# Theory Questions

1.  What is a RESTful API?
- A RESTful API (Representational State Transfer API) is a way for two systems (like a frontend app and a backend server) to communicate over the internet using standard HTTP methods. It's a set of rules that developers follow when creating APIs, designed to make interactions between systems easy, scalable, and stateless.

Key Concepts of RESTful API:

1. Statelessness:
Every request from the client to the server must contain all the information needed to understand and process it. The server doesn't store any information about the client session.

2. HTTP Methods (CRUD operations):

GET – Retrieve data (e.g., get user info)

POST – Create data (e.g., add a new user)

PUT – Update data (e.g., edit user info)

DELETE – Delete data (e.g., remove a user)

3. Resources & URLs:

REST treats everything as a resource, which is identified by a URL.

4. Data Format:

Data is usually sent in JSON (JavaScript Object Notation) format.

5. Stateless Communication:

Each request is processed independently without relying on previous requests.

In [None]:
#example of a basic RESTful API
from flask import Flask, jsonify, request

app = Flask(__name__)

# Sample data: A fake database of users
users = [
    {"id": 1, "name": "Zufii", "role": "girlfriend"},
    {"id": 2, "name": "You", "role": "boyfriend"}
]

# GET /users - Retrieve all users
@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

# GET /users/<id> - Retrieve a single user by ID
@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    user = next((u for u in users if u["id"] == user_id), None)
    return jsonify(user) if user else ("User not found", 404)

# POST /users - Add a new user
@app.route('/users', methods=['POST'])
def add_user():
    new_user = request.get_json()
    new_user["id"] = users[-1]["id"] + 1
    users.append(new_user)
    return jsonify(new_user), 201

# PUT /users/<id> - Update a user
@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    updated_data = request.get_json()
    for user in users:
        if user["id"] == user_id:
            user.update(updated_data)
            return jsonify(user)
    return ("User not found", 404)

# DELETE /users/<id> - Delete a user
@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    global users
    users = [u for u in users if u["id"] != user_id]
    return ("", 204)

# Run the app
if __name__ == '__main__':
    app.run(debug=True)



 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


2. Explain the concept of API specification
- An API Specification is like a blueprint or a contract that defines how clients (apps, users, servers) should interact with the API.

It describes everything about the API before it is built or used:

What endpoints are available (like /users, /products, etc.)

What HTTP methods you should use (GET, POST, PUT, DELETE, etc.)

What parameters or body data are needed

What response formats (JSON, XML) will be returned

What status codes (200 OK, 404 Not Found, etc.) to expect

What authentication (login tokens, API keys) is needed

In short:

It tells the client exactly what they can do, how they should do it, and what they will get back.

**Why is an API Specification Important?**

Clear communication between backend and frontend developers

No confusion for people who will use your API (developers, businesses)

Automated tools can generate code, documentation, testing tools from it

Helps in standardization, especially in big companies (like Google, Amazon)



3.  What is Flask, and why is it popular for building APIs?
- Flask is a lightweight and simple-to-use web framework written in Python. It helps developers build web applications and APIs quickly and with minimal boilerplate code.

It's often referred to as a "micro-framework" because it gives you the basics and lets you add what you need — no heavy tools unless you want them.

Why is Flask Popular for Building APIs?

Here’s why Flask is a top choice for APIs:

✅ 1. Simplicity & Minimalism
You can get a REST API running with just a few lines of code.

Perfect for quick prototypes, MVPs, and hackathons.

✅ 2. Full Control
Flask doesn’t force any project structure or tools.

You control everything: routing, database, authentication, etc.

✅ 3. Extensible
You can plug in libraries like:

Flask-SQLAlchemy for databases

Flask-JWT for authentication

Flask-RESTful or Flask-RESTX for structured APIs

✅ 4. Great for Learning
The code is easy to read and understand — great for beginners.

Helps you learn the core concepts behind web frameworks.

✅ 5. Large Community & Resources
Tons of tutorials, plugins, GitHub examples, and StackOverflow answers.

4. What is routing in Flask?
- Routing is the process of matching a URL (like /home or /login) to a specific function in your code that will handle that request.

In [None]:
#example
from flask import Flask

app = Flask(__name__)

# This is a route
@app.route('/')
def home():
    return "Welcome to the Homepage!"

@app.route('/about')
def about():
    return "This is the About page."

# Run the app
if __name__ == '__main__':
    app.run(debug=True)



 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


5. How do you create a simple Flask application?
- Creating a Flask step by step:

1. Install Flask

Make sure Flask is installed in your environment

2. Create your API file

3. Run the Flask APP

In your teminal, go to the directory where app.py is saved, then run



6.  What are HTTP methods used in RESTful APIs?
- In RESTful APIs, HTTP methods define the type of operation you want to perform on a resource (like a user, post, product, etc.).

 The 5 Core HTTP Methods in RESTful APIs

 1. GET
 - Used to retrieve data from the server
 - Should not chnage anything on the server

 2. POST
 - Used to create a new resources
 - Sends data to the server(in the body)

 3. PUT
 - Used to update an existing resources entirely.
 - If the resources doesn't exist, it might create one.

 4. PATCH
 - Used to partially update a resources.

 5. DELETE
 - Used to delete a resources

7. What is the purpose of the @app.route() decorator in Flask?
- @app.route() is a decorator in Flask that is used to map a URL to a Python function.

In [None]:
#example
from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the homepage!"



8.  What is the difference between GET and POST HTTP methods?
- 🔹 GET Method:
- Used to request data from a server.
- Data is sent in the URL (query parameters).
- Example: /search?query=flask
- Visible to everyone (stored in browser history, can be bookmarked).
- Mostly used for fetching or reading data.
- Safe and idempotent (no changes to server data).

🔹 POST Method:
- Used to send data to the server to create or update something.
- Data is sent in the request body.
- Example: /submit (with form data or JSON)
- Not visible in URL (more secure for sensitive data).
- Mostly used for submitting forms, logins, file uploads, etc.
- Not idempotent (repeating may cause duplicate entries).


9.  How do you handle errors in Flask APIs?


In [None]:
#1.Using try/except blocks
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/divide/<int:a>/<int:b>')
def divide(a, b):
    try:
        result = a / b
        return jsonify({'result': result})
    except ZeroDivisionError:
        return jsonify({'error': 'Cannot divide by zero'}), 400



In [None]:
#2. Using @app.errorhandler() Decorato
@app.errorhandler(404)
def not_found(error):
    return jsonify({'error': 'Page not found'}), 404

@app.errorhandler(500)
def server_error(error):
    return jsonify({'error': 'Something went wrong'}), 500


In [None]:
# 3. Custom Error Handlers
class InvalidUsage(Exception):
    def __init__(self, message, status_code=400):
        self.message = message
        self.status_code = status_code

@app.errorhandler(InvalidUsage)
def handle_invalid_usage(error):
    response = jsonify({'error': error.message})
    return response, error.status_code

@app.route('/greet/<name>')
def greet(name):
    if name == "error":
        raise InvalidUsage("This name is not allowed!")
    return jsonify({"message": f"Hello, {name}!"})


10.  How do you connect Flask to a SQL database?
- Proper Way to Set It Up

1. Install Required Packages

You install flask and flask_sqlalchemy using pip. This gives you access to both Flask for the web part and SQLAlchemy for the database part.

2. Create a Config File

You create a separate file (like config.py) to store database configuration. This is a good practice so that you can manage environment-specific settings easily.

For example:

SQLALCHEMY_DATABASE_URI = 'sqlite:///users.db'

This line tells Flask to use a local SQLite database named users.db.

3. Create a Models File

You define your database tables as Python classes in a separate file (models.py). For example, a User class becomes a users table with columns like id, name, and email.

4. Connect Everything in Your Main Flask App

In your app.py, you:

Import the Flask app

Load the configuration

Initialize the database connection using db.init_app(app)

Define your routes (API endpoints)

5. Create Tables Automatically

You can tell Flask to create the database tables the first time it runs by using the @app.before_first_request decorator and calling db.create_all() inside it.

6. Define Routes to Interact with the Database

You build routes like:

/add/<name>/<email> → to add a user

/users → to retrieve all users as JSON



11. What is the role of Flask-SQLAlchemy?
- 🔹 Flask-SQLAlchemy is an extension that integrates SQLAlchemy (ORM) with Flask.

🔹 It acts as a bridge between Flask and SQL databases like SQLite, MySQL, PostgreSQL.

 Main Roles:

1. Database Connection:
   - Simplifies connecting Flask to a database using a single config line.

2. Model Definition:
   - Allows you to define database tables as Python classes.
   - Each class becomes a table, and attributes become columns.

3. ORM (Object-Relational Mapping):
   - Converts Python code into SQL queries.
   - No need to write raw SQL manually.

4. Session Management:
   - Makes it easy to add, update, delete, and query records.

5. Table Creation:
   - Lets you create tables with `db.create_all()`.

6. Integration:
   - Works well with other Flask extensions like Flask-Migrate and Flask-Login.


12. What are Flask blueprints, and how are they useful?
- 🔹 **Flask Blueprints** are a way to organize your Flask application into **modular components**.

 **Purpose**:
Blueprints allow you to structure your application into separate "modules" (or "blueprints") that can be developed independently, making the code more maintainable and scalable.

---

### **Key Features of Flask Blueprints:**

1. **Modularization**:
   - Blueprints allow you to divide your application into distinct components (e.g., user authentication, admin dashboard, etc.).

2. **Reusability**:
   - You can reuse blueprints across different applications, or simply use them to keep parts of your app isolated.

3. **Separation of Concerns**:
   - Each blueprint is responsible for its own routes, views, and static files, keeping everything organized.

4. **Dynamic Registration**:
   - Blueprints can be registered at any point in the application, even dynamically.

5. **Cleaner Code**:
   - Helps in keeping the application cleaner and easier to scale as the app grows.

---

### **Example Use Case**:
In a large app, you might have separate blueprints for:
- **Auth Blueprint** (login, signup, etc.)
- **Admin Blueprint** (admin dashboard)
- **Blog Blueprint** (blog posts, comments)

### **How to Use Blueprints**:

1. **Define a Blueprint**:
   - Create a new blueprint object using `Blueprint()`.

```python
from flask import Blueprint

auth = Blueprint('auth', __name__)

@auth.route('/login')
def login():
    return 'Login Page'

@auth.route('/signup')
def signup():
    return 'Signup Page'


13.  What is the purpose of Flask's request object?
- 🔹 The **Flask Request object** is an essential part of Flask that provides access to all the data that is sent by the client (browser, API consumer) to the server.

 **Main Purpose**:
The Request object allows you to interact with incoming HTTP requests by giving access to data like form data, URL parameters, headers, cookies, and more.

---

### **Key Features of the Request Object**:

1. **Access Request Data**:
   - You can easily retrieve data that is sent with the request, such as form data, query parameters, JSON payloads, etc.

2. **Get URL Parameters**:
   - Access any **query parameters** that are part of the URL (e.g., `/search?query=flask`).

3. **Retrieve JSON Data**:
   - If the client sends JSON data, you can access it directly as a Python dictionary.

4. **Access Form Data**:
   - Flask makes it easy to access form data sent in a `POST` request.

5. **Handle Files**:
   - You can also handle **file uploads** sent with `POST` requests.

6. **Access Headers and Cookies**:
   - Retrieve request headers and cookies sent by the client.

---

###  **Common Uses of Flask's Request Object**:

1. **Getting Query Parameters**:
   - Access URL parameters passed in a `GET` request.
```python
from flask import request

@app.route('/search')
def search():
    query = request.args.get('query')  # e.g., /search?query=flask
    return f'Search query: {query}'


14. How do you create a RESTful API endpoint using Flask?
-

In [None]:
from flask import Flask, jsonify, request

app = Flask(__name__)

# Dummy data to simulate a database
users = [
    {"id": 1, "name": "John Doe", "email": "john@example.com"},
    {"id": 2, "name": "Jane Smith", "email": "jane@example.com"}
]

# Home route
@app.route('/')
def home():
    return "Welcome to the API!"

# GET: Get all users
@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

# GET: Get a user by ID
@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    user = next((u for u in users if u['id'] == user_id), None)
    if user is None:
        return jsonify({"error": "User not found"}), 404
    return jsonify(user)

# POST: Add a new user
@app.route('/users', methods=['POST'])
def add_user():
    new_user = request.get_json()  # Get data from the request body
    users.append(new_user)
    return jsonify(new_user), 201

# PUT: Update an existing user
@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    user = next((u for u in users if u['id'] == user_id), None)
    if user is None:
        return jsonify({"error": "User not found"}), 404

    updated_data = request.get_json()
    user.update(updated_data)
    return jsonify(user)

# DELETE: Remove a user
@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    global users
    users = [u for u in users if u['id'] != user_id]
    return '', 204  # Return no content (204 status)

# Run the app
if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


15.  What is the purpose of Flask's jsonify() function?
- # Flask's jsonify() function is used to convert data (usually Python dictionaries or lists)
# into a proper JSON response that can be sent to the client.

**Main Purpose**:
`jsonify()` is a Flask utility that serializes data into JSON format and automatically sets the correct MIME type for the response (`application/json`).

---

###  **Key Benefits of `jsonify()`**:

1. **Converts Python Data to JSON**:
   - It converts **Python dictionaries, lists**, or any serializable object into a **JSON** string.
   
2. **Sets Correct Content-Type**:
   - Automatically sets the response's `Content-Type` header to `application/json`, which tells the client that the response is in JSON format.

3. **Handles HTTP Status Codes**:
   - You can specify the HTTP status code for the response, making it easy to return proper success or error codes along with the JSON data.

4. **Handles Unicode & Special Characters**:
   - Properly handles Unicode and special characters when converting to JSON format.

---

###  **Example Usage**:

 **Basic Example**:

```python
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/user')
def user():
    user_data = {"id": 1, "name": "John Doe", "email": "john@example.com"}
    return jsonify(user_data)  # Returns {"id": 1, "name": "John Doe", "email": "john@example.com"}


16.  Explain Flask’s url_for() function.
- # The `url_for()` function in Flask is used to generate the URL for a given view or endpoint in the application.

 **Main Purpose**:
`url_for()` dynamically generates the URL for a given view function, ensuring that URLs are always correct and properly handled. This is useful for generating links to routes in your app, and it helps avoid hardcoding URLs, making your application more flexible.

---

###  **Key Benefits of `url_for()`**:

1. **Generates URLs Dynamically**:
   - It generates URLs for any Flask view function (route) based on the function’s name, not the actual path. This is helpful when URLs change, as they only need to be updated in one place.

2. **Avoids Hardcoding URLs**:
   - By using `url_for()`, you don't need to hardcode URLs in your templates or view functions, which makes your code more maintainable and avoids errors.

3. **Handles URL Parameters**:
   - It can automatically handle URL parameters or query parameters by passing arguments to it.

4. **Supports Reverse URL Lookup**:
   - It allows you to look up a URL from its view function’s name, rather than specifying the URL directly.

---

###  **Example Usage**:

 **Basic Example**:

```python
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page'

@app.route('/about')
def about():
    return 'About Us Page'

@app.route('/redirect')
def redirect_to_about():
    return f'Redirecting to About page: {url_for("about")}'


17. How does Flask handle static files (CSS, JavaScript, etc.)?
- # Flask provides a simple way to serve static files (like CSS, JavaScript, images) using the `static` folder.

 **Main Purpose**:
Flask automatically serves static files like CSS, JavaScript, and image files from a special folder called `static`. You don't need to manually configure routes for these files.

---

###  **How Flask Handles Static Files**:

1. **Default Static Folder**:
   - By default, Flask looks for static files in the `static` directory, which should be placed in the root of your project.
   
   Example folder structure:

2. **Accessing Static Files in HTML Templates**:
- Flask provides a `url_for()` function to link to static files in templates.
- You use the `url_for('static', filename='path_to_file')` function to generate the correct URL for the static file.

---

###  **Example Usage**:

1. **Folder Structure**:

2. **Flask Application** (`app.py`):

```python
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
 return render_template('index.html')

if __name__ == '__main__':
 app.run(debug=True)
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Flask Static Files</title>
    <!-- Link to CSS file -->
    <link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}">
</head>
<body>
    <h1>Welcome to Flask</h1>
    <!-- Link to JavaScript file -->
    <script src="{{ url_for('static', filename='js/script.js') }}"></script>
    <!-- Display Image -->
    <img src="{{ url_for('static', filename='images/logo.png') }}" alt="Logo">
</body>
</html>


18.  What is an API specification, and how does it help in building a Flask API?
-  Definition of an API Specification:
An API specification is a detailed document or blueprint that defines how an API works. It describes the endpoints, HTTP methods, request/response formats, parameters, status codes, authentication mechanisms, and other details necessary for developers to interact with the API effectively.

Popular API specifications include:

OpenAPI (formerly Swagger)

RAML

API Blueprint

 How an API Specification Helps in Building a Flask API:

1. Standardizes API Design:

An API specification provides a standardized way to design and document the API, ensuring consistency across various endpoints and developers. By following an API spec, you ensure your API is predictable and easier to use.

2. Helps with Clear Documentation:

With an API specification, you can automatically generate clear and interactive documentation (using tools like Swagger or Redoc) that helps users understand how to interact with the API. This is particularly useful for consumers who are integrating with your API.

3. Defines Endpoint Structure:

The specification defines all the routes (endpoints), HTTP methods (GET, POST, PUT, DELETE), request parameters, and response structures. This clarity makes it easier to implement these features in the Flask application.

4. Facilitates API Testing:

API specifications can be used to automatically generate test cases for the API endpoints, ensuring that all scenarios are covered, such as valid and invalid inputs, status codes, etc.

5. Supports Collaboration Between Teams:

By having a detailed API spec, different teams (backend developers, frontend developers, QA engineers, etc.) can work in parallel, as they have a clear understanding of what the API will look like. Frontend developers can start integrating the API even before the backend is fully developed.



In [None]:
#example
from flask import Flask, jsonify, request, abort

app = Flask(__name__)

# Dummy data for users
users = [
    {"id": 1, "name": "Ashif Sarkar", "email": "ashifsarkar13@gmail.com"},
    {"id": 2, "name": "Zufishaa Kazi", "email": "kazizufisha13@gmail.com"}
]

# Route for getting all users (GET /users)
@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

# Route for getting a user by ID (GET /users/{id})
@app.route('/users/<int:id>', methods=['GET'])
def get_user(id):
    user = next((u for u in users if u['id'] == id), None)
    if user is None:
        abort(404, description="User not found")
    return jsonify(user)

# Route for creating a new user (POST /users)
@app.route('/users', methods=['POST'])
def create_user():
    new_user = request.get_json()  # Get the JSON data sent in the request
    if not new_user or 'name' not in new_user or 'email' not in new_user:
        abort(400, description="Missing required fields")
    new_user['id'] = len(users) + 1  # Simple ID generation
    users.append(new_user)
    return jsonify(new_user), 201

# Route for updating an existing user (PUT /users/{id})
@app.route('/users/<int:id>', methods=['PUT'])
def update_user(id):
    user = next((u for u in users if u['id'] == id), None)
    if user is None:
        abort(404, description="User not found")
    updated_data = request.get_json()
    user.update(updated_data)
    return jsonify(user)

# Route for deleting a user (DELETE /users/{id})
@app.route('/users/<int:id>', methods=['DELETE'])
def delete_user(id):
    global users
    users = [u for u in users if u['id'] != id]
    return '', 204  # No content, successful delete

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


19. What are HTTP status codes, and why are they important in a Flask API?
- Definition of HTTP Status Codes:

HTTP status codes are three-digit codes returned by a web server to indicate the result of an HTTP request. These codes are part of the HTTP response sent back to the client (e.g., browser, mobile app) and represent the outcome of the request, whether it was successful, failed, or if further action is required.

Status codes are grouped into five categories based on the first digit:

1xx – Informational responses

2xx – Successful responses

3xx – Redirection responses

4xx – Client error responses

5xx – Server error responses

- Common HTTP Status Codes in Flask APIs:
2xx - Success:

200 OK: The request was successful, and the server has returned the requested data.

201 Created: The request was successful, and a new resource has been created (usually used with POST requests).

204 No Content: The request was successful, but there is no content to return (often used with DELETE requests).

3xx - Redirection:

301 Moved Permanently: The resource has been permanently moved to a new URL.

302 Found: The resource is temporarily located at a different URL.

4xx - Client Errors:

400 Bad Request: The server could not understand the request due to malformed syntax.

401 Unauthorized: The request requires authentication or the provided credentials are invalid.

403 Forbidden: The server understands the request but refuses to authorize it.

404 Not Found: The requested resource could not be found on the server.

405 Method Not Allowed: The HTTP method used is not allowed for the requested resource.

5xx - Server Errors:

500 Internal Server Error: A generic error message indicating a server issue.

502 Bad Gateway: The server received an invalid response from an upstream server.

503 Service Unavailable: The server is currently unable to handle the request (usually due to temporary overload or maintenance).

- Why HTTP Status Codes Are Important in Flask APIs:
Indicate the Outcome of Requests:

Status codes provide a clear indication of whether an API request was successful or failed, which helps developers and consumers of the API understand the result of the operation.

Provide Debugging and Error Information:

When an API request fails, HTTP status codes give useful clues about the issue. For example, a 400 Bad Request indicates a problem with the request format, while 404 Not Found suggests the resource doesn't exist.

Improve User Experience:

Correctly using HTTP status codes helps the client (front-end or mobile app) handle responses effectively. For example, receiving a 200 OK ensures that the client knows it can proceed with the data, while a 401 Unauthorized tells the client to authenticate before retrying.

Enable Automated Actions:

Clients can use HTTP status codes to programmatically determine the next step, such as retrying a request (for 503 Service Unavailable) or redirecting the user to a new location (for 301 Moved Permanently).

Follow RESTful Conventions:

Using the appropriate HTTP status codes ensures your Flask API adheres to REST principles, which promotes consistency and clarity in how the API is designed and used.



In [None]:
#example
from flask import Flask, jsonify, request, abort

app = Flask(__name__)

users = [
    {"id": 1, "name": "John Doe", "email": "john@example.com"},
    {"id": 2, "name": "Jane Smith", "email": "jane@example.com"}
]

@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users), 200  # Return the list of users with a 200 OK status

@app.route('/users/<int:id>', methods=['GET'])
def get_user(id):
    user = next((u for u in users if u['id'] == id), None)
    if user is None:
        abort(404, description="User not found")  # Return 404 if the user is not found
    return jsonify(user), 200

@app.route('/users', methods=['POST'])
def create_user():
    new_user = request.get_json()
    if not new_user or 'name' not in new_user or 'email' not in new_user:
        abort(400, description="Missing required fields")  # Return 400 if required fields are missing
    new_user['id'] = len(users) + 1
    users.append(new_user)
    return jsonify(new_user), 201  # Return the new user with a 201 Created status

@app.route('/users/<int:id>', methods=['PUT'])
def update_user(id):
    user = next((u for u in users if u['id'] == id), None)
    if user is None:
        abort(404, description="User not found")
    updated_data = request.get_json()
    user.update(updated_data)
    return jsonify(user), 200

@app.route('/users/<int:id>', methods=['DELETE'])
def delete_user(id):
    global users
    users = [u for u in users if u['id'] != id]
    return '', 204  # Return no content with a 204 No Content status

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


20.  How do you handle POST requests in Flask?
-  Steps to Handle a POST Request:

Define a Route for the POST Request: Use @app.route() with the methods=['POST'] argument to specify that this route should handle POST requests.

Extract Data from the Request:

For JSON data, use request.get_json().

For form data, use request.form.

Perform the Desired Action: After extracting the data, you can process it (e.g., store it in a database, manipulate it, etc.).

Return a Response: You should return a response, which might include the newly created resource, a success message, or an error message. Common status codes for POST requests are:

201 Created: When a resource is successfully created.

400 Bad Request: If the client sent invalid or incomplete data.



In [None]:
#example
from flask import Flask, request, jsonify

app = Flask(__name__)

# Dummy data store (usually, you'd use a database)
users = []

# POST request to create a new user
@app.route('/users', methods=['POST'])
def create_user():
    # Get data from the request (expects JSON)
    data = request.get_json()

    # Check if required fields are present
    if not data or 'name' not in data or 'email' not in data:
        return jsonify({"error": "Missing required fields"}), 400  # Return 400 if fields are missing

    # Create a new user (simplified, usually, you'd add to a database)
    new_user = {
        "id": len(users) + 1,  # Simple auto-increment for ID
        "name": data['name'],
        "email": data['email']
    }

    users.append(new_user)  # Add user to the list (or save to database)

    # Return the new user with a 201 Created status
    return jsonify(new_user), 201

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


21. How would you secure a Flask API?
-  Use  Authentication (JWT Example):
Install Flask-JWT-Extended:

pip install flask-jwt-extended

```python
from flask import Flask, jsonify, request
from flask_jwt_extended import JWTManager, jwt_required, create_access_token

app = Flask(__name__)

# Secret key for encoding the JWT token
app.config['JWT_SECRET_KEY'] = 'your_secret_key'

jwt = JWTManager(app)

# Dummy user data
users = {"user": "password"}

# Route to login and get a token
@app.route('/login', methods=['POST'])
def login():
    username = request.json.get('username', None)
    password = request.json.get('password', None)

    if users.get(username) == password:
        access_token = create_access_token(identity=username)
        return jsonify(access_token=access_token), 200
    else:
        return jsonify({"message": "Invalid credentials"}), 401

# A protected route, requiring authentication via JWT
@app.route('/protected', methods=['GET'])
@jwt_required()
def protected():
    return jsonify(message="This is a protected route"), 200

if __name__ == '__main__':
    app.run(debug=True)



22. What is the significance of the Flask-RESTful extension?
- Flask-RESTful is an extension for Flask that simplifies the process of building RESTful APIs. It provides a set of tools and utilities that streamline the creation of API endpoints by offering support for request parsing, input validation, and structured response formatting. This helps developers focus on their application's logic while reducing the boilerplate code.

***Key Features & Significance of Flask-RESTful***:

Simplifies API Endpoint Creation: Flask-RESTful extends Flask's route handling to make it more convenient for creating RESTful APIs by providing a Resource class. Each API endpoint becomes a resource with methods like GET, POST, PUT, DELETE.

Built-in Request Parsing: Flask-RESTful comes with an easy-to-use request parser that allows you to define expected parameters, validate input, and extract data from the request. It supports JSON, form data, and query parameters.

Automatic Response Formatting: It provides a convenient way to send structured JSON responses. The extension automatically serializes the data to JSON and ensures a consistent response format.

Support for HTTP Methods: It enables the use of common HTTP methods (GET, POST, PUT, DELETE) in a clean and simple way by using method-specific functions in the resource class.

Better Structure for Large APIs: Flask-RESTful promotes the separation of concerns, allowing for a more organized API structure. Each resource can be encapsulated in its own class, making the code more modular and maintainable.

Error Handling: Flask-RESTful provides easy error handling and can automatically return appropriate HTTP status codes (e.g., 400 Bad Request, 404 Not Found, 500 Internal Server Error) along with error messages.

Integration with Flask-SQLAlchemy: Flask-RESTful can easily be integrated with Flask-SQLAlchemy to interact with databases in a structured manner, making it easier to manage data models and queries.

#***example***

```python
from flask import Flask, jsonify
from flask_restful import Api, Resource, reqparse

app = Flask(__name__)
api = Api(app)

# Define a Resource class for a specific endpoint
class HelloWorld(Resource):
    def get(self):
        return jsonify(message="Hello, World!")

class User(Resource):
    def __init__(self):
        self.req_parser = reqparse.RequestParser()
        self.req_parser.add_argument('name', type=str, required=True, help="Name cannot be blank")
        self.req_parser.add_argument('email', type=str, required=True, help="Email cannot be blank")

    def post(self):
        args = self.req_parser.parse_args()
        return jsonify(message=f"User {args['name']} with email {args['email']} created"), 201

# Add resources to the API
api.add_resource(HelloWorld, '/')
api.add_resource(User, '/user')

if __name__ == '__main__':
    app.run(debug=True)


23. What is the role of Flask’s session object?
- The session object in Flask is used to store data across multiple requests from a single client (user) during their interaction with the web application. It acts as a temporary, server-side storage mechanism, typically for storing small amounts of data like user preferences, authentication states, or cart items in an e-commerce application.

The session object is client-specific, meaning that the data stored in it is accessible only to that particular user across multiple requests, but it's stored on the server and is kept persistent between requests (usually until the user closes their browser or the session expires).

# Key Points of Flask's session Object:

Client-Specific Storage: The session object is used to store information that is specific to a user, and the data is accessible across different routes during the user's visit.

Session Data Is Stored Securely: The session data is stored on the client-side, but it is signed and encrypted using Flask's secret key to prevent tampering. This ensures that sensitive data is not exposed or modified by the client.

Used for Maintaining User State: It is commonly used for handling user authentication (e.g., storing a user ID after login) or any information that needs to persist between requests during a session.

Data Persistence Across Requests: The session allows you to persist data across multiple requests from the same client. When a user sends a request, the server sends the session data back to the client as a cookie, which is then sent with every subsequent request.

Server-Side Storage: Although the session data is stored on the client-side (as cookies), it is securely signed and encrypted by Flask, so it is safe for storing small, non-sensitive information like user preferences, language settings, or authentication tokens.

```python
from flask import Flask, session, redirect, url_for, request, render_template_string

app = Flask(__name__)

# Set a secret key to sign session cookies
app.secret_key = 'your_secret_key'

@app.route('/')
def index():
    # Check if the user is logged in by checking the session
    if 'username' in session:
        return f'Logged in as {session["username"]}'
    return 'You are not logged in'

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']  # Store user in session
        return redirect(url_for('index'))
    return '''
        <form method="post">
            Username: <input type="text" name="username">
            <input type="submit" value="Login">
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None)  # Remove the user from session
    return redirect(url_for('index'))

if __name__ == '__main__':
    app.run(debug=True)




#Practical Questions

1. How do you create a basic flask application?
- Step 1: Install Flask
First, you need to have Python installed on your machine. You can then install Flask using pip. Open your terminal or command prompt and run:

bash
Run
Copy code
pip install Flask

Step 2: Create a Basic Flask Application
Create a new directory for your project:

bash
Run
Copy code
mkdir my_flask_app
cd my_flask_app
Create a new Python file (e.g., app.py):

bash
Run
Copy code
touch app.py
Open app.py in your favorite text editor and add the following code:

python
10 lines
Click to expand
from flask import Flask
...

Step 3: Run the Flask Application
In your terminal, navigate to the directory where app.py is located and run the application:

bash
Run
Copy code
python app.py

Step 4: Access the Application
Once the application is running, you should see output indicating that the server is running, typically at http://127.0.0.1:5000/. Open a web browser and go to that URL. You should see the message "Hello, Flask!".

Step 5: Stop the Application
To stop the Flask application, you can go back to your terminal and press Ctrl + C.

In [None]:
#2.  How do you serve static files like images or CSS in Flask
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [None]:
#3.  How do you define different routes with different HTTP methods in Flask
from flask import Flask, request

app = Flask(__name__)

@app.route('/', methods=['GET'])
def home():
    return "This is a GET request!"

@app.route('/submit', methods=['POST'])
def submit():
    data = request.form.get('data')  # getting form data
    return f"You sent: {data}"

@app.route('/update', methods=['PUT'])
def update():
    return "This is a PUT request!"

@app.route('/delete', methods=['DELETE'])
def delete():
    return "This is a DELETE request!"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [None]:
#4. How do you render HTML templates in Flask?
from flask import Flask, render_template
app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)



 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [None]:
#5.  How can you generate URLs for routes in Flask using url_for
from flask import Flask, url_for
app = Flask(__name__)

@app.route('/')
def home():
    return 'This is the Home Page'

@app.route('/profile/<username>')
def profile(username):
    return f"Profile page of {username}"
    @app.route('/link_test')
    def link_test():

    home_url = url_for('home')
    profile_url = url_for('profile', username='john_doe')
    return f"Home URL: {home_url}<br>Profile URL: {profile_url}"
    if __name__ == '__main__':
    app.run(debug=True)








IndentationError: expected an indented block after function definition on line 13 (<ipython-input-6-151ccad406d4>, line 15)

In [2]:
#6.  How do you handle forms in Flask?
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        username = request.form.get('username')
        password = request.form.get('password')
        return f'Hello {username}, your form is submitted!'
    return render_template('form.html')


In [5]:
#7. How can you validate form data in Flask?
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/register', methods=['GET', 'POST'])
def register():
    error = None
    if request.method == 'POST':
        username = request.form.get('username')
        email = request.form.get('email')

        if not username:
            error = 'Username is required.'
        elif not email or '@' not in email:
            error = 'Valid email is required.'
        else:
            return f'Welcome, {username}!'
    return render_template('register.html', error=error)
    if __name__ == '__main__':
      app.run(debug=True)



In [7]:
#8.  How do you manage sessions in Flask?
from flask import Flask, session, redirect, url_for, request, render_template_string

app = Flask(__name__)

# Set a secret key to sign session cookies
app.secret_key = 'your_secret_key'

@app.route('/')
def index():
    # Check if the user is logged in by checking the session
    if 'username' in session:
        return f'Logged in as {session["username"]}'
    return 'You are not logged in'
    @app.route('/login', methods=['GET', 'POST'])
    def login():
      if request.method == 'POST':
        session['username'] = request.form['username']  # Store user in session
        return redirect(url_for('index'))
        return '''
        <form method="post">
            Username: <input type="text" name="username">
            <input type="submit" value="Login">
        </form>
    '''

In [8]:
#9.  How do you redirect to a different route in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/redirect_example')
def redirect_example():
    return redirect(url_for('redirected_page'))
    @app.route('/redirected_page')
    def redirected_page():
      return 'This is the redirected page.'

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [9]:
#10.  How do you handle errors in Flask (e.g., 404)?
from flask import Flask, render_template

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html'), 404

@app.errorhandler(500)
def internal_server_error(e):
    return render_template('500.html'), 500


In [10]:
#11. How do you structure a Flask app using Blueprints?
# auth/routes.py
from flask import Blueprint, render_template

auth = Blueprint('auth', __name__, template_folder='templates')

@auth.route('/login')
def login():
    return render_template('login.html')

@auth.route('/signup')
def signup():
    return render_template('signup.html')
    # auth/__init__.py
from .routes import auth
from flask import Flask
from auth.routes import auth  # import your blueprint
from blog.routes import blog  # another blueprint example

app = Flask(__name__)

# Register blueprints
app.register_blueprint(auth, url_prefix='/auth')
app.register_blueprint(blog, url_prefix='/blog')

if __name__ == '__main__':
    app.run(debug=True)




ImportError: attempted relative import with no known parent package

In [11]:
#12.  How do you define a custom Jinja filter in Flask?
from flask import Flask, render_template

app = Flask(__name__)

@app.template_filter('uppercase')
def uppercase(text):
    return text.upper()


In [12]:
#13. How can you redirect with query parameters in Flask?
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome Home!'

@app.route('/redirect-me')
def redirect_me():
    return redirect(url_for('destination', name='John', age=25))

@app.route('/destination')
def destination():
    name = request.args.get('name')
    age = request.args.get('age')
    return f'Hello {name}, you are {age} years old!'



In [13]:
#14.  How do you return JSON responses in Flask?
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {'message': 'This is JSON data'}
    return jsonify(data)
    if __name__ == '__main__':
      app.run(debug=True)


In [14]:
#15.  How do you capture URL parameters in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/user/<username>')
def show_user_profile(username):
    return f'User {username}'
