# Restful API & Flask

In [None]:
# 1. What is a RESTful API?
     # A RESTful API (Representational State Transfer API) in Python is a web service that follows REST principles, allowing clients to interact with a server using standard HTTP methods like GET, POST, PUT, and DELETE. It is commonly used for building web applications and services that expose data and functionality over the web.

# Key Features of a RESTful API:
    # 1. Stateless – Each request from a client to a server must contain all the necessary information, and the server should not store client state between requests.

    # 2. Uses HTTP Methods – RESTful APIs use standard HTTP methods:
        # a. GET → Retrieve data
        # b. POST → Create new data
        # c. PUT/PATCH → Update existing data
        # d. DELETE → Remove data

    # 3. Resource-Oriented – Data is treated as resources, each identified by a URL (Uniform Resource Locator).

    # 4. JSON/XML Data Format – Typically, data is exchanged in JSON or XML format.

    # 5. Stateless Communication – The server does not maintain session information about clients.

# Building a RESTful API in Python
    # Python provides several frameworks for building RESTful APIs. The most popular ones include:

        # Flask (lightweight and flexible)
        # FastAPI (high-performance and modern)
        # Django REST Framework (DRF) (best for Django-based projects)

# Example
from flask import Flask, jsonify, request

app = Flask(__name__)

books = [
    {"id": 1, "title": "1984", "author": "George Orwell"},
    {"id": 2, "title": "To Kill a Mockingbird", "author": "Harper Lee"}
]

# GET all book
@app.route('/books', methods=['GET'])
def get_books():
    return jsonify(books)

@app.route('/books/<int:book_id>', methods=['GET'])
def get_book(book_id):
    book = next((b for b in books if b["id"] == book_id), None)
    return jsonify(book) if book else ("Not Found", 404)

@app.route('/books', methods=['POST'])
def add_book():
    new_book = request.json
    books.append(new_book)
    return jsonify(new_book), 201

@app.route('/books/<int:book_id>', methods=['PUT'])
def update_book(book_id):
    book = next((b for b in books if b["id"] == book_id), None)
    if book:
        book.update(request.json)
        return jsonify(book)
    return ("Not Found", 404)

@app.route('/books/<int:book_id>', methods=['DELETE'])
def delete_book(book_id):
    global books
    books = [b for b in books if b["id"] != book_id]
    return ("", 204)

if __name__ == '__main__':
    app.run(debug=True)

# How it Works:
        # a. GET /books → Returns a list of all books.
        # b. GET /books/1 → Returns details of a book with id=1.
        # c. POST /books → Adds a new book (JSON payload required).
        # d. PUT /books/1 → Updates book with id=1.
        # e. DELETE /books/1 → Deletes book with id=1.

# When to Use Which Framework?
    # 1. Flask → Best for small, simple APIs with flexibility.
    # 2. FastAPI → Best for high-performance, async APIs.
    # 3. Django REST Framework → Best for large, Django-based applications.

In [None]:
# 2. Explain the concept of API specification?
    # An API specification is a document or blueprint that defines how an API should behave, including details such as endpoints, request/response formats, authentication, and error handling. It serves as a contract between the API provider and the consumers (clients).

# Key Elements of an API Specification
    # 1. Endpoints & Routes – Defines available URLs and their purpose (e.g., /users, /orders/{id}).
    # 2. HTTP Methods – Specifies which methods are supported (GET, POST, PUT, DELETE, etc.).
    # 3. Request Parameters – Describes required and optional parameters for each request.
    # 4. Request & Response Format – Defines the expected data structure (usually JSON or XML).
    # 5. Authentication & Authorization – Specifies how users can access the API (OAuth, JWT, API keys).
    # 6. Error Handling – Lists possible errors and corresponding HTTP status codes (e.g., 404 Not Found, 400 Bad Request).
    # 7. Rate Limiting & Throttling – Defines restrictions on API usage to prevent abuse.

# API Specification Formats
    # Several standards help define and document API specifications:
        # 1. OpenAPI (Swagger)
            # a. OpenAPI Specification (OAS) is the most widely used standard for documenting REST APIs.
            # b. It provides a structured way to describe an API, allowing auto-generation of client SDKs and documentation.

# Example OpenAPI
openapi: 3.0.0
info:
  title: Books API
  version: 1.0.0
paths:
  /books:
    get:
      summary: Get all books
      responses:
        "200":
          description: A list of books
          content:
            application/json:
              schema:
                type: array
                items:
                  type: object
                  properties:
                    id:
                      type: integer
                    title:
                      type: string
                    author:
                      type: string

        2. RAML (RESTful API Modeling Language)
            # a. Another YAML-based specification format.
            # b. Similar to OpenAPI but more human-readable.

        # 3. API Blueprint
            # Markdown-based format for describing APIs.

# Generating API Specification in Python
    # Using FastAPI (Automatically Generates OpenAPI Docs)
    # FastAPI automatically creates an OpenAPI-compliant specification.

from fastapi import FastAPI

app = FastAPI()

@app.get("/books")
def get_books():
    return [{"id": 1, "title": "1984", "author": "George Orwell"}]

# Using Flask with Flask-Swagger
For Flask, you can use Flask-Swagger or Flasgger:

from flask import Flask, jsonify
from flasgger import Swagger

app = Flask(__name__)
Swagger(app)

@app.route('/books', methods=['GET'])
def get_books():
    """
    Get all books
    ---
    responses:
      200:
        description: A list of books
    """
    return jsonify([{"id": 1, "title": "1984"}])

if __name__ == '__main__':
    app.run(debug=True)

# Why API Specification Matters?
    # 1. Ensures consistency and standardization.
    # 2. Simplifies integration for developers.
    # 3. Enables auto-generation of documentation and SDKs.
    # 4. Helps with versioning and maintaining APIs over time.

In [None]:
# 3. What is Flask, and why is it popular for building APIs?
    # Flask is a lightweight and flexible web framework for Python, used primarily to build web applications and RESTful APIs. It follows the WSGI (Web Server Gateway Interface) standard and is designed to be simple yet powerful, making it an excellent choice for both beginners and experienced developers.

# Why is Flask Popular for Building APIs?
    # Flask is widely used for API development because of several key advantages:

        # 1. Lightweight & Minimalistic
            # Unlike Django, which is a full-fledged web framework, Flask provides only the essential tools needed for web development.
            # You can add only the components you need, keeping your application lean and efficient.

        # 2. Easy to Learn and Use
            # The framework has a simple, intuitive syntax, making it easy for beginners.

# Example: A basic API endpoint in Flask:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)

    #  3. RESTful API Friendly
        # Flask makes it easy to define GET, POST, PUT, and DELETE routes for building RESTful APIs.
        # It supports JSON responses using Flask’s built-in jsonify() method.

    # 4. Extensibility
        # Flask allows you to integrate third-party extensions like:
        # Flask-RESTful → Simplifies REST API creation.
        # Flask-SQLAlchemy → Adds database support with SQLAlchemy ORM.
        # Flask-JWT-Extended → Implements JWT authentication.
        # Flask-Swagger → Auto-generates API documentation.

    # 5. Asynchronous Support
        # While Flask is synchronous by default, it can be integrated with async libraries like gevent or Quart for better performance.

    # 6. Supports Middleware & Blueprints
        # Blueprints allow modular API design, making it easier to build large applications.
        # Middleware support helps with logging, authentication, and request processing.

    # 7. Compatible with Any Database
        # Works with SQL (PostgreSQL, MySQL, SQLite) and NoSQL (MongoDB, Firebase, Redis) databases.

# Example
from flask import Flask, jsonify, request

app = Flask(__name__)

books = [
    {"id": 1, "title": "1984", "author": "George Orwell"},
    {"id": 2, "title": "Brave New World", "author": "Aldous Huxley"}
]

@app.route('/books', methods=['GET'])
def get_books():
    return jsonify(books)

@app.route('/books/<int:book_id>', methods=['GET'])
def get_book(book_id):
    book = next((b for b in books if b["id"] == book_id), None)
    return jsonify(book) if book else ("Not Found", 404)

@app.route('/books', methods=['POST'])
def add_book():
    new_book = request.json
    books.append(new_book)
    return jsonify(new_book), 201

@app.route('/books/<int:book_id>', methods=['DELETE'])
def delete_book(book_id):
    global books
    books = [b for b in books if b["id"] != book_id]
    return ("", 204)

if __name__ == '__main__':
    app.run(debug=True)

# How to Run the API
    # 1. Install Flask:
pip install flask

    # 2. Run the script:
python app.py

    # 3.Test the API:
        # GET all books → http://127.0.0.1:5000/books
        # GET a book by ID → http://127.0.0.1:5000/books/1
        # POST a new book → Send JSON { "id": 3, "title": "Dune", "author": "Frank Herbert" }
        # DELETE a book → http://127.0.0.1:5000/books/1

# When to Use Flask for API Development?
    # When building small to medium-sized APIs.
    # When you need flexibility in choosing libraries.
    # When working on microservices or serverless applications.
    # When you need quick development with minimal overhead.

In [None]:
# 4. What is routing in Flask?
    # In Flask, routing is the process of mapping URLs (routes) to specific functions (view functions) that handle client requests. When a user visits a specific URL, Flask runs the corresponding function and returns a response.

# How Routing Works in Flask
    # Flask uses the @app.route() decorator to define routes.

# Example
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to my Flask app!"

if __name__ == '__main__':
    app.run(debug=True)

# Types of Routes in Flask
    # 1. Static Routes
        # These are fixed URLs that always return the same response.
@app.route('/about')
def about():
    return "This is the About Page!"

    # 2. Dynamic Routes
        # Dynamic routes allow passing variables in the URL.
@app.route('/user/<username>')
def greet_user(username):
    return f"Hello, {username}!"

    # 3. Multiple Routes for the Same Function
        # A single function can handle multiple routes.
@app.route('/')
@app.route('/home')
def home():
    return "Welcome to the Home Page!"

    # 4. Handling HTTP Methods
        # By default, Flask routes accept only GET requests. You can allow other methods using the methods argument.
@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Form Submitted!"
    return "Submit your form."

# URL Building with url_for()
    # Flask provides url_for() to generate URLs dynamically.

from flask import url_for

@app.route('/profile/<username>')
def profile(username):
    return f"User: {username}"

with app.test_request_context():
    print(url_for('profile', username='Alice'))

# Why is Routing Important?
    # Helps organize API endpoints and web pages.
    # Supports dynamic URLs for personalized experiences.
    # Allows different HTTP methods for CRUD operations.
    # Makes URLs user-friendly and SEO-friendly.

In [None]:
# 5. How do you create a simple Flask application?
    # A Flask application is easy to set up and run. Follow these steps to create a basic web app.

# Step 1: Install Flask
    # Before starting, install Flask using pip:
pip install flask

# Step 2: Create a Flask Application
    # Create a new Python file, e.g., app.py.
    # Add the following basic Flask code:

# Basic Flask App (Hello, World!)
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)

# Step 3: Run the Flask App
    # In your terminal, navigate to the project folder and run:
python app.py

# Step 4: Adding More Routes
    # We can define multiple routes to handle different pages.
@app.route('/about')
def about():
    return "This is the About Page"

@app.route('/user/<name>')
def greet_user(name):
    return f"Hello, {name}!"

# Step 5: Returning HTML Content
    # Instead of plain text, Flask can return HTML content.
@app.route('/html')
def html_page():
    return """<h1>Welcome!</h1>
              <p>This is an HTML page.</p>"""

# Step 6: Using Templates for Dynamic Pages
    # Flask supports Jinja2 templates for rendering HTML pages dynamically.

    # 1. Create a templates/ folder in your project.
    # 2. Inside templates/,create an index.html file:

<!DOCTYPE html>
<html>
<head>
    <title>Flask App</title>
</head>
<body>
    <h1>Welcome to Flask</h1>
    <p>Hello, {{ name }}!</p>
</body>
</html>

    # 3. from flask import render_template

@app.route('/welcome/<name>')
def welcome(name):
    return render_template('index.html', name=name)

    # 4. Visit: http://127.0.0.1:5000/welcome/John → It will display "Hello, John!".

# Step 7: Handling Forms (POST Requests)
    # Flask can handle forms and user input.

# 1️. Create a form.html file in the templates/ folder
<form action="/submit" method="POST">
    <input type="text" name="name" placeholder="Enter your name">
    <input type="submit" value="Submit">
</form>

# 2.  Modify app.py to handle form submission
from flask import request

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form['name']
    return f"Hello, {name}!"

# Step 8: Running the Flask App with Debug Mode
    # For development, always enable debug mode:
python app.py
    or 
flask run

# Next Steps
    # Now that you have a basic Flask app, you can:
        # 1. Connect to a database (SQLite, MySQL, MongoDB)
        # 2. Create a REST API with Flask-RESTful
        # 3. Use Flask-SQLAlchemy for ORM
        # 4. Implement authentication (JWT, OAuth)
        # 4. Deploy the app on Heroku, AWS, or DigitalOcean

In [None]:
# 6. What are HTTP methods used in RESTful APIs?
    # In RESTful APIs, different HTTP methods are used to perform actions on resources. These methods allow clients to interact with the server and manage data efficiently.

# 1️. GET – Retrieving Data
    # The GET method is used to fetch data from the server. It is a read-only operation and does not modify any data.

# Example: Retrieving all users from a database.
@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)
# 2️. POST – Creating a New Resource
    # The POST method is used to create new resources on the server. The client sends data in the request body, and the server stores it.

# Example: Adding a new user.
@app.route('/users', methods=['POST'])
def create_user():
    new_user = request.json
    users.append(new_user)
    return jsonify(new_user), 201
# 3️. PUT – Updating an Entire Resource
    # The PUT method is used to update an existing resource by completely replacing it with new data.

# Example: Updating user details.
@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    updated_user = request.json
    for user in users:
        if user["id"] == user_id:
            user.update(updated_user)
            return jsonify(user)
    return "User not found", 404

# 4️. PATCH – Partially Updating a Resource
    # The PATCH method is used to update specific fields of a resource instead of replacing the entire record.

# Example: Updating only the name of a user.
@app.route('/users/<int:user_id>', methods=['PATCH'])
def patch_user(user_id):
    data = request.json
    for user in users:
        if user["id"] == user_id:
            user.update(data)
            return jsonify(user)
    return "User not found", 404

# 5️. DELETE – Removing a Resource
    # The DELETE method is used to remove a resource from the server.

# Example: Deleting a user by ID.
@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    global users
    users = [user for user in users if user["id"] != user_id]
    return "", 204

In [None]:
# 7. What is the purpose of the @app.route() decorator in Flask?
    # The @app.route() decorator in Flask is used to define the URL routes of a web application. It tells Flask which function should be executed when a specific URL is accessed.

# How It Works
    # In Flask, when a user visits a particular URL, the @app.route() decorator maps that URL to a specific Python function, known as a view function.

# Example: Basic Route
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to Flask!"

# Defining Multiple Routes
    # You can create multiple routes for different pages.
@app.route('/about')
def about():
    return "This is the About Page"

# Dynamic Routes (Passing Parameters)
    # Flask allows dynamic routes where parts of the URL can act as variables.
@app.route('/user/<name>')
def greet(name):
    return f"Hello, {name}!"

    # We can also specify data types:
@app.route('/user/<int:user_id>')
def show_user(user_id):
    return f"User ID: {user_id}"

# Handling Multiple Routes with One Function
    # You can assign multiple URLs to the same function.
@app.route('/')
@app.route('/home')
def home():
    return "Welcome to Flask!"
# Using HTTP Methods
    # By default, routes only accept GET requests. You can specify methods like POST, PUT, or DELETE.
@app.route('/submit', methods=['POST'])
def submit():
    return "Form Submitted!"

# Summary
    # @app.route() maps URLs to functions.
    # Supports static and dynamic URLs.
    # Can handle multiple routes per function.
    # Can restrict to specific HTTP methods.

In [None]:
# 8. What is the difference between GET and POST HTTP methods?
    # Both GET and POST are commonly used HTTP methods in RESTful APIs, but they serve different purposes and have key differences in how they handle data.

# 1️. GET Method
    # Purpose: Used to retrieve data from the server.
    # Characteristics:
        # Sends data via the URL (query parameters).
        # Visible in the browser's address bar.
        # Cached by browsers (can be stored for future use).
        # Idempotent (multiple requests produce the same result).
        # Typically used for reading data (e.g., fetching user details).

# Example in Flask:
@app.route('/user', methods=['GET'])
def get_user():
    name = request.args.get('name')
    return f"User: {name}"

#  Example URL Request:
GET /user?name=Alice

# Response:
User: Alice

# 2.  POST Method
    # Purpose: Used to send data to the server (e.g., submitting a form, creating a new record).
    
# Characteristics:
    # Sends data in the request body (not visible in the URL).
    # Not cached by browsers.
    # Non-idempotent (multiple requests can create multiple records).
    # Used for writing data (e.g., submitting a form, adding a new user).

# Example in Flask:
@app.route('/user', methods=['POST'])
def create_user():
    data = request.json
    return f"User {data['name']} created!", 201

# Example Request:
POST /user
Body: {"name": "Alice"}

# Response:
User Alice created!

# Key Differences
# 1. Data Visibility:
    # GET sends data via URL (query string).
    # POST sends data in the request body (hidden from the URL).

# 2. Use Case:
    # GET is for retrieving data (safe, read-only).
    # POST is for creating or submitting data.

# 3. Security:
    # GET is less secure (parameters visible in URL, stored in browser history).
    # POST is more secure (data sent in body, not stored in history).

# 4. Caching:
    # GET requests can be cached.
    # POST requests are not cached.

# 5. Idempotency:
    # GET is idempotent (repeated requests return the same data).
    # POST is not idempotent (repeated requests may create multiple records).

# When to Use GET vs POST?
    # Use GET when:
        # You want to retrieve data.
        # The request does not modify data.
        # The data can be cached for faster access.

    # Use POST when:
        # You want to submit data to the server.
        # The request modifies or creates data.
        # Data should not be visible in the URL for security reasons.

In [None]:
# 9. How do you handle error in Flask APIs?
    # Handling errors properly in a Flask API is crucial for providing meaningful feedback to clients while maintaining security. Here’s a structured way to do it:

# 1. Using abort() for HTTP Errors
    # Flask provides abort() to send error responses with a specific status code.
from flask import Flask, abort

app = Flask(__name__)

@app.route('/protected')
def protected():
    abort(403)

# 2. Using errorhandler() Decorator
# You can define custom error handlers using the @app.errorhandler decorator.
from flask import jsonify

@app.errorhandler(404)
def not_found(error):
    return jsonify({"error": "Resource not found"}), 404

@app.errorhandler(500)
def internal_server_error(error):
    return jsonify({"error": "Something went wrong"}), 500

# 3. Handling Errors Globally
    # For a more scalable approach, handle multiple error types in a generic error handler.
@app.errorhandler(Exception)
def handle_exception(e):
    response = {
        "error": str(e),
        "type": e.__class__.__name__
    }
    return jsonify(response), 500

# 4. Using Flask's abort() with Custom Messages
    # You can pass JSON responses with abort().
from flask import abort, jsonify

@app.route('/custom_abort')
def custom_abort():
    abort(jsonify({"error": "Custom error message"}), 400)

# 5. Creating a Custom Exception Class
    # For more structured error handling, define custom exceptions.
class APIError(Exception):
    def __init__(self, message, status_code):
        super().__init__(message)
        self.message = message
        self.status_code = status_code

@app.errorhandler(APIError)
def handle_api_error(error):
    response = jsonify({"error": error.message})
    return response, error.status_code

@app.route('/raise_error')
def raise_error():
    raise APIError("This is a custom API error", 400)

# 6. Handling werkzeug Exceptions
    # werkzeug.exceptions provides built-in HTTP exceptions.
from werkzeug.exceptions import BadRequest, NotFound

@app.route('/bad_request')
def bad_request():
    raise BadRequest("Invalid request data")

@app.route('/not_found')
def not_found():
    raise NotFound("The requested resource was not found")

# 7. Logging Errors for Debugging
    # Logging helps debug errors in production.
import logging

logging.basicConfig(filename='error.log', level=logging.ERROR)

@app.errorhandler(Exception)
def handle_all_errors(e):
    logging.error(f"Error: {str(e)}")
    return jsonify({"error": "An unexpected error occurred"}), 500

In [None]:
# 10. How do you connect Flask to a SQL database?
    # Connecting Flask to a SQL database in Python is typically done using Flask-SQLAlchemy, an extension that simplifies database operations. Here’s a step-by-step guide:

# 1. Install Flask-SQLAlchemy
    # If you haven’t installed it yet, run:

pip install flask-sqlalchemy

# 2. Configure Flask with SQLAlchemy
    # First, import and initialize SQLAlchemy in your Flask app.

from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)

app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

db = SQLAlchemy(app)

# 3. Define a Database Model
    # Create a model representing a table in your database.

class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100), nullable=False)
    email = db.Column(db.String(120), unique=True, nullable=False)

    def __repr__(self):
        return f'<User {self.name}>'

# 4. Create the Database
    # Run the following commands to initialize the database:

    with app.app_context():
    db.create_all()

# 5. Insert Data into the Database
    # To add a new user:

    with app.app_context():
    new_user = User(name="John Doe", email="john@example.com")
    db.session.add(new_user)
    db.session.commit()

# 6. Query Data from the Database
    # Retrieve users from the database:

    with app.app_context():
    users = User.query.all()
    for user in users:
        print(user.name, user.email)

# 7. Update & Delete Data
    # Update a Record

    with app.app_context():
    user = User.query.filter_by(name="John Doe").first()
    user.email = "john.doe@example.com"
    db.session.commit()

    # Delete a Record

    with app.app_context():
    user = User.query.filter_by(name="John Doe").first()
    db.session.delete(user)
    db.session.commit()

# 8. Integrate with Flask Routes
    # Here’s an example of a simple API:

    from flask import request, jsonify

@app.route('/users', methods=['GET'])
def get_users():
    users = User.query.all()
    return jsonify([{"id": user.id, "name": user.name, "email": user.email} for user in users])

@app.route('/users', methods=['POST'])
def add_user():
    data = request.get_json()
    new_user = User(name=data['name'], email=data['email'])
    db.session.add(new_user)
    db.session.commit()
    return jsonify({"message": "User added successfully"}), 201
# 9. Use Migrations (Flask-Migrate) for Schema Changes
    # For schema changes, use Flask-Migrate:
     pip install flask-migrate

    # Initialize Migrations
    from flask_migrate import Migrate

migrate = Migrate(app, db)

    # Run Migrations
flask db init
flask db migrate -m "Initial migration"
flask db upgrade


In [None]:
# 11. What is the role of Flask-SQLAlchemy?
    # Flask-SQLAlchemy is an extension for Flask that simplifies database interactions by integrating SQLAlchemy, a powerful Object-Relational Mapper (ORM). It allows developers to work with databases using Python objects instead of raw SQL queries.

# Key Roles and Benefits
    # 1. Object-Relational Mapping (ORM) Flask-SQLAlchemy converts Python classes into database tables, eliminating the need to write raw SQL queries. Instead of manually executing SQL commands like INSERT INTO users (name) VALUES ('John');, you define a model and use Python to interact with the database.
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100), nullable=False)

new_user = User(name="John")
db.session.add(new_user)
db.session.commit()

    # 2. Database Abstraction Flask-SQLAlchemy supports multiple databases such as SQLite, PostgreSQL, and MySQL. You can switch databases just by modifying the SQLALCHEMY_DATABASE_URI configuration without changing any other code.

    # 3. Simplified CRUD Operations It provides an easy way to perform Create, Read, Update, and Delete (CRUD) operations:
        # Adding a record:
user = User(name="Alice")
db.session.add(user)
db.session.commit()

        # Fetching records:
users = User.query.all()

        # Updating a record:
user = User.query.filter_by(name="Alice").first()
user.name = "Alicia"
db.session.commit()

        # Deleting a record:
db.session.delete(user)
db.session.commit()

    # 4. Migrations with Flask-Migrate Database schemas change over time, and manually altering tables can be error-prone. Flask-SQLAlchemy works well with Flask-Migrate, allowing developers to modify database schemas without losing data.

    # 5. Session Management It efficiently manages database transactions, ensuring that changes are committed properly. If an error occurs during a transaction, SQLAlchemy can automatically rollback changes to maintain data integrity.

    # 6. Query Optimization Flask-SQLAlchemy allows you to write optimized queries using its query builder. For example, filtering users by name:
users = User.query.filter(User.name.like("%John%")).all()

    # 7. Security Using an ORM helps prevent SQL Injection attacks by escaping input values. For example, querying users securely:
user = User.query.filter_by(id=1).first()

# Why Use Flask-SQLAlchemy Instead of Raw SQL?
    # Flask-SQLAlchemy improves code readability, enhances security, simplifies database migrations, and allows easy switching between databases. Instead of handling low-level SQL operations manually, developers can focus on writing cleaner and more maintainable code.

In [None]:
# 12. What are Flask blueprints,and they useful?
    # Flask Blueprints are a way to organize a Flask application into smaller, reusable modules. They help break down a large application into manageable pieces, making it easier to maintain and scale.

# What Are Flask Blueprints?
    # A Blueprint in Flask is like a mini-application that can define routes, templates, static files, and middleware independently of the main Flask app. Instead of defining all routes and logic in a single app.py file, you can create separate blueprints for different features or sections of your application.

# Why Use Blueprints?
    # 1. Modularity – Helps separate different parts of an application (e.g., authentication, admin panel, API routes).
    # 2. Code Organization – Makes the project cleaner and easier to navigate.
    # 3. Reusability – You can reuse blueprints across multiple projects.
    # 4. Collaboration – Useful for large teams working on different modules simultaneously. 

# How to Use Flask Blueprints?
    # 1. Create a Blueprint
        # Inside your Flask project, create a separate module (folder) for the blueprint. For example, let's create an auth blueprint for authentication.

/my_flask_app
│── app.py
│── auth/
│   ├── __init__.py
│   ├── routes.py
│   ├── templates/
│   ├── static/

    # 2. Define the Blueprint
        # Inside auth/routes.py:

from flask import Blueprint, render_template

auth = Blueprint('auth', __name__, template_folder='templates')

@auth.route('/login')
def login():
    return render_template('login.html')

@auth.route('/logout')
def logout():
    return "You have been logged out"

    # 3. Register the Blueprint in the Main App
        # Modify app.py to include the blueprint:
    
from flask import Flask
from auth.routes import auth

app = Flask(__name__)

app.register_blueprint(auth, url_prefix='/auth')

if __name__ == "__main__":
    app.run(debug=True)

In [None]:
# 13. What is the purpose of Flask's request object?
    # The request object in Flask is used to handle incoming HTTP requests. It contains all the data sent by a client (such as a web browser or API consumer) when making a request to the server.

# Purpose of the request Object
    # The request object allows you to:
        # 1. Access form data (e.g., user inputs from an HTML form).
        # 2. Retrieve query parameters from a URL (e.g., ?search=flask).
        # 3. Handle JSON data sent in an API request.
        # 4. Get HTTP headers (e.g., authentication tokens, content type).
        # 5. Handle file uploads.
        # 6. Determine the request method (GET, POST, PUT, DELETE, etc.).

# Using request in Flask
    # First, you need to import it from flask:

from flask import Flask, request

app = Flask(__name__)

@app.route('/data', methods=['GET', 'POST'])
def handle_data():
    if request.method == 'POST':
        form_data = request.form['name']  # Get form data
        return f"Received: {form_data}"

    return "Send a POST request with form data."

if __name__ == '__main__':
    app.run(debug=True)

# Common Attributes of request
    # 1. Getting Form Data (POST)

name = request.form['name']  # Access form field with key "name"

    # 2. Getting Query Parameters (GET)

search = request.args.get('query')  # URL: /search?query=flask

    # 3. Handling JSON Data (API)

data = request.get_json()  # Expecting JSON in the request body

    # 4. Getting Request Headers

user_agent = request.headers.get('User-Agent')

    # 5. Handling File Uploads

file = request.files['file']
file.save('uploads/' + file.filename)

    # 6. Getting Request Method

if request.method == 'POST':
    print("Handling a POST request")

# Example: Handling Different Data Types

@app.route('/submit', methods=['POST'])
def submit():
    form_data = request.form.get('name')
    query_param = request.args.get('id')
    json_data = request.get_json()
    return f"Form: {form_data}, Query: {query_param}, JSON: {json_data}"

In [None]:
# 14. How do you creat a RESTful API endpoint using Flask?
    # Flask makes it easy to create RESTful API endpoints using the Flask class and the request object.

# 1. Install Flask (if not already installed)

pip install flask

# 2. Basic RESTful API Example
    # Create a file called app.py and add the following code:

from flask import Flask, request, jsonify

app = Flask(__name__)

users = [
    {"id": 1, "name": "Alice"},
    {"id": 2, "name": "Bob"}
]

@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    user = next((u for u in users if u["id"] == user_id), None)
    if user:
        return jsonify(user)
    return jsonify({"error": "User not found"}), 404

@app.route('/users', methods=['POST'])
def create_user():
    data = request.get_json()
    if not data or "name" not in data:
        return jsonify({"error": "Invalid input"}), 400

    new_user = {"id": len(users) + 1, "name": data["name"]}
    users.append(new_user)
    return jsonify(new_user), 201

@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    user = next((u for u in users if u["id"] == user_id), None)
    if not user:
        return jsonify({"error": "User not found"}), 404

    data = request.get_json()
    if not data or "name" not in data:
        return jsonify({"error": "Invalid input"}), 400

    user["name"] = data["name"]
    return jsonify(user)

@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    global users
    users = [u for u in users if u["id"] != user_id]
    return jsonify({"message": "User deleted"}), 200

if __name__ == '__main__':
    app.run(debug=True)

# 3. Testing the API
    # You can test the API using Postman, cURL, or the Python requests module.
    # Fetch All Users (GET)

curl -X GET http://127.0.0.1:5000/users

    # Fetch a Single User (GET)

curl -X GET http://127.0.0.1:5000/users/1

    # Add a New User (POST)

curl -X POST http://127.0.0.1:5000/users -H "Content-Type: application/json" -d '{"name": "Charlie"}'

    # Update a User (PUT)

curl -X PUT http://127.0.0.1:5000/users/1 -H "Content-Type: application/json" -d '{"name": "Alice Updated"}'

    # Delete a User (DELETE)

curl -X DELETE http://127.0.0.1:5000/users/1


In [None]:
# 15. What is the purpose of Flask's jsonify() function?
    # The jsonify() function in Flask is used to convert Python data structures (like dictionaries and lists) into a proper JSON response that can be returned from a Flask route.

# Purpose of jsonify()
    # 1. Converts Python data (dict, list, etc.) to JSON format.
    # 2. Automatically sets the correct Content-Type header (application/json).
    # 3. Handles Unicode characters properly.
    # 4. Supports JSON formatting for API responses.

# Basic Example
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/json')
def return_json():
    data = {"message": "Hello, Flask!", "status": "success"}
    return jsonify(data)

if __name__ == '__main__':
    app.run(debug=True)

# Why Use jsonify() Instead of return dict?
    # You might think returning a dictionary directly works in Flask:

@app.route('/wrong')
def wrong_way():
    return {"message": "Hello, Flask!"}

# While Flask will still return JSON, it's not the recommended way because:
    # jsonify() ensures proper JSON formatting.
    # It automatically sets the application/json header.
    # It handles encoding issues (e.g., Unicode characters).
    # It's more consistent with Flask’s best practices.3

# Example: Returning JSON from a REST API

from flask import Flask, jsonify

app = Flask(__name__)

users = [
    {"id": 1, "name": "Alice"},
    {"id": 2, "name": "Bob"}
]

@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

if __name__ == '__main__':
    app.run(debug=True)

# Response (/users endpoint)

[
    {"id": 1, "name": "Alice"},
    {"id": 2, "name": "Bob"}
]

# Handling HTTP Status Codes with jsonify()
    # You can also return custom HTTP status codes using jsonify():

@app.route('/error')
def error():
    return jsonify({"error": "Resource not found"}), 404  # Return JSON + 404 status

# Response (/error endpoint)

{
    "error": "Resource not found"
}

In [None]:
# 16. Explain Flask's url_for() function.
    # The url_for() function in Flask is used to dynamically generate URLs for routes in a Flask application. Instead of hardcoding URLs, you use url_for() to ensure that URLs are correctly generated and updated automatically if route names or structures change.

# Why Use url_for()?
    # 1. Avoid hardcoding URLs – If you change a route, you don't have to update multiple places in your code.
    # 2. More readable and maintainable code – Improves flexibility and structure.
    # 3. Handles URL changes automatically – Works even if the app is deployed with a different base URL.
    # 4. Supports dynamic URLs with arguments – Generates URLs with query parameters and route variables.

# Basic Example
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page!"

@app.route('/profile/<username>')
def profile(username):
    return f"Hello, {username}!"

@app.route('/generate-url')
def generate_url():
    home_url = url_for('home')
    profile_url = url_for('profile', username='JohnDoe')
    return f"Home URL: {home_url} <br> Profile URL: {profile_url}"

if __name__ == '__main__':
    app.run(debug=True)

# How url_for() Works
    # 1. Generating a Simple URL
url_for('home')

    # 2. Generating a URL with Route Variables
url_for('profile', username='JohnDoe')

    # 3. Adding Query Parameters
url_for('profile', username='JohnDoe', ref='google')

    # 4. Using url_for() in Templates
        # In HTML templates, url_for() is commonly used inside Jinja2:
<a href="{{ url_for('home') }}">Home</a>
<a href="{{ url_for('profile', username='Alice') }}">Alice's Profile</a>

    # 5. Generating URLs for Static Files
url_for('static', filename='css/style.css')

# Why url_for() is Better Than Hardcoding URLs
    # Hardcoded URL (Bad Practice):
<a href="/profile/JohnDoe">Profile</a>

        # If the route /profile/<username> changes, you must update all links manually.

    #  Using url_for() (Best Practice):
<a href="{{ url_for('profile', username='JohnDoe') }}">Profile</a>

        # If the route changes, url_for() updates URLs dynamically.

In [None]:
# 17. How does Flask handle static files (CSS, JavaScript, etc.)?
    # Flask serves static files like CSS, JavaScript, and images from the static/ folder. The framework automatically looks for static files in this directory and makes them accessible via the /static/ URL path.

# 1. Organizing Static Files in Flask
    # A common Flask project structure looks like this:

/my_flask_app
│── app.py
│── /static
│   ├── css/
│   │   ├── style.css
│   ├── js/
│   │   ├── script.js
│   ├── images/
│   │   ├── logo.png
│── /templates
│   ├── index.html

# 2. Serving Static Files in HTML Using url_for()
    # To properly reference static files in HTML templates, use url_for('static', filename='path/to/file').

# Example HTML (index.html):

'''<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Flask Static Files</title>
    <link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}">
    <script src="{{ url_for('static', filename='js/script.js') }}"></script>
</head>
<body>
    <h1>Welcome to Flask Static File Demo</h1>
    <img src="{{ url_for('static', filename='images/logo.png') }}" alt="Logo">
</body>
</html>
'''
# 3. Example Flask App Serving Static Files
    # Create a simple app.py:

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


# 4. Example Static Files
    # CSS (static/css/style.css)

'''body {
    background-color: #f4f4f4;
    font-family: Arial, sans-serif;
    text-align: center;
}
h1 {
    color: blue;
}
'''

# JavaScript (static/js/script.js)
'''document.addEventListener("DOMContentLoaded", function() {
    console.log("JavaScript is loaded!");
});
'''

# 5. Manually Serving Static Files
    # Although Flask automatically serves files from the /static/ directory, you can serve them manually if needed.

# Example:

from flask import send_from_directory

@app.route('/uploads/<filename>')
def uploaded_file(filename):
    return send_from_directory('uploads', filename)

In [None]:
# 18. What is an API specification, and how does it help in building a Flask API?
    # An API specification is a detailed document that defines how an API should function. It describes the available endpoints, request parameters, response formats, authentication methods, and error handling. API specifications ensure consistency, interoperability, and ease of integration between clients and servers.

# Why is an API Specification Important?
    # 1. Standardization: Ensures all developers follow the same rules when building or consuming the API.
    # 2. Interoperability: Allows different systems (web, mobile, third-party apps) to interact seamlessly.
    # 3. Documentation: Helps developers understand how to use the API correctly.
    # 4. Testing & Validation: Enables automated testing and contract validation.

# Common API Specification Formats
    # 1. OpenAPI (Swagger) – Most widely used for REST APIs
    # 2. RAML (RESTful API Modeling Language) – YAML-based, used in enterprise environments
    # 3. GraphQL Schema – Defines data structures and queries for GraphQL APIs
    # 4. API Blueprint – Markdown-based specification

# How an API Specification Helps in Building a Flask API
    # 1. When developing a Flask API, using an API specification provides:
    # 2. A clear structure for endpoints, parameters, and responses
    # 3. Automatic documentation with tools like Swagger UI
    # 4. Consistency across different API versions
    # 5. Easier debugging and integration with front-end apps

# Example: Flask API with OpenAPI (Swagger)
    # Flask can integrate with Swagger to automatically generate API documentation.
    # To do this, we use Flask-RESTful and Flasgger.

# Step 1: Install Required Packages
pip install flask flask-restful flasgger

# Step 2: Create a Flask API with OpenAPI Specification
from flask import Flask, request, jsonify
from flask_restful import Api, Resource
from flasgger import Swagger

app = Flask(__name__)
api = Api(app)
swagger = Swagger(app)

users = [
    {"id": 1, "name": "Alice"},
    {"id": 2, "name": "Bob"}
]

class UserList(Resource):
    def get(self):
        """
        Get all users
        ---
        responses:
          200:
            description: A list of users
            schema:
              type: array
              items:
                type: object
                properties:
                  id:
                    type: integer
                  name:
                    type: string
        """
        return jsonify(users)

    def post(self):
        """
        Create a new user
        ---
        parameters:
          - name: name
            in: formData
            type: string
            required: true
            description: The name of the user
        responses:
          201:
            description: User created
        """
        data = request.get_json()
        new_user = {"id": len(users) + 1, "name": data["name"]}
        users.append(new_user)
        return jsonify(new_user), 201

api.add_resource(UserList, '/users')

if __name__ == '__main__':
    app.run(debug=True)

# Step 3: Access Swagger Documentation
    # 1. Run the Flask app (python app.py)
    # 2. Open http://127.0.0.1:5000/apidocs/ in a browser
    # 3. You will see an interactive Swagger UI that describes and allows testing of the API

# Benefits of Using API Specifications in Flask
    # 1. Auto-generated documentation for developers
    # 2. Easier API testing with Swagger UI
    # 3. Faster development by following a predefined contract
    # 4. Consistency in API structure

In [None]:
# 19. What are the HTTP status codes, and why are they important in Flask API?
    # HTTP status codes are standardized response codes that indicate the result of a client's request to a server. They help both clients and developers understand the outcome of an API request and handle errors effectively.

# Common HTTP Status Code Categories
    # HTTP status codes are categorized into five groups:

        # 1 (Informational) – Request received and continuing processing.

        # 2 (Success) – Request was successful.

            # 200 OK – The request succeeded (default for GET requests).
            # 201 Created – A new resource was successfully created (commonly used for POST requests).
            # 204 No Content – The request was successful but there is no content to return.

        # 3 (Redirection) – Further action needed.

            # 301 Moved Permanently – The resource has been moved to a new URL.
            # 302 Found – Temporary redirect to another URL.

        # 4 (Client Errors) – Issues with the client's request.

            # 400 Bad Request – The request was malformed or invalid.
            # 401 Unauthorized – Authentication required.
            # 403 Forbidden – The client does not have permission.
            # 404 Not Found – The requested resource does not exist.
            # 405 Method Not Allowed – The request method (e.g., POST, GET) is not supported.

        # 5 (Server Errors) – Issues with the server processing the request.

            # 500 Internal Server Error – Generic server error.
            # 502 Bad Gateway – Invalid response from an upstream server.
            # 503 Service Unavailable – Server is down or overloaded.
# Why Are HTTP Status Codes Important in a Flask API?
    # 1. Clear Communication – Helps clients understand what happened with their request.
    # 2. Error Handling – Clients can programmatically handle errors based on the response codes.
    # 3. Debugging – Makes it easier to troubleshoot API issues.
    # 4. REST API Best Practices – Proper status codes make your API more user-friendly and standards-compliant.

# Using HTTP Status Codes in Flask
    # Flask allows you to return HTTP status codes easily:

from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/success')
def success():
    return jsonify(message="Success"), 200

@app.route('/not_found')
def not_found():
    return jsonify(error="Resource not found"), 404

@app.route('/create', methods=['POST'])
def create():
    return jsonify(message="Resource created"), 201

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 20. How do you handle POST requests in Flask?
    # In Flask, a POST request is used to send data to the server, often for creating or updating resources. Here's how you handle POST requests effectively.

# 1. Basic POST Request Handling
    # Flask provides the request object to access incoming request data.

# Example: Handling a Simple POST Request
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def handle_post():
    data = request.json
    return jsonify({"message": "Data received", "data": data}), 201

if __name__ == '__main__':
    app.run(debug=True)

# 2. Handling Form Data
    # If the data is sent using form encoding (e.g., application/x-www-form-urlencoded), use request.form:

    @app.route('/submit-form', methods=['POST'])
def handle_form():
    name = request.form.get('name')
    email = request.form.get('email')
    return jsonify({"message": "Form received", "name": name, "email": email}), 200

# 3. Handling File Uploads
    # Flask can handle file uploads using request.files:

@app.route('/upload', methods=['POST'])
def upload_file():
    if 'file' not in request.files:
        return jsonify({"error": "No file uploaded"}), 400
    
    file = request.files['file']
    file.save(f"./uploads/{file.filename}")  # Save file
    return jsonify({"message": "File uploaded successfully", "filename": file.filename}), 200

# 4. Handling Headers and Custom Responses
    # You can also read custom headers and send custom responses:

@app.route('/custom-header', methods=['POST'])
def custom_header():
    auth_token = request.headers.get('Authorization')  # Get custom header
    if not auth_token:
        return jsonify({"error": "Unauthorized"}), 401
    
    return jsonify({"message": "Access granted"}), 200

# 5. Validating Incoming Data
    # Always validate data to prevent errors or security issues:

@app.route('/validate', methods=['POST'])
def validate_data():
    data = request.json
    if not data or 'name' not in data:
        return jsonify({"error": "Missing 'name' field"}), 400
    return jsonify({"message": f"Hello, {data['name']}!"}), 200

# 6. Testing a POST Request
    # You can test POST endpoints using:
        # 1. Postman – A GUI tool to send requests.
        # 2. cURL – A command-line tool:

curl -X POST http://127.0.0.1:5000/submit -H "Content-Type: application/json" -d '{"name": "John"}'

# Python requests module:
import requests
response = requests.post("http://127.0.0.1:5000/submit", json={"name": "John"})
print(response.json())

In [None]:
# 21. How would you secure a Flask API?
    # When building a Flask API, security is crucial to protect sensitive data, prevent unauthorized access, and ensure system integrity. Here are the best practices for securing a Flask API:

# 1. Use HTTPS
    # Always use HTTPS instead of HTTP to encrypt data in transit.
    # Flask itself doesn’t provide HTTPS, but you can use Gunicorn, NGINX, or Apache with an SSL certificate.

# Example (if using Flask’s built-in server for development):
app.run(ssl_context=('cert.pem', 'key.pem'))

# 2. Authentication & Authorization
    # a. API Key Authentication
    # Require an API key for requests:

from flask import request, jsonify

API_KEY = "your-secure-api-key"

@app.before_request
def require_api_key():
    key = request.headers.get("X-API-KEY")
    if key != API_KEY:
        return jsonify({"error": "Unauthorized"}), 401

    # b. JWT (JSON Web Tokens) for Authentication
    # JWTs allow secure authentication without storing session data on the server.

from flask import request
import jwt
import datetime

SECRET_KEY = "your_secret_key"

def generate_token(user_id):
    payload = {"user_id": user_id, "exp": datetime.datetime.utcnow() + datetime.timedelta(hours=1)}
    return jwt.encode(payload, SECRET_KEY, algorithm="HS256")

def verify_token(token):
    try:
        return jwt.decode(token, SECRET_KEY, algorithms=["HS256"])
    except jwt.ExpiredSignatureError:
        return None

# 3. Secure User Input (Prevent SQL Injection, XSS, etc.)
    # a. Use Parameterized Queries
    # Never directly concatenate user input into SQL queries.

import sqlite3

conn = sqlite3.connect("database.db")
cursor = conn.cursor()
cursor.execute("SELECT * FROM users WHERE username = ?", (user_input,))

    # b. Sanitize User Input
    # For preventing Cross-Site Scripting (XSS), always sanitize input.

from markupsafe import escape

@app.route('/search')
def search():
    user_input = request.args.get("query")
    return f"Searching for {escape(user_input)}"

# 4. Rate Limiting
    # Prevent abuse and brute-force attacks using Flask-Limiter:

from flask_limiter import Limiter

limiter = Limiter(app, key_func=lambda: request.remote_addr)

@app.route('/login', methods=['POST'])
@limiter.limit("5 per minute")
def login():
    return jsonify({"message": "Login request"})

# 5. Enable CORS (Cross-Origin Resource Sharing) Safely
    # Use Flask-CORS to control API access from different domains:.

from flask_cors import CORS

CORS(app, resources={r"/api/*": {"origins": "https://trusted-domain.com"}})

# 6. Secure Session Management
    # Set secure cookies to prevent session hijacking:

app.config.update(
    SESSION_COOKIE_HTTPONLY=True,
    SESSION_COOKIE_SECURE=True,
    SESSION_COOKIE_SAMESITE='Lax'
)

# 7. Protect Against CSRF (Cross-Site Request Forgery)
    # Use Flask-WTF for CSRF protection:

from flask_wtf.csrf import CSRFProtect

csrf = CSRFProtect(app)

# 8. Log & Monitor API Activity
    # Enable logging for suspicious activity:
import logging

logging.basicConfig(filename="app.log", level=logging.INFO)

@app.before_request
def log_request_info():
    logging.info(f"Request: {request.method} {request.url}")

# 9. Use Secure Headers
    # Set security headers using Flask-Talisman:

from flask_talisman import Talisman

Talisman(app, content_security_policy=None)  # Adjust as needed

# 10. Keep Dependencies Updated
    # Regularly update Flask and dependencies:

pip install --upgrade flask

    # Use pip-audit to find vulnerabilities:

pip install pip-audit
pip-audit


In [None]:
# 22. What is the significance of the Flask-RESTful extension?
    # Flask-RESTful is an extension for Flask that simplifies building REST APIs by providing an organized structure and reducing boilerplate code. It enhances Flask’s capabilities by introducing a more object-oriented approach to defining API endpoints.

# Key Benefits of Flask-RESTful
    # 1. Simplifies API Development
        # Flask-RESTful introduces a class-based structure for defining resources, making API development cleaner and more manageable.

# Example:
from flask import Flask
from flask_restful import Resource, Api

app = Flask(__name__)
api = Api(app)

class HelloWorld(Resource):
    def get(self):
        return {"message": "Hello, World!"}

api.add_resource(HelloWorld, '/')

if __name__ == '__main__':
    app.run(debug=True)

# 2. Built-in Support for HTTP Methods
    # Flask-RESTful automatically maps HTTP methods (GET, POST, PUT, DELETE) to class methods.

# Example:
class User(Resource):
    def get(self, user_id):
        return {"user_id": user_id, "name": "John Doe"}

    def post(self, user_id):
        return {"message": f"User {user_id} created"}, 201

api.add_resource(User, '/user/<int:user_id>')

# 3. Automatic Request Parsing
    # Flask-RESTful provides reqparse, which simplifies input validation and error handling.

# Example:
from flask_restful import reqparse

parser = reqparse.RequestParser()
parser.add_argument("name", type=str, required=True, help="Name cannot be blank")

class User(Resource):
    def post(self):
        args = parser.parse_args()
        return {"message": f"User {args['name']} created"}, 201

api.add_resource(User, "/user")

# 4. Better Error Handling
    # Flask-RESTful provides built-in exception handling and standardized error responses.

# Example:
from flask_restful import abort

users = {1: "Alice", 2: "Bob"}

class User(Resource):
    def get(self, user_id):
        if user_id not in users:
            abort(404, message="User not found")
        return {user_id: users[user_id]}

api.add_resource(User, "/user/<int:user_id>")

# 5. JSON Serialization Support
    # Since Flask-RESTful is designed for APIs, all responses are automatically converted to JSON.

# Example:
class User(Resource):
    def get(self):
        return {"name": "Alice", "age": 30}

api.add_resource(User, "/user")

# 6. Supports Method Chaining and Nested Resources
    # For hierarchical APIs, Flask-RESTful makes it easy to structure nested resources.

# Example:
class Book(Resource):
    def get(self, book_id):
        return {"book_id": book_id, "title": "Flask API Design"}

class Author(Resource):
    def get(self, author_id):
        return {"author_id": author_id, "name": "John Doe"}

api.add_resource(Book, "/book/<int:book_id>")
api.add_resource(Author, "/author/<int:author_id>")

# When to Use Flask-RESTful?
    # Best for:
        # Medium to large Flask APIs with multiple endpoints.
        # When you need better request parsing and validation.
        # If you prefer class-based views for cleaner code.

    # Avoid if:
        # You are building a small API with only a few endpoints.
        # You prefer Flask’s default function-based routes.

In [None]:
# 23. What is the role of Flask's session object?

# Flask's session object is used to store data that is specific to a user across multiple requests. It is essentially a way to maintain state in a stateless HTTP protocol. Here’s what it does:

# Key Features of session in Flask
    # 1. Stores User-Specific Data
        # Used to keep track of user-related data (e.g., login state, preferences) across multiple requests.

    # 2. Built on Cookies
        # The session data is stored on the client-side in a cookie, but it is cryptographically signed to prevent tampering.

    # 3. Uses Secure Signing with SECRET_KEY
        # Flask signs the session cookie with a secret key to ensure data integrity.

# Example:
from flask import Flask, session

app = Flask(__name__)
app.secret_key = 'your_secret_key'

@app.route('/set_session')
def set_session():
    session['username'] = 'Alice'
    return "Session data set!"

@app.route('/get_session')
def get_session():
    return f"Logged in as {session.get('username', 'Guest')}"

    # 4. Supports Server-Side Session Storage (Optional)
        # By default, Flask uses client-side sessions (stored in cookies). However, you can configure server-side storage using Flask extensions like:
        # Flask-Session (stores session data in Redis, databases, etc.)

    # 5. Session Expiration & Security
        # Sessions can have expiration times and can be cleared manually.

# Example of clearing a session:
session.pop('username', None)

# When to Use Flask's session
    # Maintaining user authentication states.
    # Storing temporary user-specific data.
    # Tracking user interactions during a session.

# Practical

In [None]:
# 1. How do you create a basic Flask application?

from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask! Welcome to my web app."

@app.route('/about')
def about():
    return "This is a basic Flask application."

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 2. How do you serve static files like images or CSS in Flask?

from flask import Flask, send_from_directory

app = Flask(__name__)

@app.route('/static/<path:filename>')
def serve_static_file(filename):
    return send_from_directory('static', filename)

@app.route('/')
def home():
    return '''
    <html>
        <head>
            <link rel="stylesheet" type="text/css" href="/static/styles.css">
        </head>
        <body>
            <h1>Welcome to Flask Static Files Demo</h1>
            <img src="/static/image.jpg" alt="Flask Image">
        </body>
    </html>
    '''

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 3. How do you define different routes with different HTTP methods in Flask?

from flask import Flask, request

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Flask Routing Example!"

@app.route('/greet', methods=['GET', 'POST'])
def greet():
    if request.method == 'POST':
        return "Hello! You sent a POST request."
    return "Hello! This is a GET request."

@app.route('/user', methods=['GET', 'POST', 'PUT', 'DELETE'])
def user():
    if request.method == 'GET':
        return "Fetching user details..."
    elif request.method == 'POST':
        return "Creating a new user..."
    elif request.method == 'PUT':
        return "Updating user details..."
    elif request.method == 'DELETE':
        return "Deleting user..."

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 4. How do you render HTML templates in Flask?

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html', title="Home Page")

@app.route('/about')
def about():
    return render_template('about.html', title="About Us")

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 5. How can you generate URLs for routes in Flask using url_for?

from flask import Flask, url_for, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return f'''
    <h1>Welcome to Flask!</h1>
    <p>Navigate using generated URLs:</p>
    <ul>
        <li><a href="{url_for('about')}">About Page</a></li>
        <li><a href="{url_for('user', username='Alice')}">User Profile (Alice)</a></li>
    </ul>
    '''

@app.route('/about')
def about():
    return "<h1>About Page</h1>"

@app.route('/user/<username>')
def user(username):
    return f"<h1>Welcome, {username}!</h1>"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 6. How do you handle forms in Flask?

from flask import Flask, render_template, request

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def form():
    if request.method == 'POST':
        name = request.form['name']
        email = request.form['email']
        return render_template('result.html', name=name, email=email)
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 7. How can you validate form data in Flak?

from flask import Flask, render_template, request, flash, redirect, url_for
from flask_wtf import FlaskForm
from wtforms import StringField, EmailField, SubmitField
from wtforms.validators import DataRequired, Email, Length

app = Flask(__name__)
app.secret_key = 'your_secret_key'

class UserForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired(), Length(min=2, max=50)])
    email = EmailField('Email', validators=[DataRequired(), Email()])
    submit = SubmitField('Submit')

@app.route('/', methods=['GET', 'POST'])
def form():
    form = UserForm()
    if form.validate_on_submit():
        name = form.name.data
        email = form.email.data
        return render_template('result.html', name=name, email=email)
    return render_template('form.html', form=form)

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 8. How do you manage sessions in Flask?

from flask import Flask, session, redirect, url_for, request, render_template

app = Flask(__name__)
app.secret_key = 'your_secret_key'

@app.route('/')
def home():
    if 'username' in session:
        return f"Welcome {session['username']}! <br> <a href='/logout'>Logout</a>"
    return "You are not logged in. <a href='/login'>Login</a>"

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']
        return redirect(url_for('home'))
    return '''
        <form method="post">
            Username: <input type="text" name="username" required><br><br>
            <input type="submit" value="Login">
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None)
    return redirect(url_for('home'))

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 9. How do you redirect to a different route in Flask?

from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page! <a href='/login'>Go to Login</a>"

@app.route('/login')
def login():
    return redirect(url_for('dashboard'))

@app.route('/dashboard')
def dashboard():
    return "Welcome to your Dashboard!"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 10. How do you handle errors in Flask (e.g. 404)?

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page! <a href='/invalid'>Go to Invalid Page</a>"

@app.errorhandler(404)
def page_not_found(error):
    return render_template('404.html'), 404

@app.errorhandler(500)
def internal_server_error(error):
    return render_template('500.html'), 500

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 11. How do you structure a Flask app using Blueprints?

from flask import Flask

def create_app():
    app = Flask(__name__)

    from app.routes.home import home_bp
    from app.routes.user import user_bp

    app.register_blueprint(home_bp)
    app.register_blueprint(user_bp, url_prefix='/user')

    return app


In [None]:
# 12. How do you define a custom Jinja filter in Flask?

from flask import Flask, render_template

app = Flask(__name__)

def title_case(value):
    return ' '.join(word.capitalize() for word in value.split())

app.jinja_env.filters['title_case'] = title_case

@app.route('/')
def home():
    text = "hello flask jinja filters!"
    return render_template('home.html', text=text)

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 13. How can you redirect with query parameters in Flask?

from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page! <a href='/login?username=John'>Login</a>"

@app.route('/login')
def login():
    username = request.args.get('username', 'Guest')
    return redirect(url_for('dashboard', user=username))

@app.route('/dashboard')
def dashboard():
    user = request.args.get('user', 'Guest')
    return f"Welcome to the Dashboard, {user}!"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 14. How do you return JSON responses in Flask?

from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    response = {"message": "Hello, Flask!", "status": "success"}
    return jsonify(response)

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 15. How do you capture URL parameters in Flask?

from flask import Flask, request

app = Flask(__name__)

@app.route('/user/<username>')  
def show_user(username):
    return f'Hello, {username}!'

@app.route('/post/<int:post_id>')  
def show_post(post_id):
    return f'Post ID: {post_id}'

@app.route('/search')
def search():
    query = request.args.get('q')
    return f'Search query: {query}'

@app.route('/filter')
def filter_results():
    category = request.args.get('category', 'default')
    price = request.args.get('price')
    return f'Category: {category}, Price: {price}'

@app.route('/params')
def params():
    all_params = request.args.to_dict()
    return f'Parameters: {all_params}'

if __name__ == '__main__':
    app.run(debug=True)
