Theoretical Questions:

Q.1.What is a RESTful API?

Ans:A RESTful API (Representational State Transfer API) is a web service that follows the principles of REST (Representational State Transfer) architecture. It allows different systems to communicate over the internet using standard HTTP methods. RESTful APIs are commonly used in web development to enable communication between a client (e.g., web browser, mobile app) and a server.

Key Characteristics of a RESTful API:
- Stateless: Each request from a client to the server must contain all the necessary information to understand and process the request. The server does not store any client state between requests.

- Client-Server Architecture: The client and server are separate entities, allowing for scalability and flexibility in development.

- Uniform Interface: Uses standard HTTP methods such as:

1. GET (Retrieve data)

2. POST (Create new data)

3. PUT (Update existing data)

4. DELETE (Remove data)

- Resource-Based: Everything in a RESTful API is treated as a resource (e.g., users, orders, products) identified by a unique URL (Uniform Resource Locator).

Use of HTTP Status Codes: RESTful APIs return standard HTTP status codes like:

200 OK (Successful request)

201 Created (Successful resource creation)

400 Bad Request (Client error)

401 Unauthorized (Authentication required)

404 Not Found (Resource not found)

500 Internal Server Error (Server-side issue)

- Supports Multiple Data Formats: Though JSON is the most commonly used format, REST APIs can also return data in XML, HTML, or plain text.





Q. 2. Explain the concept of API specification?

Ans:An API specification is a detailed, structured document that defines how an API should behave, including its endpoints, request and response formats, authentication methods, error handling, and more. It serves as a contract between API developers and consumers, ensuring consistency and usability.

Key Components of an API Specification
1. Endpoints (URLs):Defines the available routes in the API.

2. HTTP Methods: Specifies the actions that can be performed.

Common methods:

- GET → Retrieve data

- POST → Create data

- PUT → Update data

- DELETE → Remove data

3. Request Parameters:

- Path Parameters: /users/{id}

- Query Parameters: /users?name=John

- Headers: Authorization: Bearer token

4. Request and Response Format: Typically in JSON or XML.

5. Authentication & Authorization: Defines security mechanisms such as:

- API keys

- OAuth 2.0

- JWT tokens

6. Error Handling:Specifies error codes and messages.





Q.3. What is Flask, and why is it popular for building APIs?

Ans:Flask is a lightweight and flexible web framework for Python that is widely used for building web applications and APIs. It follows the WSGI (Web Server Gateway Interface) standard and is designed to be simple yet powerful, making it a popular choice for developers.

**Why is Flask Popular for Building APIs?**
1. Minimal and Lightweight: Flask is a micro-framework, meaning it provides only the essentials needed to build a web service. This keeps it fast and efficient.

2. Easy to Learn and Use: The framework has a simple and intuitive API, making it beginner-friendly and great for rapid development.

3. Flexible and Extensible: Unlike larger frameworks like Django, Flask gives developers full control over project structure and extensions.

4. Built-in Support for RESTful APIs: Flask makes it easy to create RESTful APIs with simple route definitions and JSON responses.

5. Large Ecosystem and Extensions:It has a rich ecosystem with plugins like:

- Flask-RESTful (for building REST APIs)

- Flask-SQLAlchemy (for database management)

- Flask-JWT (for authentication)

6. Works Well with Machine Learning and Data Science: Many developers use Flask to serve machine learning models via APIs (e.g., integrating with TensorFlow or PyTorch models).

7. Asynchronous Support: While Flask is synchronous by default, it can work with async libraries like FastAPI or Quart for better performance.


Q.4. What is routing in Flask?

Ans:Routing in Flask refers to the process of mapping URLs (endpoints) to specific functions (view functions) that handle requests. When a user accesses a particular URL in a Flask app, the framework determines which function should execute based on the defined routes.

**How Routing Works in Flask:**

Flask uses the @app.route() decorator to define routes. The syntax is:
@app.route('/path', methods=['GET', 'POST', ...])
def function_name():
    return response

@app.route('/path') → Binds the URL /path to a Python function.

Methods (Optional) → Defines allowed HTTP methods (e.g., GET, POST, PUT, DELETE).







Q.5.  How do you create a simple Flask application?

Ans:Flask is a lightweight web framework that makes it easy to build web applications and APIs. Below is a step-by-step guide to creating a simple Flask application.

**Step 1: Install Flask:**

First, ensure you have Python installed (3.x recommended). Then, install Flask using pip:

pip install Flask

**Step 2: Create a Basic Flask App**

- Create a new Python file, e.g., app.py.

- Add the following code:





In [None]:
from flask import Flask

# Create a Flask app instance
app = Flask(__name__)

# Define a route and a function to handle requests
@app.route('/')
def home():
    return "Hello, Flask!"

# Run the application
if __name__ == '__main__':
    app.run(debug=True)


Explanation:

Flask(__name__) → Creates a Flask web application.

@app.route('/') → Defines a route (/) that maps to the home function.

return "Hello, Flask!" → The response displayed in the browser.

app.run(debug=True) → Runs the app in debug mode, allowing auto-reload on code changes.

**Step 3: Run the Flask Application**

Open a terminal and navigate to the project directory. Run:

python app.py


**Step 4: Test the Application**

Open your browser and visit:
👉 http://127.0.0.1:5000/

You should see:
"Hello, Flask!"

**Step 5: Add More Routes**






In [None]:
@app.route('/about')
def about():
    return "This is the About page."

@app.route('/user/<name>')
def greet_user(name):
    return f"Hello, {name}!"


**Step 6: Using HTML Templates (Optional)**

Instead of returning plain text, Flask can render HTML pages using templates.

1. Create a templates folder.

2. Inside it, create index.html:


In [None]:
<!DOCTYPE html>
<html lang="en">
<head>
    <title>Flask App</title>
</head>
<body>
    <h1>Welcome to My Flask App</h1>
</body>
</html>


3.Modify app.py to render the template:




In [None]:
from flask import render_template

@app.route('/')
def home():
    return render_template('index.html')


Q.6. What are HTTP methods used in RESTful APIs?

Ans: RESTful APIs use HTTP methods to perform operations on resources (e.g., users, orders, products). The most commonly used methods are:

1. GET (Retrieve Data):

Purpose: Fetch data from the server.

Safe & Idempotent: Does not modify data; multiple requests return the same result.

2. POST (Create Data):

Purpose: Submit data to create a new resource.

Not Idempotent: Multiple requests create duplicate resources.

3. PUT (Update Data):

Purpose: Update an existing resource (replaces the whole resource).

Idempotent: Multiple identical requests produce the same result.

4. PATCH (Partial Update):

Purpose: Partially update a resource (modifies only specified fields).

Idempotent: Multiple requests with the same changes result in the same outcome.

5. DELETE (Remove Data):

Purpose: Delete a resource from the server.

Idempotent: Multiple requests to delete the same resource have the same effect.



Q.7. What is the purpose of the @app.route() decorator in Flask?

Ans:In Flask, the @app.route() decorator is used to define routes (URLs) that map to specific view functions. It tells Flask which function should be executed when a specific URL is accessed.

Features of @app.route():
1. Maps URLs to Functions

- Assigns a function to handle requests at a specific URL.

2. Supports Dynamic Routing

- You can pass URL parameters to functions:

3. Allows Multiple HTTP Methods

- By default, routes handle GET requests.

- To allow POST, PUT, DELETE, use methods

4. Handles Multiple Routes for a Single Function



Q.8. What is the difference between GET and POST HTTP methods?

Ans:**GET**
**Purpose:**  Retrieve data from the server.
**Data Visibility:** Data is sent in the URL.
**Security:** Less secure.
**Idempotent:** Yes (multiple requests return the same result)
**Cacheble:**  Yes (browsers & proxies cache GET responses)
**Use Case:** Fetching data (e.g., search queries, reading records)


**POST**
**Purpose:** Send data to the server to create a resource
**Data Visibility:**Data is sent in the request body (hidden from URL)
**Security:** More secure (data in body, not stored in history)
**Idempotent:**No (multiple requests create duplicates)
**Cacheble:**   No (usually not cached)
**Use Case:** Submitting forms, creating new records



Q.9. How do you handle errors in Flask APIs?

Ans:Error handling in Flask APIs ensures that users receive clear, meaningful messages when something goes wrong. Flask provides several ways to handle errors, including built-in error handlers, abort(), and custom exception handling.

1. Using Flask’s Built-in Error Handlers:

Flask automatically handles common errors like 404 (Not Found) and 500 (Internal Server Error), but you can customize these responses.




In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def not_found(error):
    return jsonify({"error": "Resource not found"}), 404

if __name__ == '__main__':
    app.run(debug=True)


2. Using abort() to Stop Execution:

Flask’s abort() function immediately stops request execution and returns an error response.



In [None]:
from flask import Flask, jsonify, abort

app = Flask(__name__)

@app.route('/admin')
def admin_panel():
    abort(403)  # Forbidden

@app.errorhandler(403)
def forbidden(error):
    return jsonify({"error": "Access denied"}), 403

if __name__ == '__main__':
    app.run(debug=True)


3. Handling Application-Specific Errors:

For more control, you can define custom exceptions.



In [None]:
from flask import Flask, jsonify, request

app = Flask(__name__)

class InvalidUsage(Exception):
    def __init__(self, message, status_code):
        super().__init__()
        self.message = message
        self.status_code = status_code

@app.errorhandler(InvalidUsage)
def handle_invalid_usage(error):
    response = jsonify({"error": error.message})
    response.status_code = error.status_code
    return response

@app.route('/divide')
def divide():
    try:
        a = int(request.args.get('a'))
        b = int(request.args.get('b'))
        if b == 0:
            raise InvalidUsage("Division by zero is not allowed", 400)
        return jsonify({"result": a / b})
    except (TypeError, ValueError):
        raise InvalidUsage("Invalid input, provide numbers", 400)

if __name__ == '__main__':
    app.run(debug=True)


4. Catching Unhandled Exceptions
To prevent your API from crashing, handle generic exceptions.


In [None]:
@app.errorhandler(Exception)
def handle_general_error(error):
    return jsonify({"error": "Something went wrong"}), 500


Q.10 How do you connect Flask to a SQL database?

Ans:Flask can connect to SQL databases like SQLite, MySQL, and PostgreSQL using Flask-SQLAlchemy, an ORM (Object Relational Mapper) that simplifies database interactions.

1. Install Flask-SQLAlchemy:

First, install Flask-SQLAlchemy:

pip install Flask-SQLAlchemy


2. Set Up Flask with SQLAlchemy:

Create a Flask app and configure the database connection.


In [None]:
from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)

# Database Configuration (Using SQLite)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///users.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

# Initialize SQLAlchemy
db = SQLAlchemy(app)


 Database URI Formats:

SQLite: 'sqlite:///database.db'

PostgreSQL: 'postgresql://username:password@localhost/dbname'

MySQL: 'mysql+pymysql://username:password@localhost/dbname'

3. Define a Database Model
Create a User model (table) using SQLAlchemy.

In [None]:
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100), nullable=False)
    email = db.Column(db.String(100), unique=True, nullable=False)

    def __repr__(self):
        return f'<User {self.name}>'


4. Create the Database:

Run the following script to create the database and tables:

In [None]:
with app.app_context():
    db.create_all()


5. Insert Data into the Database:

Use Flask routes to add data.

In [None]:
@app.route('/add_user/<name>/<email>')
def add_user(name, email):
    new_user = User(name=name, email=email)
    db.session.add(new_user)
    db.session.commit()
    return f"User {name} added!"


6. Fetch Data from the Database:

Retrieve all users:

In [None]:
@app.route('/users')
def get_users():
    users = User.query.all()
    return { "users": [{ "id": u.id, "name": u.name, "email": u.email } for u in users] }


Q.11. What is the role of Flask-SQLAlchemy?

Ans:Flask-SQLAlchemy is an ORM (Object Relational Mapper) for Flask that simplifies database interactions. It provides an easy way to work with relational databases like SQLite, MySQL, and PostgreSQL using Python classes and objects instead of raw SQL queries.

Key Features of Flask-SQLAlchemy:

1. Simplifies Database Configuration:

Instead of writing complex SQL connection code, Flask-SQLAlchemy allows easy database setup in Flask:




In [None]:
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'


2. Uses ORM Instead of SQL Queries:

Instead of writing:


In [None]:
INSERT INTO users (name, email) VALUES ('Alice', 'alice@example.com');


You can use Python objects:


In [None]:
new_user = User(name="Alice", email="alice@example.com")
db.session.add(new_user)
db.session.commit()


3. Provides an Easy-to-Use Model System:

Define a table as a Python class:

In [None]:
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100), nullable=False)
    email = db.Column(db.String(100), unique=True, nullable=False)


4. Makes Querying Data Simple:

Instead of using complex SQL queries, you can retrieve data using Python:

In [None]:
users = User.query.all()  # Fetch all users
user = User.query.filter_by(name="Alice").first()  # Find a user by name


 5. Handles Transactions Automatically:

When adding, updating, or deleting records, Flask-SQLAlchemy handles database transactions:

In [None]:
db.session.add(new_user)   # Add new user
db.session.commit()        # Save changes


6. Supports Relationships Between Tables:

You can define one-to-many or many-to-many relationships:

In [None]:
class Post(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    title = db.Column(db.String(100), nullable=False)
    user_id = db.Column(db.Integer, db.ForeignKey('user.id'))


Q.12. What are Flask blueprints, and how are they useful?

Ans:Flask Blueprints are a way to organize a Flask application into smaller, reusable modules. They allow developers to split a large application into multiple smaller components, making it easier to manage and maintain. Each Blueprint acts as a mini-application with its own routes, templates, and static files.

**Why are Blueprints Useful?**

1.Modularization – Helps break a large application into smaller, manageable parts.

2.Code Reusability – Allows different parts of an application to be reused across multiple projects.

3.Easier Maintenance – Since each module is separate, debugging and updating specific features become simpler.

4.Team Collaboration – Different teams can work on different Blueprints without interfering with each other.

5.Simplifies Routing – Routes related to a particular feature can be grouped together within a Blueprint.



Q.13. What is the purpose of Flask's request object?

Ans: Flask’s request object is used to access incoming request data sent by the client (browser, API, or another service). It provides methods and properties to handle form data, query parameters, JSON data, headers, file uploads, and more.

**Purpose of request Object:**

The request object is essential for handling:

Form Data – Extracting input fields from HTML forms.

Query Parameters – Retrieving values from URL query strings (?key=value).

JSON Data – Parsing JSON payloads from API requests.

Headers – Accessing HTTP request headers.

File Uploads – Handling uploaded files.

Cookies & Sessions – Retrieving cookies and managing user sessions.

HTTP Methods – Identifying request methods (GET, POST, PUT, DELETE, etc.).


Q.14. How do you create a RESTful API endpoint using Flask?

Ans: To create a RESTful API endpoint in Flask, we use the Flask framework along with the request module for handling incoming data and the jsonify function for sending JSON responses.

Steps to Create a RESTful API Endpoint:
1. Install Flask (if not installed):


In [None]:
pip install flask


2. Create a Flask Application.

3. Define API Routes using @app.route() decorator.

4. Use HTTP Methods (GET, POST, PUT, DELETE) for different actions.

5. Return JSON Responses using jsonify().



Q.15. What is the purpose of Flask's jsonify() function?

Ans:Flask's jsonify() function is used to convert Python data structures (such as dictionaries and lists) into JSON-formatted responses. It is commonly used in RESTful APIs to send structured data back to the client.

**Why Use jsonify() Instead of json.dumps():**

1. Automatic Content-Type Handling – Sets Content-Type to "application/json", making it clear that the response is JSON.

2. Handles Unicode & Special Characters – Automatically encodes data properly.

3. Built-in Status Code Support – Allows setting HTTP status codes easily.

4. Optimized for Flask – Works seamlessly with Flask response objects.


Example Usage of jsonify()


In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/hello')
def hello():
    return jsonify(message="Hello, Flask!", status="success")

if __name__ == '__main__':
    app.run(debug=True)


Q.16  Explain Flask’s url_for() function?

Ans:Flask's url_for() function is used to generate URLs for a given function name (typically a view function) dynamically. Instead of hardcoding URLs in your templates or code, you can use url_for() to generate them, making your application more maintainable and flexible.

Syntax:

url_for(endpoint, **values)

- endpoint: The name of the view function for which the URL needs to be generated.

- values: Additional arguments that can be used to pass query parameters or URL variable values.

**Usage:**

 1. Generating URLs for Routes:


In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/home')
def home():
    return "Welcome to Home Page!"

with app.test_request_context():
    print(url_for('home'))  # Output: '/home'


2. Passing Variables in the URL


In [None]:
@app.route('/user/<username>')
def profile(username):
    return f"User: {username}"

with app.test_request_context():
    print(url_for('profile', username='John'))  # Output: '/user/John'


3. Adding Query Parameters


In [None]:
with app.test_request_context():
    print(url_for('home', page=2))
    # Output: '/home?page=2'


4. Using url_for() in Templates


In [None]:
<a href="{{ url_for('home') }}">Go to Home</a>


Q.17.  How does Flask handle static files (CSS, JavaScript, etc.)

Ans:Flask handles static files (such as CSS, JavaScript, and images) using a dedicated static/ folder in the project directory. By default, Flask serves static files from this folder without requiring additional configuration.

Flask makes serving static files simple by:

1. Automatically looking in the static/ folder.

2. Using url_for('static', filename='file') for dynamic URLs.

3. Allowing customization of the static folder.

4. Supporting manual file serving via send_from_directory().


Q.18. What is an API specification, and how does it help in building a Flask API?

Ans:An API specification is a formal document that defines how an API should behave, including its endpoints, request parameters, response formats, authentication methods, and error handling. It acts as a blueprint for developers to build, test, and integrate with an API.

**How API Specifications Help in Building a Flask API**

When developing a Flask API, having an API specification provides several benefits:

1. Clear Documentation for Developers:
- A well-defined API specification serves as a reference for frontend developers, backend engineers, and third-party consumers.

- Tools like Swagger (OpenAPI) automatically generate documentation from API specs.

2. Consistency Across Teams:
- Ensures that API endpoints follow a standard structure.

- Helps maintain uniform request/response formats.

3. Easier Testing & Validation:
- API specifications can be used with testing tools like Postman or Swagger UI to validate API behavior.

- Enables contract testing to ensure the API meets expectations.

4. Code Generation:
- Tools like Swagger Codegen or FastAPI can generate Flask boilerplate code based on an API spec.

5. Supports API Versioning & Maintenance:
- Helps in managing different API versions without breaking existing functionality.


Q.19. What are HTTP status codes, and why are they important in a Flask API?

Ans: HTTP status codes are three-digit responses sent by a server to indicate the result of a client's request. They help communicate success, failure, or errors when interacting with an API.

For example, when a Flask API processes a request, it returns a response along with an HTTP status code to inform the client whether the request was successful, unauthorized, not found, etc.

**Why Are HTTP Status Codes Important in a Flask API?**
1. Clear Communication:

- They inform clients (e.g., frontend apps, mobile apps) about the result of an API request.

2. Improves Debugging & Error Handling:

- Makes it easier for developers to understand what went wrong (e.g., 400 Bad Request vs. 500 Internal Server Error).

3. Standardized Behavior:

- Ensures consistency across different APIs and applications.

4. Better Client-Side Handling:

- Clients can act based on status codes (e.g., retry on 503 Service Unavailable or prompt login on 401 Unauthorized).



Q.20. How do you handle POST requests in Flask?

Ans:A POST request is used to send data to the server, typically to create a new resource (e.g., adding a user to a database). In Flask, you handle POST requests using the @app.route() decorator with the methods=["POST"] parameter.

Handling a Basic POST Request:

You can access incoming POST data using request.form or request.json (for JSON data).

Example: Handling Form Data


In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')  # Get data from form
    email = request.form.get('email')
    return jsonify({"message": f"Received {name} with email {email}"}), 201

if __name__ == "__main__":
    app.run(debug=True)



How it works:

- The client sends form data (e.g., from an HTML form).

- request.form.get('name') retrieves form inputs.

- The server responds with a JSON message

 Q.21. How would you secure a Flask API
Ans: Securing a Flask API is crucial to prevent unauthorized access, data leaks, and attacks like SQL injection or cross-site scripting (XSS). Below are best practices to enhance security.Below are some key security measures:

**1. Use HTTPS:**

- Enforce HTTPS to secure data in transit.

- Obtain an SSL/TLS certificate and configure your Flask app to use it.

**2. Authentication & Authorization**

- Authentication (Who are you?)
- Use JWT (JSON Web Tokens) or OAuth2 for authentication.
- Alternatively, use API keys or Basic Authentication (though less secure).

- Authorization (What can you do?)
- Implement Role-Based Access Control (RBAC) or Attribute-Based Access Control (ABAC).

**3.Secure API Endpoints**

- Use rate limiting to prevent abuse (e.g., Flask-Limiter).
- Validate and sanitize user input to prevent SQL Injection or XSS.
- Use CORS to prevent unauthorized cross-origin requests.

**4. Secure Database & Input Handling**

- Use parameterized queries or ORMs to prevent SQL Injection.
- Validate all user input.
- Use environment variables for database credentials.

**5. Protect Against CSRF**
- Use Flask-WTF to protect against Cross-Site Request Forgery (CSRF).

**6. Secure API Keys & Sensitive Data**
- Store API keys and secrets in environment variables or a vault (e.g., AWS - Secrets Manager, HashiCorp Vault).
- Do not hardcode credentials in code.

**7. Logging & Monitoring**
- Use Flask-Logging and Flask-Sentry for error tracking.
- Log security-related events and monitor API access.

**8. Implement Security Headers**
-  Use Flask-Talisman to enforce security headers.

**9. Container & Deployment Security**
- Use Docker best practices (e.g., non-root users, minimal images).
- Implement firewalls and WAFs.

**10. Regular Security Audits**
- Perform penetration testing.
- Use tools like Bandit (for Python security scanning).
- Keep dependencies up to date.





 Q.22. What is the significance of the Flask-RESTful extension?
 Ans:Flask-RESTful is an extension that simplifies the process of building RESTful APIs in Flask. It provides a structured approach to organizing endpoints and managing API resources, reducing boilerplate code.

**Key Benefits of Flask-RESTful**
1. Simplifies API Development
- Flask-RESTful abstracts away much of the manual work needed for creating REST APIs.
- It provides a Resource class to define API endpoints efficiently.

2. Encourages RESTful Principles
- Each API endpoint is treated as a Resource with standard HTTP methods like GET, POST, PUT, and DELETE.
- Promotes separation of concerns by defining resources independently.

3. Built-in Request Parsing (Input Validation)
- Flask-RESTful provides reqparse for validating incoming requests and handling missing fields.

4. Supports Custom Error Handling
- Provides a centralized way to handle errors with abort().

5. Supports API Versioning & Namespaces
- You can define multiple API versions with Blueprints or Namespaces.
- This makes the API maintainable when extending functionality.





Q.23. What is the role of Flask’s session object?

Ans:Flask’s session object provides a way to store and manage user-specific data across multiple requests. It is primarily used for:

✅ Persisting User Data (e.g., login state, preferences)

✅ Managing Sessions without requiring a database

✅ Enhancing Security with built-in encryption

**How Flask’s session Works**
- session behaves like a dictionary and stores data per user.

- By default, Flask uses signed cookies to store session data on the client side.

- Data is encrypted using the SECRET_KEY to prevent tampering.




Practical Question

In [None]:
# 1. How do you create a basic Flask application
from flask import Flask

app = Flask(__name__)  # Initialize Flask app

@app.route("/")  # Define a route
def home():
    return "Hello, Flask!"

if __name__ == "__main__":
    app.run(debug=True)  # Run the app


2. How do you serve static files like images or CSS in Flask?

Ans:Linking CSS, JavaScript, and Images in index.html



In [None]:
<!DOCTYPE html>
<html lang="en">
<head>
    <title>Flask Static Files</title>
    <link rel="stylesheet" href="{{ url_for('static', filename='css/styles.css') }}">
    <script src="{{ url_for('static', filename='js/script.js') }}"></script>
</head>
<body>
    <h1>Flask Static Files Example</h1>
    <img src="{{ url_for('static', filename='images/logo.png') }}" alt="Logo">
</body>
</html>



Flask App to Serve Static Files

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route("/")
def home():
    return render_template("index.html")

if __name__ == "__main__":
    app.run(debug=True)


In [None]:
#3. How do you define different routes with different HTTP methods in Flask
from flask import request

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        return do_the_login()
    else:
        return show_the_login_form()

 Q.4.How do you render HTML templates in Flask?

 Ans:
 1. Directory layout

 .

├── app.py

├── templates/

    └── index.html

2.  Generate HTML pages

In [None]:
<!-- templates/index.html -->
<!DOCTYPE html>
<html>
  <head>
    <title>Hello World</title>
  </head>
  <body>
    <h1>Hello World!!</h1>
  </body>
</html>

3. Build flask application

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def hello():
  return render_template('index.html')

if __name__ == '__main__':
  app.run()

4. Run the app!
To run the app, simply run

python3 app.py

 Q.5. How can you generate URLs for routes in Flask using url_for
Ans:
1. Basic Route



In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/home')
def home():
    return "Welcome to Home!"

with app.test_request_context():
    print(url_for('home'))  # Output: /home



2.  Route with Variables

In [None]:
@app.route('/user/<username>')
def profile(username):
    return f"User: {username}"

with app.test_request_context():
    print(url_for('profile', username='john'))  # Output: /user/john


3. Adding Query Parameters

In [None]:
with app.test_request_context():
    print(url_for('home', page=2))  # Output: /home?page=2


4. Generating URLs for Static Files


In [None]:
with app.test_request_context():
    print(url_for('static', filename='style.css'))  # Output: /static/style.css


 Q.6. How do you handle forms in Flask?

Ans:
1. Handling Forms Using Flask (request.form)


In [None]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def index():
    if request.method == 'POST':
        name = request.form.get('name')
        email = request.form.get('email')
        return f"Received: Name - {name}, Email - {email}"

    return '''
        <form method="post">
            Name: <input type="text" name="name"><br>
            Email: <input type="email" name="email"><br>
            <input type="submit">
        </form>
    '''

if __name__ == '__main__':
    app.run(debug=True)


2. Handling Forms Using Flask-WTF

In [None]:
from flask import Flask, render_template, request, redirect, url_for
from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'  # Required for CSRF protection

class MyForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired()])
    submit = SubmitField('Submit')

@app.route('/', methods=['GET', 'POST'])
def index():
    form = MyForm()
    if form.validate_on_submit():
        name = form.name.data
        return f"Hello, {name}!"
    return render_template('form.html', form=form)

if __name__ == '__main__':
    app.run(debug=True)


Q.7. How can you validate form data in Flask

Ans: 1. Manual Form Validation (Basic Approach)



In [None]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def index():
    errors = []

    if request.method == 'POST':
        name = request.form.get('name', '').strip()
        email = request.form.get('email', '').strip()

        if not name:
            errors.append("Name is required.")
        if not email or '@' not in email:
            errors.append("Valid email is required.")

        if not errors:
            return f"Form submitted successfully! Name: {name}, Email: {email}"

    return '''
        <form method="post">
            Name: <input type="text" name="name"><br>
            Email: <input type="email" name="email"><br>
            <input type="submit">
        </form>
    ''' + "<br>".join(errors)

if __name__ == '__main__':
    app.run(debug=True)


2. Validation Using Flask-WTF (Recommended)

In [None]:
from flask import Flask, render_template, request
from flask_wtf import FlaskForm
from wtforms import StringField, EmailField, SubmitField
from wtforms.validators import DataRequired, Email, Length

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'  # Required for CSRF protection

class MyForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired(), Length(min=2, max=20)])
    email = EmailField('Email', validators=[DataRequired(), Email()])
    submit = SubmitField('Submit')

@app.route('/', methods=['GET', 'POST'])
def index():
    form = MyForm()

    if form.validate_on_submit():
        name = form.name.data
        email = form.email.data
        return f"Success! Name: {name}, Email: {email}"

    return render_template('form.html', form=form)

if __name__ == '__main__':
    app.run(debug=True)


Q.8.  How do you manage sessions in Flask

Ans:

In [None]:
from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'supersecretkey'  # Required for signing session data

@app.route('/')
def index():
    return f"Hello, {session.get('username', 'Guest')}!"

@app.route('/login', methods=['POST', 'GET'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']
        return redirect(url_for('index'))

    return '''
        <form method="post">
            Username: <input type="text" name="username">
            <input type="submit" value="Login">
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None)
    return redirect(url_for('index'))

if __name__ == '__main__':
    app.run(debug=True)
How It Works
session['key'] = value → Stores a value in the session.

session.get('key', default) → Retrieves the session value.

session.pop('key', None) → Removes a key from the session.

The secret_key ensures the session data is signed to prevent tampering.



In [None]:
#Q.9 How do you redirect to a different route in Flask?
from flask import Flask, redirect

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page!'

@app.route('/redirect-me')
def redirect_me():
    return redirect('/destination')

@app.route('/destination')
def destination():
    return 'You have been redirected!'

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# Q.10  How do you handle errors in Flask (e.g., 404)
from flask import Flask, render_template

app = Flask(__name__)

@app.errorhandler(404)
def not_found(error):
    return render_template('404.html'), 404  # Custom 404 page

if __name__ == '__main__':
    app.run(debug=True)


Q.11. How do you structure a Flask app using Blueprints?

Ans:
**1.Create the Flask App (app/__init__.py):**

This file initializes the Flask app and registers the Blueprints.


In [None]:
from flask import Flask
from app.blueprints.auth import auth_bp
from app.blueprints.dashboard import dashboard_bp

def create_app():
    app = Flask(__name__)

    # Register blueprints
    app.register_blueprint(auth_bp, url_prefix='/auth')
    app.register_blueprint(dashboard_bp, url_prefix='/dashboard')

    return app


**2. Create Blueprints**

Authentication Blueprint (app/blueprints/auth.py)

In [None]:
from flask import Blueprint, render_template

auth_bp = Blueprint('auth', __name__)

@auth_bp.route('/login')
def login():
    return render_template('login.html')

@auth_bp.route('/logout')
def logout():
    return "You have been logged out"


**Dashboard Blueprint (app/blueprints/dashboard.py)**

In [None]:
from flask import Blueprint

dashboard_bp = Blueprint('dashboard', __name__)

@dashboard_bp.route('/')
def dashboard_home():
    return "Welcome to the dashboard!"


**3.Create the run.py File**

This script runs the Flask app.

In [None]:
from app import create_app

app = create_app()

if __name__ == '__main__':
    app.run(debug=True)


**4.Running the App:**

Run the application using:

python run.py


Q.12. How do you define a custom Jinja filter in Flask?

Ans:

**1.Register a Custom Jinja Filter**

You can create a custom filter function and register it with Flask.

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

# Custom Jinja filter: Capitalizes every word in a string
def capitalize_words(s):
    return ' '.join(word.capitalize() for word in s.split())

# Register the filter
app.jinja_env.filters['capitalize_words'] = capitalize_words

@app.route('/')
def home():
    return render_template('index.html', message="hello world from flask")

if __name__ == '__main__':
    app.run(debug=True)


**2.Use the Custom Filter in a Jinja Template**

In index.html:

In [None]:
<p>Original: {{ message }}</p>
<p>Filtered: {{ message | capitalize_words }}</p>


In [None]:
#Q.13. How can you redirect with query parameters in Flask?
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page!'

@app.route('/redirect-me')
def redirect_me():
    return redirect(url_for('destination', name='John', age=30))

@app.route('/destination')
def destination():
    name = request.args.get('name', 'Guest')
    age = request.args.get('age', 'Unknown')
    return f'Hello {name}, you are {age} years old!'

if __name__ == '__main__':
    app.run(debug=True)



In [None]:
#Q.14. How do you return JSON responses in Flask
from flask import Flask, jsonify
app = Flask(__name__)

@app.route('/json')
def return_json():
    data = {"message": "Hello, Flask!", "status": "success"}
    return jsonify(data)  # Converts Python dictionary to JSON response

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#Q.15 How do you capture URL parameters in Flask?

from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user(username):
    return f'Hello, {username}!'

if __name__ == '__main__':
    app.run(debug=True)
