#RESTFUL API AND FLASK

 1.What is a RESTful API ?
 - A RESTful API applies Representational State Transfer (REST) principles over HTTP. It exposes resources (nouns) at URIs and uses standard HTTP methods (GET, POST, PUT/PATCH, DELETE) to perform actions. It embraces statelessness, uniform interface, cacheability, and layered architecture. Responses are typically JSON with clear status codes.

 2.Explain the concept of API specification .
 - An API specification is a formal, machine- and human-readable contract that describes endpoints, methods, parameters, request/response schemas, status codes, authentication, and examples. Popular formats: OpenAPI/Swagger and AsyncAPI. Benefits: shared understanding, auto-generated docs/SDKs, validation, and test scaffolding.

 3.What is Flask, and why is it popular for building APIs ?
 - Flask is a lightweight, modular Python web framework. It’s popular because it’s minimal (micro) yet extensible, easy to learn, has rich ecosystem extensions (Flask-SQLAlchemy, Flask-Login, Flask-RESTful), and is excellent for quick prototypes to production APIs.

 4.What is routing in Flask ?
 - Routing maps URL paths to Python callables (view functions). Flask’s @app.route() (or blueprint @bp.route()) decorator registers a route; when a request hits a path with a matching method, Flask invokes that function and returns its response.

 5.How do you create a simple Flask application ?
 - Minimal steps: install Flask, create app.py, define a route, run the dev server.
 from flask import Flask
app = Flask(__name__)


@app.route('/')
def hello():
return 'Hello, Flask!'


if __name__ == '__main__':
app.run(debug=True)

 6.What are HTTP methods used in RESTful APIs ?
 - GET: Retrieve resource(s).

- POST: Create a resource or perform a non-idempotent operation.

- PUT: Replace a resource entirely (idempotent).

- PATCH: Partially update a resource.

- DELETE: Remove a resource (idempotent in effect).

- HEAD/OPTIONS: Metadata and capability discovery.

 7.What is the purpose of the @app.route() decorator in Flask?
 - It declares a URL rule and HTTP methods for a view function, registering it with the Flask app (or blueprint). E.g., @app.route('/items', methods=['GET']) binds GET /items to the function below it.

 8.What is the difference between GET and POST HTTP methods?
 - GET: Safe, cacheable, idempotent; parameters in query string; used to fetch data; should not change server state.

POST: Not idempotent; data in body; used to create resources or submit forms/actions that change state. Typically returns 201 Created with a Location header for new resources.

 9.How do you handle errors in Flask APIs ?
 - Define error handlers and return JSON with proper status codes. Validate inputs, catch exceptions, and avoid leaking internals.
 from flask import Flask, jsonify
app = Flask(__name__)


@app.errorhandler(404)
def not_found(e):
return jsonify(error='Not Found'), 404


@app.errorhandler(400)
def bad_request(e):
return jsonify(error='Bad Request'), 400


@app.errorhandler(Exception)
def internal(e):
return jsonify(error='Internal Server Error'), 500

 10.How do you connect Flask to a SQL database ?
 - Use Flask-SQLAlchemy (recommended) or vanilla SQLAlchemy. Configure the URI, initialize the extension, define models, and create tables.
 from flask import Flask
from flask_sqlalchemy import SQLAlchemy


app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///app.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False


db = SQLAlchemy(app)


class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(120), unique=True, nullable=False)


with app.app_context():
db.create_all()

 11.What is the role of Flask-SQLAlchemy ?
 - It provides a Flask-friendly integration of SQLAlchemy: configuration, scoped sessions, model base, and helpful defaults (e.g., Model.query). It simplifies ORM usage and app context management.

 12.What are Flask blueprints, and how are they useful ?
 - Blueprints are modular components that bundle routes, templates, and static files. They enable application factory patterns, code organization (e.g., api vs web), and reusable components across apps.

 13.What is the purpose of Flask's request object ?
 - flask.request gives access to the current HTTP request: method, headers, query params (args), JSON/body (get_json, form), files, cookies, etc. It’s thread-local to each request.

 14.How do you create a RESTful API endpoint using Flask ?
 - Define a route that returns JSON and status code.
 from flask import Flask, jsonify, request
app = Flask(__name__)


@app.route('/api/echo', methods=['POST'])
def echo():
data = request.get_json(force=True, silent=True) or {}
return jsonify(received=data), 200

 15.What is the purpose of Flask's jsonify() function ?
 - jsonify() safely serializes Python dicts/lists to JSON, sets the Content-Type: application/json, and handles UTF-8/ASCII issues. It’s preferred over json.dumps with manual Response creation.

 16.Explain Flask’s url_for() function.
 - url_for(endpoint, **values) builds URLs by endpoint name (the function name), not hard-coded paths. It keeps links robust across refactors and supports dynamic segments and query strings, and can generate external URLs with _external=True.

 17.How does Flask handle static files (CSS, JavaScript, etc.) ?
 - Flask serves files from the static/ folder at /static/... by default. In templates, reference with url_for('static', filename='styles.css'). You can also register static folders on blueprints.

 18.What is an API specification, and how does it help in building a Flask API ?
 - An API spec (e.g., OpenAPI 3) guides design-first development: align stakeholders, auto-generate documentation (Swagger UI), server stubs/clients, contract-testing, and schema validation (via libraries like apispec, flask-smorest).

 19.What are HTTP status codes, and why are they important in a Flask API ?
 - Status codes communicate the outcome of requests: 2xx success, 4xx client errors, 5xx server errors. Proper codes improve client behavior, caching, retries, and debuggability.

 20.How do you handle POST requests in Flask ?
 - Accept body data (JSON/form), validate it, perform the operation, and return a JSON response with appropriate code.
 from flask import Flask, request, jsonify
app = Flask(__name__)


@app.route('/api/items', methods=['POST'])
def create_item():
payload = request.get_json() or {}
name = payload.get('name')
if not name:
return jsonify(error='name is required'), 400
# pretend to save
item = {'id': 1, 'name': name}
return jsonify(item), 201

 21.How would you secure a Flask API ?
 - Transport: Use HTTPS.

- AuthN/AuthZ: Tokens (Bearer/JWT), API keys, OAuth2; enforce scopes/roles.

- Input validation & schema: e.g., Marshmallow/Pydantic; limit payload sizes.

- CORS: Configure flask-cors if needed.

- Rate limiting: Flask-Limiter.

- Secrets management: environment variables; rotate keys.

- Headers: Use secure headers (HSTS, CSP where applicable).

- Avoid session-based state for pure APIs; prefer stateless tokens.

22.What is the significance of the Flask-RESTful extension ?
- Flask-RESTful adds class-based resources (Resource), request parsing, helpful abstractions for building REST APIs quickly. It organizes endpoints and improves maintainability.
 from flask import Flask
from flask_restful import Api, Resource


app = Flask(__name__)
api = Api(app)


class Ping(Resource):
def get(self):
return {'pong': True}, 200


api.add_resource(Ping, '/api/ping')

 23.What is the role of Flask’s session object ?
 - flask.session is a signed (optionally encrypted) cookie-based dict for per-client data across requests (e.g., CSRF tokens, user preferences). Requires SECRET_KEY. Avoid storing sensitive data; prefer server-side sessions if needed.


#PRACTICAL QUESTIONS

1.  How do you create a basic Flask application ?
- from flask import Flask
app = Flask(__name__)


@app.route('/')
def index():
return 'Welcome to the Flask app!'


if __name__ == '__main__':
app.run(debug=True)


In [1]:
from flask import Flask
app = Flask(__name__)


@app.route('/')
def index():
return 'Welcome to the Flask app!'


if __name__ == '__main__':
app.run(debug=True)

IndentationError: expected an indented block after function definition on line 6 (ipython-input-608163926.py, line 7)

2.  How do you serve static files like images or CSS in Flask ?
- project/
app.py
static/
styles.css
logo.png
templates/
home.html
<link rel="stylesheet" href="{{ url_for('static', filename='styles.css') }}">
<img src="{{ url_for('static', filename='logo.png') }}" alt="logo">

In [2]:
project/
app.py
static/
styles.css
logo.png
templates/
home.html
<link rel="stylesheet" href="{{ url_for('static', filename='styles.css') }}">
<img src="{{ url_for('static', filename='logo.png') }}" alt="logo">

SyntaxError: invalid syntax (ipython-input-3092884148.py, line 1)

3. How do you define different routes with different HTTP methods in Flask ?
- from flask import Flask, request, jsonify
app = Flask(__name__)


@app.route('/items', methods=['GET'])
def list_items():
return jsonify(items=[{'id': 1, 'name': 'Pen'}])


@app.route('/items', methods=['POST'])
def add_item():
data = request.get_json() or {}
return jsonify(id=2, **data), 201


@app.route('/items/<int:item_id>', methods=['PUT', 'PATCH'])
def update_item(item_id):
data = request.get_json() or {}
return jsonify(id=item_id, **data), 200


@app.route('/items/<int:item_id>', methods=['DELETE'])
def delete_item(item_id):
return '', 204

In [3]:
from flask import Flask, request, jsonify
app = Flask(__name__)


@app.route('/items', methods=['GET'])
def list_items():
return jsonify(items=[{'id': 1, 'name': 'Pen'}])


@app.route('/items', methods=['POST'])
def add_item():
data = request.get_json() or {}
return jsonify(id=2, **data), 201


@app.route('/items/<int:item_id>', methods=['PUT', 'PATCH'])
def update_item(item_id):
data = request.get_json() or {}
return jsonify(id=item_id, **data), 200


@app.route('/items/<int:item_id>', methods=['DELETE'])
def delete_item(item_id):
return '', 204

IndentationError: expected an indented block after function definition on line 6 (ipython-input-2840034627.py, line 7)

4.  How do you render HTML templates in Flask ?
- from flask import Flask, render_template
app = Flask(__name__)


@app.route('/hello/<name>')
def hello(name):
return render_template('hello.html', name=name)
<!doctype html>
<title>Hello</title>
<h1>Hello, {{ name|e }}!</h1>

In [4]:
from flask import Flask, render_template
app = Flask(__name__)


@app.route('/hello/<name>')
def hello(name):
return render_template('hello.html', name=name)
<!doctype html>
<title>Hello</title>
<h1>Hello, {{ name|e }}!</h1>

IndentationError: expected an indented block after function definition on line 6 (ipython-input-2830263343.py, line 7)

5.  How can you generate URLs for routes in Flask using url_for ?
- from flask import Flask, url_for
app = Flask(__name__)


@app.route('/')
def home():
return f"Go to {url_for('hello', name='Garima')}"


@app.route('/hello/<name>')
def hello(name):
return f"Hello {name}"

In [5]:
from flask import Flask, url_for
app = Flask(__name__)


@app.route('/')
def home():
return f"Go to {url_for('hello', name='Garima')}"


@app.route('/hello/<name>')
def hello(name):
return f"Hello {name}"

IndentationError: expected an indented block after function definition on line 6 (ipython-input-2316877696.py, line 7)

6.  How do you handle forms in Flask ?
- from flask import Flask, request, render_template, redirect, url_for
app = Flask(__name__)


@app.route('/contact', methods=['GET', 'POST'])
def contact():
if request.method == 'POST':
name = request.form['name']
message = request.form['message']
return redirect(url_for('thank_you', user=name))
return render_template('contact.html')


@app.route('/thanks/<user>')
def thank_you(user):
return f'Thank you {user}, we received your message!'

In [6]:
from flask import Flask, request, render_template, redirect, url_for
app = Flask(__name__)


@app.route('/contact', methods=['GET', 'POST'])
def contact():
if request.method == 'POST':
name = request.form['name']
message = request.form['message']
return redirect(url_for('thank_you', user=name))
return render_template('contact.html')


@app.route('/thanks/<user>')
def thank_you(user):
return f'Thank you {user}, we received your message!'

IndentationError: expected an indented block after function definition on line 6 (ipython-input-974058961.py, line 7)

7.  How can you validate form data in Flask ?
- from flask import Flask, request, jsonify
app = Flask(__name__)


@app.route('/register', methods=['POST'])
def register():
data = request.form
errors = {}
if not data.get('username'):
errors['username'] = 'Username is required'
if not data.get('email') or '@' not in data['email']:
errors['email'] = 'Valid email is required'
if errors:
return jsonify(errors=errors), 400
return jsonify(message='Form is valid!'), 200

In [15]:
from flask import Flask, request, jsonify
app = Flask(__name__)


@app.route('/register', methods=['POST'])
def register():
data = request.form
errors = {}
if not data.get('username'):
errors['username'] = 'Username is required'
if not data.get('email') or '@' not in data['email']:
errors['email'] = 'Valid email is required'
if errors:
return jsonify(errors=errors), 400
return jsonify(message='Form is valid!'), 200

IndentationError: expected an indented block after function definition on line 6 (ipython-input-1364599434.py, line 7)

8.  How do you manage sessions in Flask ?
- from flask import Flask, session, redirect, url_for
app = Flask(__name__)
app.secret_key = 'secret-key'


@app.route('/login/<user>')
def login(user):
session['username'] = user
return f'Logged in as {user}'


@app.route('/profile')
def profile():
return f"Current user: {session.get('username', 'Guest')}"


@app.route('/logout')
def logout():
session.clear()
return redirect(url_for('index'))


@app.route('/')
def index():
return 'Home page'

In [14]:
from flask import Flask, session, redirect, url_for
app = Flask(__name__)
app.secret_key = 'secret-key'


@app.route('/login/<user>')
def login(user):
session['username'] = user
return f'Logged in as {user}'


@app.route('/profile')
def profile():
return f"Current user: {session.get('username', 'Guest')}"


@app.route('/logout')
def logout():
session.clear()
return redirect(url_for('index'))


@app.route('/')
def index():
return 'Home page'

IndentationError: expected an indented block after function definition on line 7 (ipython-input-237807729.py, line 8)

9. How do you redirect to a different route in Flask ?
- from flask import Flask, redirect, url_for
app = Flask(__name__)


@app.route('/old')
def old():
return redirect(url_for('new'))


@app.route('/new')
def new():
return 'This is the new page!'

In [7]:
from flask import Flask, redirect, url_for
app = Flask(__name__)


@app.route('/old')
def old():
return redirect(url_for('new'))


@app.route('/new')
def new():
return 'This is the new page!'

IndentationError: expected an indented block after function definition on line 6 (ipython-input-3959709840.py, line 7)

10.  How do you handle errors in Flask (e.g., 404) ?
- from flask import Flask, render_template
app = Flask(__name__)


@app.errorhandler(404)
def not_found(e):
return render_template('404.html'), 404


@app.route('/')
def home():
return 'Home page'

In [8]:
from flask import Flask, render_template
app = Flask(__name__)


@app.errorhandler(404)
def not_found(e):
return render_template('404.html'), 404


@app.route('/')
def home():
return 'Home page'

IndentationError: expected an indented block after function definition on line 6 (ipython-input-3514405033.py, line 7)

11.  How do you structure a Flask app using Blueprints ?
- from flask import Flask
from .api import api_bp


def create_app():
app = Flask(__name__)
app.register_blueprint(api_bp, url_prefix='/api')
return app


# project/api/__init__.py
from flask import Blueprint
api_bp = Blueprint('api', __name__)
from . import routes


# project/api/routes.py
from . import api_bp


@api_bp.route('/ping')
def ping():
return {'pong': True}

In [13]:
from flask import Flask
from .api import api_bp


def create_app():
app = Flask(__name__)
app.register_blueprint(api_bp, url_prefix='/api')
return app


# project/api/__init__.py
from flask import Blueprint
api_bp = Blueprint('api', __name__)
from . import routes


# project/api/routes.py
from . import api_bp


@api_bp.route('/ping')
def ping():
return {'pong': True}

IndentationError: expected an indented block after function definition on line 5 (ipython-input-3537033.py, line 6)

12.  How do you define a custom Jinja filter in Flask ?
- from flask import Flask
app = Flask(__name__)


@app.template_filter('reverse')
def reverse_filter(s):
return s[::-1]


@app.route('/show/<word>')
def show(word):
return f"Reversed: {reverse_filter(word)}"

In [9]:
from flask import Flask
app = Flask(__name__)


@app.template_filter('reverse')
def reverse_filter(s):
return s[::-1]


@app.route('/show/<word>')
def show(word):
return f"Reversed: {reverse_filter(word)}"

IndentationError: expected an indented block after function definition on line 6 (ipython-input-750072844.py, line 7)

13. How can you redirect with query parameters in Flask ?
- from flask import Flask, redirect, url_for, request
app = Flask(__name__)


@app.route('/search')
def search():
q = request.args.get('q', '')
return f'Searching for {q}'


@app.route('/go')
def go():
return redirect(url_for('search', q='flask'))

In [10]:
from flask import Flask, redirect, url_for, request
app = Flask(__name__)


@app.route('/search')
def search():
q = request.args.get('q', '')
return f'Searching for {q}'


@app.route('/go')
def go():
return redirect(url_for('search', q='flask'))

IndentationError: expected an indented block after function definition on line 6 (ipython-input-1314753169.py, line 7)

14.  How do you return JSON responses in Flask ?
- from flask import Flask, jsonify
app = Flask(__name__)


@app.route('/status')
def status():
return jsonify(ok=True, version='1.0'), 200

In [11]:
from flask import Flask, jsonify
app = Flask(__name__)


@app.route('/status')
def status():
return jsonify(ok=True, version='1.0'), 200

IndentationError: expected an indented block after function definition on line 6 (ipython-input-3903377691.py, line 7)

15. How do you capture URL parameters in Flask?
- from flask import Flask
app = Flask(__name__)


@app.route('/user/<int:user_id>/post/<slug>')
def post(user_id, slug):
return f'User: {user_id}, Post slug: {slug}'

In [12]:
from flask import Flask
app = Flask(__name__)


@app.route('/user/<int:user_id>/post/<slug>')
def post(user_id, slug):
return f'User: {user_id}, Post slug: {slug}'

IndentationError: expected an indented block after function definition on line 6 (ipython-input-2018133873.py, line 7)