#Restful API & Flask Assignment

##Questions

1. What is a RESTful API?

Answer: A RESTful API, also known as a REST API, is an Application Programming Interface (API) that adheres to the architectural style principles of Representational State Transfer (REST). This style, defined by Roy Fielding, focuses on creating scalable, efficient, and flexible web services.


2. Explain the concept of API specification.

Answer: An API specification is a formal, machine-readable document that comprehensively describes the design and expected behavior of an Application Programming Interface (API). It acts as a blueprint or contract for how an API functions and how it can be interacted with by other software systems or applications.

3. What is Flask, and why is it popular for building APIs?

Answer: Flask is a micro web framework written in Python. It is called a "microframework" because it provides only the essential tools for web development, such as routing, request handling, and templating, without including features like an Object Relational Mapper (ORM) or form validation libraries by default. This minimalist design allows developers to choose the components and libraries that best suit their project's specific needs.

Flask is popular for building APIs due to several key advantages:

*Lightweight and Minimalist:*

Its small codebase and lack of built-in components make it easy to learn and understand. This simplicity translates to faster development cycles, especially for smaller to medium-sized APIs.

*Flexibility and Extensibility:*

Flask's microframework nature grants developers significant control over project architecture. It allows for easy integration with various external libraries and extensions to add functionalities like database interaction, authentication, or serialization, as required by the API.

*Pythonic Design:*

Being built with Python, Flask aligns well with Python's syntax and conventions, making it intuitive for Python developers to use and build APIs efficiently.

*Clear and Concise Syntax:*

Flask's use of decorators for defining routes and its integration with the Jinja2 templating engine offer a straightforward and readable structure for API development.

*Built-in Development Server and Debugger:*

These tools simplify the development and testing process, enabling developers to quickly iterate and debug their APIs.

*Active Community and Ecosystem:*

Flask benefits from a large and supportive community, providing ample resources, documentation, and a vast ecosystem of extensions and libraries that can be leveraged for API development.


4. What is routing in Flask?

Answer: Routing in Flask is the mechanism that maps specific URL patterns to corresponding Python functions, known as "view functions," within a Flask application. When a user requests a particular URL, Flask's routing system determines which view function should handle that request and execute its code to generate a response.

5. How do you create a simple Flask application?

Answer: Creating a simple Flask application involves a few key steps:

*Set up  environment:*

- Create a project directory for your application.
- It is highly recommended to create and activate a Python virtual environment - within this directory to manage dependencies.
- Install Flask within your virtual environment using pip: pip install Flask.

*Create Flask application file:*

- Inside your project directory, create a Python file (e.g., app.py).
- Import the Flask class from the flask module.
- Create an instance of the Flask class: app = Flask(__name__). The __name__ - - argument helps Flask locate resources like templates.

*Define a route and a view function:*

- Use the @app.route('/') decorator to associate a URL path (e.g., / for the homepage) with a Python function.
- Define the function that will be executed when the specified URL is accessed. - This function should return the content to be displayed in the browser.

*Run the application:*

- Add a conditional block if __name__ == '__main__': to ensure the application - runs only when the script is executed directly.
- Inside this block, call app.run(debug=True) to start the development server. - debug=True enables helpful debugging features.

6. What are HTTP methods used in RESTful APIs?

Answer: RESTful APIs leverage standard HTTP methods to perform operations on resources, aligning with the common CRUD (Create, Read, Update, Delete) operations. The most commonly used HTTP methods in RESTful APIs include:

GET:

Used to retrieve data or a representation of a resource from the server. It should not modify the server state.

POST:

Used to send data to the server to create a new resource. It can also be used to submit data that causes a side effect on the server.

PUT:

Used to update or replace an existing resource with the provided data, or create a new resource if it does not exist at the specified URI. PUT is idempotent, meaning multiple identical requests have the same effect as a single request.

PATCH:

Used to apply partial modifications to an existing resource. Unlike PUT, PATCH only sends the changes to be applied, rather than the entire resource representation.

DELETE:

Used to remove a specified resource from the server.
Less commonly used, but still valid, HTTP methods in RESTful contexts include:

HEAD:

Similar to GET, but retrieves only the headers of a resource, without the body.

OPTIONS:

Used to describe the communication options available for the target resource. This can include supported HTTP methods, content types, etc.


7. What is the purpose of the @app.route() decorator in Flask?

Answer: The @app.route() decorator in Flask serves the purpose of associating a URL path with a specific Python function, which is then responsible for handling requests to that URL.

8. What is the difference between GET and POST HTTP methods?

Answer: The GET and POST methods are two fundamental HTTP request methods used for client-server communication, differing primarily in their purpose and how data is handled.

*GET Method:*
- Purpose: Primarily used to retrieve data from a specified resource on the server. It is meant for read-only operations and should not alter the server's state.
- Data Transmission: Data is sent as URL parameters (query string), visible in the URL and browser history.
- Security & Privacy: Less secure for sensitive data as it's exposed in the URL.
Caching & Idempotency: GET requests are often cacheable and are considered idempotent (multiple identical requests have the same effect as a single one).
- Data Size: Limited by the maximum URL length.

*POST Method:*
- Purpose: Primarily used to send data to a server to create or update a resource. It is meant for operations that modify the server's state.
- Data Transmission: Data is sent in the body of the HTTP request, not visible in the URL.
- Security & Privacy: More secure for sensitive data as it's not exposed in the URL or browser history.
- Caching & Idempotency: POST requests are generally not cacheable and are not inherently idempotent (multiple identical requests might have different effects, e.g., creating multiple new entries).
- Data Size: No practical limit on data size, allowing for larger data transfers like file uploads.

9. How do you handle errors in Flask APIs?

Answer: Error handling in Flask APIs involves returning appropriate HTTP status codes and informative messages to the client when issues arise.
1. Using Flask's errorhandler Decorator:
- Flask allows you to register error handlers for specific HTTP status codes or exception types using @app.errorhandler().
- This decorator registers a function to be called when a particular error occurs within your application.
- The handler function receives the error object as an argument and should return a response, typically a JSON object with an error message and the corresponding status code.
2. Custom Exceptions:
- Define custom exception classes for specific error scenarios within your API.
- These custom exceptions can inherit from HTTPException or a base custom exception class, allowing you to attach relevant data like error codes or messages.
- You can then raise these custom exceptions in your view functions, and Flask's error handling mechanism will catch them.
3. Returning JSON Responses:
- For API errors, it is best practice to return error details in JSON format rather than HTML.
- This provides a structured and machine-readable response for client applications.
4. Logging:
- Utilize Flask's built-in app.logger to log errors and exceptions.
- Logging helps in debugging, monitoring, and understanding the frequency and types of errors occurring in your API.
5. Debug Mode:
- While useful during development, ensure debug mode is disabled in production environments to prevent sensitive information from being exposed in error messages.

 10. How do you connect Flask to a SQL database?

Answer: Connecting Flask to a SQL database is commonly achieved using an Object-Relational Mapper (ORM) like Flask-SQLAlchemy, which provides a high-level interface to interact with various SQL databases.

Steps to connect Flask to a SQL database using Flask-SQLAlchemy:

Install Flask-SQLAlchemy.

    pip install Flask-SQLAlchemy

Configure the Flask application.

Initialize your Flask application and set the SQLALCHEMY_DATABASE_URI configuration key, which is the connection string for your database. The format of this URI depends on the database you are using (e.g., SQLite, PostgreSQL, MySQL).

For example, for a SQLite database named site.db:


    from flask import Flask
    from flask_sqlalchemy import SQLAlchemy
    import os

    app = Flask(__name__)
    basedir = os.path.abspath(os.path.dirname(__file__))
    app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' + os.path.join(basedir, 'site.db')
    app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False # Recommended to set to False to suppress a warning
    db = SQLAlchemy(app)

For a PostgreSQL database:

    app.config['SQLALCHEMY_DATABASE_URI'] = 'postgresql://user:password@host:port/database_name'

Define Database Models.

Create Python classes that represent your database tables by inheriting from db.Model. Define columns as db.Column objects with appropriate data types.

    class User(db.Model):
        id = db.Column(db.Integer, primary_key=True)
        username = db.Column(db.String(80), unique=True, nullable=False)
        email = db.Column(db.String(120), unique=True, nullable=False)

        def __repr__(self):
            return '<User %r>' % self.username

Create the Database and Tables.

Within your application context, use db.create_all() to create the database file and tables based on your defined models. This is typically done when the application starts or during an initialization script.


    if __name__ == '__main__':
        with app.app_context():
            db.create_all()
        app.run(debug=True)

Perform Database Operations.

Use the db.session to interact with the database (add, query, update, delete records). Remember to add() new objects, commit() changes, and handle potential exceptions.


    # Adding a new user
    with app.app_context():
        new_user = User(username='testuser', email='test@example.com')
        db.session.add(new_user)
        db.session.commit()

    # Querying users
    with app.app_context():
        users = User.query.all()
        for user in users:
            print(user.username)

11. What is the role of Flask-SQLAlchemy?

Answer: Flask-SQLAlchemy is a Flask extension that simplifies the integration of SQLAlchemy with Flask web applications. It acts as a bridge, making it easier to interact with relational databases using SQLAlchemy's ORM capabilities within a Flask context. Essentially, it streamlines database management tasks like connecting to databases, defining models, querying data, and performing CRUD (Create, Read, Update, Delete) operations.

12. What are Flask blueprints, and how are they useful?

Answer: Flask Blueprints are a mechanism for organizing Flask applications into modular and reusable components. They allow developers to encapsulate related functionality, such as routes, views, templates, and static files, within self-contained units that can be registered with a main Flask application.

How they are useful:

Modularization:

Blueprints promote a modular structure for your application, breaking down a large, monolithic application into smaller, manageable pieces based on features or functionalities. This makes the codebase easier to understand, navigate, and maintain.

Reusability:

Blueprints can be designed to be self-contained and independent, allowing them to be reused across different Flask applications or even multiple times within the same application with different configurations.

Scalability:

As applications grow in complexity, blueprints help manage the increasing number of routes, views, and associated resources by distributing them across different modules, preventing the main application file from becoming unwieldy.

Team Collaboration:

In larger projects with multiple developers, blueprints enable teams to work on different parts of the application concurrently without significant conflicts, as each team can focus on their specific blueprint.

Code Organization:

Blueprints provide a clear and structured way to organize your application's code, making it more readable and maintainable by grouping related components together. This includes separating templates and static files into subdirectories within the blueprint's structure.

13. What is the purpose of Flask's request object?

Answer: The purpose of Flask's request object is to provide access to all incoming HTTP request data within a Flask application. When a client sends a request to a Flask server, Flask automatically creates a request object that encapsulates all the information related to that specific request.

14. How do you create a RESTful API endpoint using Flask?

Answer: Creating a RESTful API endpoint using Flask involves defining routes that correspond to specific HTTP methods (GET, POST, PUT, DELETE) and handling requests to those routes.

Basic Flask API Endpoint:

install flask.

    pip install Flask

Create a Flask application.

    from flask import Flask, jsonify, request

    app = Flask(__name__)

    # Sample data (e.g., a list of items)
    items = [
        {"id": 1, "name": "Item A"},
        {"id": 2, "name": "Item B"}
    ]

    # GET endpoint to retrieve all items
    @app.route('/items', methods=['GET'])
    def get_items():
        return jsonify(items)

    # GET endpoint to retrieve a single item by ID
    @app.route('/items/<int:item_id>', methods=['GET'])
    def get_item(item_id):
        item = next((item for item in items if item['id'] == item_id), None)
        if item:
            return jsonify(item)
        return jsonify({"message": "Item not found"}), 404

    # POST endpoint to add a new item
    @app.route('/items', methods=['POST'])
    def add_item():
        new_item = request.json
        if new_item and 'name' in new_item:
            new_item['id'] = len(items) + 1  # Assign a new ID
            items.append(new_item)
            return jsonify({"message": "Item added successfully", "item": new_item}), 201
        return jsonify({"message": "Invalid item data"}), 400

    # PUT endpoint to update an existing item
    @app.route('/items/<int:item_id>', methods=['PUT'])
    def update_item(item_id):
        updated_data = request.json
        item_found = False
        for item in items:
            if item['id'] == item_id:
                item.update(updated_data)
                item_found = True
                return jsonify({"message": "Item updated successfully", "item": item})
        if not item_found:
            return jsonify({"message": "Item not found"}), 404
        return jsonify({"message": "Invalid item data"}), 400

    # DELETE endpoint to remove an item
    @app.route('/items/<int:item_id>', methods=['DELETE'])
    def delete_item(item_id):
        global items
        initial_len = len(items)
        items = [item for item in items if item['id'] != item_id]
        if len(items) < initial_len:
            return jsonify({"message": "Item deleted successfully"})
        return jsonify({"message": "Item not found"}), 404

    if __name__ == '__main__':
        app.run(debug=True)

Explanation:

- from flask import Flask, jsonify, request: Imports necessary Flask components. jsonify is used to return JSON responses, and request allows access to incoming request data.
- app = Flask(__name__): Initializes the Flask application.
- @app.route('/items', methods=['GET']): This decorator defines a route for the /items URL path. methods=['GET'] specifies that this endpoint will handle GET requests.
- jsonify(data): Converts Python dictionaries or lists into JSON format for API responses.
- request.json: Accesses the JSON data sent in the request body (typically used with POST and PUT requests).
- Error Handling: Returning jsonify({"message": "..."}), status_code provides informative error messages and appropriate HTTP status codes (e.g., 404 for Not Found, 400 for Bad Request).
- if __name__ == '__main__': app.run(debug=True): This ensures the Flask development server runs when the script is executed directly. debug=True enables debugging features, including automatic reloads on code changes.

15. What is the purpose of Flask's jsonify() function?

Answer: Flask's jsonify() function serves the purpose of converting Python data structures, typically dictionaries or lists, into a JSON-formatted HTTP response. This is crucial for building web APIs, particularly RESTful APIs, where data is frequently exchanged in JSON format between the server and client

16. Explain Flask’s url_for() function.

Answer: Flask's url_for() function is a utility that dynamically builds URLs for specific functions (or "endpoints") within a Flask application. Its primary purpose is to avoid hardcoding URLs, which makes applications more maintainable and adaptable to changes in URL structures.


17. How does Flask handle static files (CSS, JavaScript, etc.)?

Answer: Flask provides a straightforward mechanism for handling static files such as CSS, JavaScript, images, and other assets that do not change dynamically.

1. The static Directory:
- By default, Flask automatically looks for a directory named static in the root of your application.
- Any files placed within this static directory are automatically made available to the web server. For example, if you have static/css/style.css and static/js/script.js, Flask will serve these files when requested.

2. Referencing Static Files in Templates:
- To link to static files within your HTML templates, you use the url_for() function with the special endpoint 'static'.
- You then pass the filename argument, specifying the path to the file relative to the static directory.

18. What is an API specification, and how does it help in building a Flask API?

Answer: An API specification is a formal, machine-readable document that describes the structure and behavior of an API. It acts as a blueprint, detailing endpoints, data models, request and response formats, authentication mechanisms, and potential error responses. The OpenAPI Specification (formerly Swagger Specification) is a widely used example.

How it helps in building a Flask API:

- Clear Communication and Design:
An API specification forces a clear and consistent design before development begins. This helps Flask developers understand exactly what to build, reducing ambiguity and potential rework.
- Automated Documentation:
Tools can generate interactive API documentation directly from the specification, eliminating the need for manual documentation efforts in Flask. This ensures documentation is always up-to-date with the API's actual behavior.
- Code Generation:
Specifications can be used to automatically generate server-side code stubs for Flask, including routes, request parsing, and response handling, accelerating development.
- Testing and Validation:
The specification provides a basis for automated testing, allowing developers to validate that the Flask API adheres to the defined contract.
- Client Development:
Client-side developers can use the specification to understand how to interact with the Flask API, enabling them to build integrations more efficiently and accurately.
- Consistency and Standardization:
By defining a clear structure, API specifications promote consistency across different endpoints and resources within a Flask API, leading to a more maintainable and scalable system.

19. What are HTTP status codes, and why are they important in a Flask API?

Answer: HTTP status codes are three-digit numeric codes returned by a server in response to an HTTP request, indicating the outcome of the request.

These codes are categorized into five classes based on their first digit:

- 1xx (Informational):
The server has received the request and is continuing the process.
- 2xx (Success):
The request was successfully received, understood, and accepted. Common examples include 200 OK (general success) and 201 Created (resource successfully created).
- 3xx (Redirection):
Further action is required to complete the request, often involving redirection to a different URL. An example is 301 Moved Permanently.
- 4xx (Client Error):
The request contains an error or cannot be fulfilled by the server due to a client-side issue. Examples include 400 Bad Request and 404 Not Found.
- 5xx (Server Error):
The server failed to fulfill an apparently valid request due to an issue on the server's end. A common example is 500 Internal Server Error.

Importance in a Flask API:

HTTP status codes are crucial in a Flask API for several reasons:

- Clear Communication:
They provide a standardized way for the API to communicate the result of an operation to the client (e.g., a web browser or another application). This allows clients to understand whether their request was successful, requires further action, or encountered an error.
- Error Handling and Debugging:
Specific error codes (4xx and 5xx) help clients and developers quickly identify the nature of a problem. This greatly aids in debugging and implementing appropriate error handling mechanisms on the client side.
- Client-Side Logic:
Clients can use status codes to trigger different behaviors. For instance, a 200 OK might lead to displaying data, a 404 Not Found might trigger an error message, and a 301 Moved Permanently might initiate an automatic redirection.
- API Design and Usability:
Using appropriate status codes makes your API more intuitive and predictable for consumers, improving its overall usability and maintainability.
- SEO and Caching (for web-facing APIs):
Status codes like 301 and 302 are vital for search engine optimization, indicating permanent or temporary redirects. Similarly, certain 2xx codes can influence caching behavior.

20. How do you handle POST requests in Flask?

Answer: Handling POST requests in Flask involves defining routes that explicitly accept the POST method and then accessing the data submitted in the request. Define the Route.

Use the @app.route() decorator and specify methods=['POST'] (or methods=['GET', 'POST'] if the route also handles GET requests for displaying a form, for example).

    from flask import Flask, request, render_template

    app = Flask(__name__)

    @app.route('/submit_data', methods=['GET', 'POST'])
    def submit_data():
        if request.method == 'POST':
            # Handle POST request logic here
            pass
        return render_template('form.html') # Render a form for GET requests


21. How would you secure a Flask API?

Answer: Securing a Flask API involves implementing a combination of best practices and security measures to protect against common vulnerabilities and unauthorized access.

1. Authentication and Authorization:

Token-Based Authentication (e.g., JWT):

This is a common and effective method for APIs. Upon successful login, the server issues a JSON Web Token (JWT) to the client. The client then includes this token in subsequent requests, and the server validates the token to authenticate the user and authorize access to specific resources based on the token's claims (e.g., user roles, permissions). Libraries like Flask-JWT-Extended simplify this process.

OAuth2/OpenID Connect:

For more complex scenarios, especially when integrating with third-party services or providing delegated access, consider using OAuth2 and OpenID Connect with a dedicated identity provider.

Role-Based Access Control (RBAC):

Implement a system to define roles and assign permissions to those roles, then associate users with specific roles to control access to different API endpoints or functionalities.

2. Input Validation and Sanitization:

Prevent Injection Attacks: Validate and sanitize all user input to prevent SQL injection, XSS (Cross-Site Scripting), and other injection vulnerabilities. Use libraries like Flask-WTF for form validation and ensure proper escaping of output.

3. Secure Configuration and Secrets Management:

Disable Debug Mode in Production:

Never run a Flask application in production with debug=True, as this exposes sensitive information and allows remote code execution.

Securely Store Sensitive Information:

Store database credentials, API keys, and other secrets in environment variables or a secure vault, not directly in your code.

4. Protect Against Common Web Vulnerabilities:

CSRF Protection:

While less critical for pure APIs, if your API interacts with a web interface, implement CSRF protection using Flask-WTF's CSRFProtect.

CORS (Cross-Origin Resource Sharing):

Properly configure CORS headers to control which origins are allowed to access your API, preventing unauthorized cross-origin requests.

Secure HTTP Headers:

Set appropriate security headers (e.g., Content-Security-Policy, X-Content-Type-Options, Strict-Transport-Security) to mitigate various attacks.

5. Logging and Monitoring:

Implement Robust Logging:

Log API requests, responses, and errors to monitor for suspicious activity and aid in debugging.

Monitor for Anomalies:

Use monitoring tools to detect unusual traffic patterns or potential security breaches.

6. Use HTTPS:

Encrypt Communication: Always use HTTPS to encrypt data in transit, protecting sensitive information from eavesdropping. This typically involves configuring a reverse proxy like NGINX or Apache to handle SSL/TLS.

7. Regular Security Audits and Updates:

Keep Dependencies Updated:

Regularly update Flask and all its dependencies to patch known security vulnerabilities.

Perform Security Audits:

Conduct regular security audits and penetration testing to identify and address potential weaknesses in your API.

22. What is the significance of the Flask-RESTful extension?

Answer: Flask-RESTful is a Flask extension that simplifies the process of building REST APIs, making it easier to structure and manage API endpoints, handle requests, and format responses. It provides a more structured approach compared to building a REST API with Flask alone, enabling developers to create scalable and maintainable APIs.

23. What is the role of Flask’s session object?

Answer: In Flask, the session object provides a mechanism to store user-specific data across multiple requests, enabling the maintenance of state and persistence of information between different interactions with a web application. It essentially allows you to track user activity and store data associated with a specific user, like login status, preferences, or shopping cart contents, throughout their session.


# Practical Questions

In [None]:
#1. How do you create a basic Flask application?

from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)



2. How do you serve static files like images or CSS in Flask?

Answer:

    /your-project
    │
    ├── app.py
    ├── static/
    │   ├── css/
    │   │   └── style.css
    │   ├── images/
    │   │   └── logo.png
    │   └── js/
    │       └── script.js
    ├── templates/
    │   └── index.html

Flask serves anything in the static directory at the URL /static/.

In [None]:
<!DOCTYPE html>
<html>
<head>
    <title>Static File Example</title>
    <link rel="stylesheet" type="text/css" href="{{ url_for('static', filename='css/style.css') }}">
</head>
<body>
    <h1>Welcome to Flask!</h1>
    <img src="{{ url_for('static', filename='images/logo.png') }}" alt="Logo">
    <script src="{{ url_for('static', filename='js/script.js') }}"></script>
</body>
</html>


In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
app = Flask(__name__, static_folder='your_custom_static_folder')


In [None]:
#3. How do you define different routes with different HTTP methods in Flask?

"""In Flask, different routes can be defined with specific HTTP methods using the methods argument within the @app.route() decorator. This allows for distinct handling of requests based on the HTTP verb (e.g., GET, POST, PUT, DELETE) associated with them."""

"""1. Handling Multiple Methods within a Single Function:
The most common approach is to handle multiple HTTP methods for a single route within the same view function. The request.method attribute can then be used to conditionally execute code based on the incoming method."""

from flask import Flask, request

app = Flask(__name__)

@app.route('/data', methods=['GET', 'POST'])
def handle_data():
    if request.method == 'GET':
        return "This is a GET request to retrieve data."
    elif request.method == 'POST':
        return "This is a POST request to create data."


"""2. Defining Separate Functions for Different Methods:
For more complex scenarios or when distinct logic is required for each method, separate view functions can be defined for the same route, each explicitly assigned to a specific HTTP method."""

from flask import Flask

app = Flask(__name__)

@app.route('/users', methods=['GET'])
def get_users():
    return "Retrieving all users."

@app.route('/users', methods=['POST'])
def create_user():
    return "Creating a new user."

@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    return f"Updating user with ID: {user_id}"

@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    return f"Deleting user with ID: {user_id}"

In [None]:
#4. How do you render HTML templates in Flask?

    from flask import Flask, render_template


In [None]:
    app = Flask(__name__)

    @app.route('/')
    def home():
        user_name = "Alice"
        return render_template('index.html', name=user_name)

In [None]:
    <!DOCTYPE html>
    <html lang="en">
    <head>
        <meta charset="UTF-8">
        <title>My Flask App</title>
    </head>
    <body>
        <h1>Hello, {{ name }}!</h1>
    </body>
    </html>

In [None]:
#5. How can you generate URLs for routes in Flask using url_for?

from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def index():
    return 'Welcome to the homepage!'

@app.route('/about')
def about():
    return 'Learn more about us.'

if __name__ == '__main__':
    with app.test_request_context():  # Used for demonstrating url_for outside a running server
        print(url_for('index'))
        print(url_for('about'))

In [None]:
#6.  How do you handle forms in Flask?

    <form action="/submit" method="post">
        <label for="username">Username:</label>
        <input type="text" id="username" name="username"><br><br>
        <input type="submit" value="Submit">
    </form>

In [None]:
#7. How can you validate form data in Flask?

from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField
from wtforms.validators import DataRequired, Email, Length

class RegistrationForm(FlaskForm):
    username = StringField('Username', validators=[DataRequired(), Length(min=4, max=25)])
    email = StringField('Email', validators=[DataRequired(), Email()])
    password = PasswordField('Password', validators=[DataRequired(), Length(min=6)])


In [None]:
#8. How do you manage sessions in Flask?

from flask import Flask, session, redirect, url_for, request, render_template

app = Flask(__name__)
app.secret_key = 'your_super_secret_key_here' # Replace with a strong, random key

@app.route('/')
def index():
    if 'username' in session:
        return f'Logged in as {session["username"]}'
    return 'You are not logged in'

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        if username == 'admin' and password == 'password': # Simple example, use proper authentication
            session['username'] = username
            return redirect(url_for('index'))
        else:
            return 'Invalid credentials'
    return '''
        <form method="post">
            <p><input type=text name=username></p>
            <p><input type=password name=password></p>
            <p><input type=submit value=Login></p>
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None) # Remove 'username' from session
    return redirect(url_for('index'))

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#9. How do you redirect to a different route in Flask?

from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page!'

@app.route('/login')
def login():
    return 'This is the login page.'

@app.route('/dashboard')
def dashboard():
    # Redirect to the login page if not authenticated (example)
    # In a real application, you would check session or user authentication
    return redirect(url_for('login'))

@app.route('/profile')
def profile():
    # Redirect to the home page
    return redirect(url_for('home'))

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#10. How do you handle errors in Flask (e.g., 404)?

from flask import Flask, render_template, abort

app = Flask(__name__)

# Route for the homepage
@app.route('/')
def index():
    return "Welcome to the homepage!"

# Example route that might intentionally raise a 404
@app.route('/nonexistent')
def nonexistent_page():
    abort(404) # Intentionally raise a 404 error

# Custom error handler for 404 Not Found errors
@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html'), 404

# Custom error handler for general internal server errors (500)
@app.errorhandler(500)
def internal_server_error(e):
    return render_template('500.html'), 500

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#11. How do you structure a Flask app using Blueprints?

from flask import Blueprint, render_template, request, redirect, url_for

auth_bp = Blueprint('auth', __name__, url_prefix='/auth', template_folder='templates')

@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        # Handle login logic
        return redirect(url_for('main.home')) # Redirect to a route in another blueprint
    return render_template('login.html')

@auth_bp.route('/logout')
def logout():
    # Handle logout logic
    return redirect(url_for('auth.login'))

In [None]:
#12. How do you define a custom Jinja filter in Flask?

from flask import Flask, render_template

app = Flask(__name__)

# Define a custom filter to format a date
@app.template_filter('format_date')
def format_date_filter(value, date_format='%Y-%m-%d'):
    """Formats a datetime object into a string."""
    if value:
        return value.strftime(date_format)
    return ""

# Define another custom filter to reverse a string
@app.template_filter() # Uses the function name 'reverse_string' as the filter name
def reverse_string(s):
    """Reverses a given string."""
    return s[::-1]

@app.route('/')
def index():
    import datetime
    current_date = datetime.datetime.now()
    message = "Hello World"
    return render_template('index.html', current_date=current_date, message=message)

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#13. How can you redirect with query parameters in Flask?

from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def index():
    return "Welcome to the index page. Go to /redirect_me to see a redirect with query parameters."

@app.route('/redirect_me')
def redirect_me():
    # Redirect to the 'target_page' function with query parameters
    return redirect(url_for('target_page', name='Alice', age=30, city='New York'))

@app.route('/target_page')
def target_page():
    # Access query parameters using request.args
    name = request.args.get('name', 'Guest')
    age = request.args.get('age', 'N/A')
    city = request.args.get('city', 'Unknown')
    return f"Hello, {name}! You are {age} years old and live in {city}."

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#14. How do you return JSON responses in Flask?

    from flask import Flask

    app = Flask(__name__)

    @app.route('/data')
    def get_data():
        data = {
            'message': 'Hello from Flask!',
            'status': 'success',
            'items': [1, 2, 3]
        }
        return data  # Flask automatically converts this dictionary to JSON

In [None]:
#15. How do you capture URL parameters in Flask?

    from flask import Flask, request

    app = Flask(__name__)

    @app.route('/search')
    def search():
        query = request.args.get('q', 'default_query')
        return f"Searching for: {query}"

    if __name__ == '__main__':
        app.run(debug=True)