e.g., app.py), import the necessary modules and configure the database URI. The SQLALCHEMY_DATABASE_URI specifies the database connection string. For example, to connect to a SQLite database:



In [None]:
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
import os

app = Flask(__name__)
basedir = os.path.abspath(os.path.dirname(__file__))
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' + os.path.join(basedir, 'app.db')
db = SQLAlchemy(app)


For other databases like MySQL or PostgreSQL, the connection string will differ. For instance, for MySQL:

In [None]:
app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql+pymysql://username:password@localhost/db_name'


Ensure you have the appropriate database driver installed, such as pymysql for MySQL.

3. Define Models:
- Create Python classes that represent your database tables by subclassing db.Model. Each class attribute corresponds to a column in the table:

In [None]:
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(80), unique=True, nullable=False)
    email = db.Column(db.String(120), unique=True, nullable=False)

    def __repr__(self):
        return f'<User {self.username}>'


4. Initialize the Database:
- Before running the application, create the database and tables. Use the db.create_all() method within the application context:

In [None]:
with app.app_context():
    db.create_all()


This ensures that all tables defined by your models are created in the database.

5. Use the Database in Views:
- You can now interact with the database within your route functions. For example, to add a new user:

In [None]:
@app.route('/add_user')
def add_user():
    new_user = User(username='newuser', email='newuser@example.com')
    db.session.add(new_user)
    db.session.commit()
    return 'User added!'


This code creates a new User instance, adds it to the session, and commits the session to save the user to the database.



11.  What is the role of Flask-SQLAlchemy ?
  - Flask-SQLAlchemy is an extension for Flask that integrates SQLAlchemy, a SQL toolkit and ORM (Object Relational Mapper), making it easier to work with databases in Flask applications.

   Role:
   - Simplifies database operations by mapping Python classes to database tables.
   - Provides an abstraction layer to interact with the database using Python objects instead of raw SQL queries.

#Example:



In [None]:
from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///test.db'  # Database URL
db = SQLAlchemy(app)

# Define model
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100), nullable=False)

# Create tables
with app.app_context():
    db.create_all()

# Add and query data
new_user = User(name="Alice")
db.session.add(new_user)
db.session.commit()

# Query
users = User.query.all()
print(users)


 This creates a SQLite database, defines a User table, and performs basic CRUD operations.

12.  What are Flask blueprints, and how are they useful ?
  - Flask Blueprints are a way to organize a Flask application into smaller, modular components. They help structure large applications by grouping related views, templates, and static files together, promoting better code organization and reusability.

  Usefulness:
  - Makes the app modular and easier to manage.
  - Allows you to register multiple blueprints, each with its own routes and handlers
  - Helps avoid a single, massive app.py file.
#Example:  
Folder structure:



In [None]:
/app
 ├── main.py
 ├── home/
 │      ├── __init__.py
 │      ├── routes.py
 └── templates/


home/routes.py

In [None]:
from flask import Blueprint, render_template

home_bp = Blueprint('home', __name__, template_folder='templates')

@home_bp.route('/')
def home():
    return "Welcome to Home Page!"


main.py

In [None]:
from flask import Flask
from home.routes import home_bp

app = Flask(__name__)

# Register the blueprint
app.register_blueprint(home_bp, url_prefix='/home')

if __name__ == '__main__':
    app.run(debug=True)


 This creates a modular structure where the /home route is handled by the home blueprint.

13. What is the purpose of Flask's request object ?
  - Flask's request object is used to access data sent by the client to the server. It provides information about the HTTP request, including form data, query parameters, headers, cookies, and files.

  Purpose:
  - Retrieve GET/POST data.
  - Access URL parameters and headers.
  - Handle file uploads.
#Example:

In [None]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/data', methods=['GET', 'POST'])
def handle_data():
    if request.method == 'GET':
        name = request.args.get('name')  # Query param (?name=Alice)
        return f'Hello, {name}'

    if request.method == 'POST':
        data = request.form['data']  # Form data
        return f'Received: {data}'

if __name__ == '__main__':
    app.run(debug=True)


14.  How do you create a RESTful API endpoint using Flask ?
   - Creating a RESTful API endpoint in Flask involves defining routes that handle HTTP methods like GET, POST, PUT, and DELETE to interact with data.

    Steps:
    - Use Flask to define the API.
    - Define routes for different HTTP methods.
    - Use jsonify() to return JSON responses.
#Example:

In [None]:
from flask import Flask, jsonify, request

app = Flask(__name__)

# Sample data
users = [
    {'id': 1, 'name': 'Alice'},
    {'id': 2, 'name': 'Bob'}
]

# GET all users
@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

# POST (add new user)
@app.route('/users', methods=['POST'])
def add_user():
    data = request.get_json()
    new_user = {'id': len(users) + 1, 'name': data['name']}
    users.append(new_user)
    return jsonify(new_user), 201

# GET single user by ID
@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    user = next((u for u in users if u['id'] == user_id), None)
    return jsonify(user) if user else ('User not found', 404)

if __name__ == '__main__':
    app.run(debug=True)


#This example:
- Defines GET and POST routes.
- Uses jsonify() to return JSON responses.
- Retrieves a single user by ID with route parameters.

15.  What is the purpose of Flask's jsonify() function ?
  - Flask's jsonify() function converts Python dictionaries, lists, or tuples into JSON-formatted responses. It automatically sets the Content-Type header to application/json, making it easier to return JSON data from your Flask routes.

  Purpose:
  - Converts Python data into JSON format.
  - Automatically handles serialization and sets the correct headers.
  - Simplifies returning JSON responses in Flask APIs.
# Example:  

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/user')
def get_user():
    user = {'id': 1, 'name': 'Alice', 'email': 'alice@example.com'}
    return jsonify(user)

if __name__ == '__main__':
    app.run(debug=True)


This returns the response as:

In [None]:
{
    "id": 1,
    "name": "Alice",
    "email": "alice@example.com"
}


jsonify() ensures the response is properly formatted as JSON with the correct content type.

16. Explain Flask’s url_for() function .
  - Flask’s url_for() function dynamically generates URLs for Flask routes using the function name instead of hardcoding URLs. This makes the app more maintainable and flexible.

  Purpose:
  - Dynamically generates URLs based on route function names.
  - Helps avoid hardcoded URLs, making code scalable.
  - Supports query parameters and URL variables.
#Example:

In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/profile/<username>')
def profile(username):
    return f"User: {username}"

with app.test_request_context():
    print(url_for('profile', username='Alice'))  # Outputs: /profile/Alice


- url_for('profile', username='Alice') generates "/profile/Alice" instead of manually writing the URL.


17.  How does Flask handle static files (CSS, JavaScript, etc.) ?
  - Flask handles static files (CSS, JavaScript, images, etc.) by placing them in a static/ folder. Flask automatically serves files from this directory.

  Purpose:
  - Provides a default route (/static/) to access static files.
  - Use url_for('static', filename='...') to reference them dynamically.

Folder structure:  

In [None]:
/app
 ├── app.py
 ├── static/
 │      ├── style.css
 │      └── script.js
 └── templates/


# Example:
app.py:

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


templates/index.html:

In [None]:
<!DOCTYPE html>
<html lang="en">
<head>
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
    <h1>Hello, Flask!</h1>
    <script src="{{ url_for('static', filename='script.js') }}"></script>
</body>
</html>


- Flask automatically serves the static files from the /static/ folder, making it easy to include CSS and JavaScript.

18.  What is an API specification, and how does it help in building a Flask API ?
  - An API specification is a detailed document or standard that defines how an API behaves, including its endpoints, request/response formats, parameters, and authentication methods.

Purpose:
- Acts as a blueprint for building and consuming APIs.
- Ensures consistency and standardization.
- Helps developers understand how to interact with the API.
- Can be used to auto-generate documentation.

#Example:
Using OpenAPI (Swagger) specification with Flask:

1️⃣ Install Flask-RESTful and Flask-Swagger:

In [None]:
pip install flask-restful flask-swagger


2️⃣ Flask API with Swagger:

In [None]:
from flask import Flask, jsonify
from flask_restful import Api, Resource
from flask_swagger import swagger

app = Flask(__name__)
api = Api(app)

class HelloWorld(Resource):
    def get(self):
        """Returns a simple greeting message."""
        return jsonify({'message': 'Hello, World!'})

api.add_resource(HelloWorld, '/')

@app.route('/spec')
def spec():
    return jsonify(swagger(app))

if __name__ == '__main__':
    app.run(debug=True)


/spec endpoint generates the API specification in OpenAPI format, which can be used to create documentation with tools like Swagger UI.

19. What are HTTP status codes, and why are they important in a Flask API ?
- HTTP status codes are standardized responses that indicate the outcome of an HTTP request. They are essential in Flask APIs to:

  -  Inform clients whether the request was successful, failed, or needs further action.
  - Help in error handling and debugging.
  - Improve API clarity and consistency.

Common HTTP status codes:

  - 200 OK → Successful request.

  - 201 Created → New resource created.

  - 400 Bad Request → Invalid input.

  - 404 Not Found → Resource not found.

  - 500 Internal Server Error → Server issue.

#Example in Flask:  


In [None]:
from flask import Flask, jsonify, request

app = Flask(__name__)

@app.route('/data', methods=['GET'])
def get_data():
    param = request.args.get('param')

    if not param:
        return jsonify({'error': 'Missing param'}), 400  # Bad Request

    data = {'param': param}
    return jsonify(data), 200  # OK

if __name__ == '__main__':
    app.run(debug=True)


#This example:

- Returns 400 if the query parameter is missing.

- Returns 200 with JSON data when the request is valid.

20. How do you handle POST requests in Flask ?
   -  Handling POST requests in Flask allows you to receive and process data sent by the client, such as form inputs or JSON payloads.

   Steps:

   - Define a route with methods=['POST'].

   - Use request.form[] for form data or request.get_json() for JSON data.

  - Return a response.
  
#Example:

In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit():
    # Get form data
    name = request.form.get('name')

    # Get JSON data
    data = request.get_json()
    age = data.get('age') if data else None

    return jsonify({'name': name, 'age': age}), 201  # Created

if __name__ == '__main__':
    app.run(debug=True)


#This example:

- Handles POST requests.

- Retrieves form data using request.form[].

- Retrieves JSON data using request.get_json().

- Returns a 201 Created response with JSON.


21.  How would you secure a Flask API ?
  -  To secure a Flask API, you can implement the following measures:
- 1. Use HTTPS: Encrypt data in transit using SSL/TLS.

In [None]:
flask run --cert=cert.pem --key=key.pem


- 2. Authentication & Authorization: Use JWT (JSON Web Tokens) or OAuth for user authentication.

In [None]:
from flask import Flask, request, jsonify
import jwt
import datetime

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'

@app.route('/login', methods=['POST'])
def login():
    auth = request.json
    token = jwt.encode({'user': auth['username'], 'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=1)}, app.config['SECRET_KEY'])
    return jsonify({'token': token})

@app.route('/protected', methods=['GET'])
def protected():
    token = request.headers.get('Authorization').split()[1]
    try:
        jwt.decode(token, app.config['SECRET_KEY'], algorithms=['HS256'])
        return jsonify({'message': 'Access granted'})
    except:
        return jsonify({'message': 'Invalid token'}), 401


- 3. Rate Limiting: Prevent brute-force attacks with Flask-Limiter.

In [None]:
from flask_limiter import Limiter
limiter = Limiter(app)

@app.route('/api', methods=['GET'])
@limiter.limit("10 per minute")
def limited_api():
    return "Rate limited"


- 4. Input Validation & Sanitization: Prevent SQL injection and XSS.


In [None]:
from flask import request
import bleach

@app.route('/sanitize', methods=['POST'])
def sanitize():
    data = bleach.clean(request.json['input'])
    return jsonify({'cleaned_data': data})


- 5. Error Handling & Logging: Use proper error handling and logging to avoid information leakage.

22.  What is the significance of the Flask-RESTful extension ?
   -  The Flask-RESTful extension simplifies the creation of REST APIs by providing built-in tools for routing, request parsing, and serialization. It helps organize the code using resource classes and provides a clean, modular structure.

# Example   


In [None]:
from flask import Flask
from flask_restful import Api, Resource, reqparse

app = Flask(__name__)
api = Api(app)

# Define resource
class HelloWorld(Resource):
    def get(self):
        return {'message': 'Hello, World!'}

# Add resource to API
api.add_resource(HelloWorld, '/')

if __name__ == '__main__':
    app.run(debug=True)


23. What is the role of Flask’s session object ?
  - The Flask session object is used to store user-specific data across requests, making it useful for handling user authentication, preferences, and temporary data. It uses cookies by default and is encrypted for security.

#Example  

In [None]:
from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'your_secret_key'  # Required for session encryption

@app.route('/')
def index():
    if 'username' in session:
        return f'Logged in as {session["username"]}'
    return 'You are not logged in'

@app.route('/login', methods=['POST'])
def login():
    session['username'] = request.form['username']
    return redirect(url_for('index'))

@app.route('/logout')
def logout():
    session.pop('username', None)
    return redirect(url_for('index'))

if __name__ == '__main__':
    app.run(debug=True)


# Practical Questions

1.  How do you create a basic Flask application ?
#To create a basic Flask application:
- 1. Install Flask:

In [None]:
pip install Flask


- 2. Create app.py:

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


- 3. Run the app:




In [None]:
python app.py


2. How do you serve static files like images or CSS in Flask ?
#To serve static files (images, CSS, JavaScript) in Flask:

- 1. Create a static/ folder in your project directory.
     - Place your static files inside it, e.g.:

In [None]:
/static
├── style.css
├── script.js
└── image.png


- 2. Reference static files in your HTML using url_for:

In [None]:
<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
<img src="{{ url_for('static', filename='image.png') }}" alt="Sample Image">


- 3. Flask automatically serves files from the static/ folder without additional configuration.
     - You can access static files directly via:

In [None]:
http://127.0.0.1:5000/static/image.png


3.  How do you define different routes with different HTTP methods in Flask ?

#To define different routes with specific HTTP methods in Flask:
-  1. Use the methods parameter in the @app.route() decorator:

In [None]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/', methods=['GET'])
def get_home():
    return "GET request received"

@app.route('/submit', methods=['POST'])
def submit():
    data = request.form.get('name')
    return f"POST request received with data: {data}"

@app.route('/update', methods=['PUT'])
def update():
    return "PUT request received"

@app.route('/delete', methods=['DELETE'])
def delete():
    return "DELETE request received"

if __name__ == '__main__':
    app.run(debug=True)


-  2. Testing the routes:
   - GET: Visit http://127.0.0.1:5000/ in your browser.
   - POST, PUT, and DELETE: Use tools like Postman or curl to send requests with the respective methods.

4.  How do you render HTML templates in Flask ?

#To render HTML templates in Flask:
- 1. Create a templates/ folder in your project directory.
  -  Place your HTML files inside it, e.g.:

In [None]:
/templates
├── index.html
└── about.html


- 2. Use render_template() to render the HTML files:

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

@app.route('/about')
def about():
    return render_template('about.html')

if __name__ == '__main__':
    app.run(debug=True)


- 3. Pass variables to the template:

In [None]:
@app.route('/user/<name>')
def user(name):
    return render_template('index.html', username=name)


In index.html:

In [None]:
<h1>Hello, {{ username }}!</h1>


Flask automatically looks for templates in the templates/ folder.

5. How can you generate URLs for routes in Flask using url_for ?
#To generate URLs for routes in Flask using url_for():
- 1. Basic usage with route function names:


In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/about')
def about():
    return "About Page"

@app.route('/user/<username>')
def profile(username):
    return f"User: {username}"

with app.test_request_context():
    print(url_for('home'))              # → '/'
    print(url_for('about'))             # → '/about'
    print(url_for('profile', username='Alice'))  # → '/user/Alice'


- 2. Use url_for in HTML templates:

In [None]:
<a href="{{ url_for('home') }}">Home</a>
<a href="{{ url_for('profile', username='Bob') }}">Bob's Profile</a>


- url_for() dynamically generates URLs, making your code more maintainable by avoiding hardcoding paths.

6.  How do you handle forms in Flask ?

#To handle forms in Flask:
- 1. HTML Form

Create a form in your HTML template:

In [None]:
<form action="/submit" method="POST">
    <label for="name">Name:</label>
    <input type="text" id="name" name="name" required>
    <button type="submit">Submit</button>
</form>


- 2. Handle Form Data in Flask

In your Flask app:

In [None]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('form.html')

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')  # Get form data
    return f"Form submitted with name: {name}"

if __name__ == '__main__':
    app.run(debug=True)


- request.form: Access form data from POST requests.
- request.args: For GET parameters (e.g., ?name=Alice)

- 3. Use Flask-WTF for Form Validation
   - Install Flask-WTF:

In [None]:
pip install Flask-WTF


- Example with validation:

In [None]:
from flask import Flask, render_template, redirect, url_for, flash
from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired

app = Flask(__name__)
app.config['SECRET_KEY'] = 'mysecretkey'

class MyForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired()])
    submit = SubmitField('Submit')

@app.route('/', methods=['GET', 'POST'])
def index():
    form = MyForm()
    if form.validate_on_submit():
        flash(f'Form submitted with name: {form.name.data}')
        return redirect(url_for('index'))
    return render_template('form.html', form=form)

if __name__ == '__main__':
    app.run(debug=True)


- HTML Template:

In [None]:
<form method="POST">
    {{ form.hidden_tag() }}
    {{ form.name.label }} {{ form.name() }}
    {{ form.submit() }}
</form>


Flask-WTF provides built-in validation, CSRF protection, and easy form handling.

7.  How can you validate form data in Flask ?

#1. Form Validation with request in Flask
- You can manually validate form data by checking if the fields are empty or meet specific criteria.

In [None]:
from flask import Flask, request, render_template, redirect, url_for

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def form():
    error = None
    if request.method == 'POST':
        name = request.form.get('name')
        email = request.form.get('email')

        # Simple validation
        if not name or not email:
            error = "Both fields are required!"
        elif "@" not in email:
            error = "Invalid email address!"
        else:
            return f"Form submitted with Name: {name}, Email: {email}"

    return render_template('form.html', error=error)

if __name__ == '__main__':
    app.run(debug=True)


- HTML Template (form.html):

In [None]:
<form method="POST">
    <label>Name:</label>
    <input type="text" name="name" required>

    <label>Email:</label>
    <input type="email" name="email" required>

    <button type="submit">Submit</button>
</form>
{% if error %}
    <p style="color: red;">{{ error }}</p>
{% endif %}


- 2. Form Validation with Flask-WTF
  - Flask-WTF simplifies form validation with built-in validators.

 1. Install Flask-WTF:

In [None]:
pip install Flask-WTF


     2. Create the Flask app:

In [None]:
from flask import Flask, render_template, redirect, url_for, flash
from flask_wtf import FlaskForm
from wtforms import StringField, EmailField, SubmitField
from wtforms.validators import DataRequired, Email, Length

app = Flask(__name__)
app.config['SECRET_KEY'] = 'mysecretkey'

# Define the form
class MyForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired(), Length(min=2, max=50)])
    email = EmailField('Email', validators=[DataRequired(), Email()])
    submit = SubmitField('Submit')

@app.route('/', methods=['GET', 'POST'])
def index():
    form = MyForm()
    if form.validate_on_submit():
        flash(f"Form submitted with Name: {form.name.data}, Email: {form.email.data}")
        return redirect(url_for('index'))

    return render_template('form.html', form=form)

if __name__ == '__main__':
    app.run(debug=True)


3. HTML Template (form.html):

In [None]:
<form method="POST">
    {{ form.hidden_tag() }}
    <label>{{ form.name.label }}</label>
    {{ form.name() }}

    <label>{{ form.email.label }}</label>
    {{ form.email() }}

    {{ form.submit() }}
</form>

{% for message in get_flashed_messages() %}
    <p>{{ message }}</p>
{% endfor %}


8. How do you manage sessions in Flask ?

#To manage sessions in Flask:

- 1. Import and configure session:

In [None]:
from flask import Flask, session

app = Flask(__name__)
app.secret_key = 'your_secret_key'  # Required for session security


- 2. Set session variables:

In [None]:
session['username'] = 'Alice'


- 3. Access session variables:

In [None]:
user = session.get('username')  # Returns 'Alice'


- 4. Remove session variables:

In [None]:
session.pop('username', None)  # Removes 'username' from session


 Sessions store data per user across requests, and app.secret_key is required for encryption.

9. How do you redirect to a different route in Flask ?

#To redirect to a different route in Flask:

- 1. Import redirect and url_for:

In [None]:
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/login')
def login():
    return "Login Page"

@app.route('/go-to-login')
def go_to_login():
    return redirect(url_for('login'))  # Redirect to the 'login' route

if __name__ == '__main__':
    app.run(debug=True)


redirect(url_for('route_name')) dynamically generates the URL and redirects the user.

10.  How do you handle errors in Flask (e.g., 404) ?
#To handle errors in Flask (e.g., 404):
- 1. Use the @app.errorhandler() decorator:

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

# Handle 404 errors
@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html'), 404

if __name__ == '__main__':
    app.run(debug=True)


- 2. Create a custom 404.html template:

In [None]:
<h1>404 - Page Not Found</h1>
<p>Oops! The page you are looking for doesn't exist.</p>
<a href="{{ url_for('home') }}">Go back home</a>


- You can also handle other errors like 500 (internal server error):

In [None]:
@app.errorhandler(500)
def internal_error(e):
    return "Something went wrong!", 500


11. How do you structure a Flask app using Blueprints ?
- To structure a Flask app using Blueprints:
#1. Create the Project Structure:



In [None]:
/myapp
├── app.py                # Main app
├── blueprints/           # Blueprint folder
│     ├── __init__.py     # Initializes the blueprint
│     ├── user.py         # User blueprint
│     └── admin.py        # Admin blueprint
├── templates/
├── static/
└── requirements.txt


# 2. Define Blueprints:
- blueprints/user.py:

In [None]:
from flask import Blueprint

user_bp = Blueprint('user', __name__)

@user_bp.route('/profile')
def profile():
    return "User Profile"


- blueprints/admin.py:

In [None]:
from flask import Blueprint

admin_bp = Blueprint('admin', __name__)

@admin_bp.route('/dashboard')
def dashboard():
    return "Admin Dashboard"


#3. Register Blueprints in app.py:

In [None]:
from flask import Flask
from blueprints.user import user_bp
from blueprints.admin import admin_bp

app = Flask(__name__)

# Register blueprints
app.register_blueprint(user_bp, url_prefix='/user')
app.register_blueprint(admin_bp, url_prefix='/admin')

if __name__ == '__main__':
    app.run(debug=True)


- Access the routes:
  - http://127.0.0.1:5000/user/profile
  - http://127.0.0.1:5000/admin/dashboard

  Blueprints help modularize and organize larger Flask applications.


12. How do you define a custom Jinja filter in Flask ?
- To define a custom Jinja filter in Flask:
#1. Create the filter function:

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

# Custom filter
def reverse_string(s):
    return s[::-1]

# Register the filter
app.jinja_env.filters['reverse'] = reverse_string

@app.route('/')
def home():
    return render_template('index.html', message="Flask")


#2. Use the custom filter in the HTML template:

In [None]:
<p>{{ message | reverse }}</p>  <!-- Output: ksalF -->


app.jinja_env.filters['filter_name'] = function registers the custom filter for use in templates.

13. How can you redirect with query parameters in Flask ?
- To redirect with query parameters in Flask:

#1. Use redirect() with url_for() and pass query parameters as arguments:

In [None]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Search results for: {query}"

@app.route('/go-to-search')
def go_to_search():
    return redirect(url_for('search', q='Flask'))  # Redirect with query param


#2. How it works:

- The url_for('search', q='Flask') generates:

In [None]:
http://127.0.0.1:5000/search?q=Flask


- You can add multiple parameters:

In [None]:
return redirect(url_for('search', q='Flask', page=2))


- /search?q=Flask&page=2

14.  How do you return JSON responses in Flask ?
- To return JSON responses in Flask:  

#1. Use jsonify:

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/data')
def data():
    response = {'name': 'Alice', 'age': 25}
    return jsonify(response)


#2. Return custom status codes and headers:

In [None]:
@app.route('/error')
def error():
    return jsonify({'error': 'Not Found'}), 404


-  jsonify() automatically sets the Content-Type to application/json.

15.  How do you capture URL parameters in Flask?
- To capture URL parameters in Flask:

#1. Define the route with placeholders:

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')   # Capture 'username'
def profile(username):
    return f"Hello, {username}!"


#2. Capture multiple parameters with types:

In [None]:
@app.route('/post/<int:post_id>')   # Capture 'post_id' as an integer
def show_post(post_id):
    return f"Post ID: {post_id}"


- Flask automatically converts the type if specified (<int:>, <float:>, <string:>).