Restful API & Flask

## Q1. What is a RESTful API?
A RESTful API (Representational State Transfer API) is an architectural style used for building web services. It relies on **HTTP methods** like GET, POST, PUT, and DELETE to perform operations on resources.  
- **Resource-based:** Every entity (user, product, etc.) is treated as a resource with its own URL.  
- **Stateless:** Each request from the client contains all the information the server needs; the server does not store client state.  
- **Uniform Interface:** The interaction between client and server follows consistent principles.  

**Why important?** RESTful APIs make it easy for applications to communicate over the internet, enabling integration between mobile apps, web apps, and cloud services.  

---

## Q2. Explain the concept of API specification.
An **API specification** is a formal document that describes how an API should behave. It defines:  
- **Endpoints** (URLs for resources).  
- **HTTP methods** supported by each endpoint.  
- **Request parameters** and data formats (JSON, XML).  
- **Response structure** and possible error codes.  

**Why useful?**  
- Provides clarity to developers.  
- Ensures consistency across teams.  
- Allows automatic generation of documentation and client SDKs (e.g., via Swagger/OpenAPI).  

---

## Q3. What is Flask, and why is it popular for building APIs?
Flask is a **lightweight Python web framework** designed for flexibility and simplicity.  
- It provides essential tools for building web applications and APIs without unnecessary complexity.  
- Flask follows the principle of being minimal, letting developers add only what they need.  

**Why popular for APIs?**  
1. Easy to learn and use – perfect for beginners.  
2. Flexible – supports both small apps and large projects.  
3. Rich ecosystem – extensions like Flask-RESTful, Flask-SQLAlchemy.  
4. Strong community support and documentation.  

---

## Q4. What is routing in Flask?
Routing in Flask is the process of **mapping a URL to a specific function** (called a view function). When a client visits a URL, Flask determines which function should handle that request.  

Example:  
- `/home` → handled by `home()` function  
- `/about` → handled by `about()` function  

Routing allows developers to organize their applications and define how users interact with it.  

---

## Q5. How do you create a simple Flask application?
A simple Flask application involves:  
1. Importing Flask.  
2. Creating an instance of the Flask class.  
3. Defining routes and their view functions.  
4. Running the application server.  

Even with just a few lines of code, Flask allows you to serve web pages and handle API requests.  

---

## Q6. What are HTTP methods used in RESTful APIs?
The key HTTP methods are:  
- **GET** – Retrieve data from the server.  
- **POST** – Create a new resource.  
- **PUT** – Update an existing resource.  
- **DELETE** – Remove a resource.  
- **PATCH** – Partially update a resource.  

Each method follows REST principles and makes APIs predictable and easy to use.  

---

## Q7. What is the purpose of the `@app.route()` decorator in Flask?
The `@app.route()` decorator binds a URL to a Python function. When a client visits the URL, Flask calls that function.  
- Example: `@app.route("/hello")` → connects `/hello` to `hello()` function.  
- It defines endpoints in a clear and simple way.  

Without routing, a Flask app would not know how to respond to different URLs.  

---

## Q8. What is the difference between GET and POST HTTP methods?
- **GET:**  
  - Used to request data from the server.  
  - Parameters are sent in the URL query string.  
  - Suitable for fetching information (idempotent).  

- **POST:**  
  - Used to send data to the server, usually in the request body.  
  - Commonly used for form submissions, creating resources, or sending JSON data.  
  - Not idempotent – multiple POSTs may create multiple records.  

---

## Q9. How do you handle errors in Flask APIs?
Error handling is crucial for building reliable APIs. Flask provides mechanisms like:  
- **Custom error handlers** using `@app.errorhandler()`.  
- Returning meaningful HTTP status codes (e.g., 404 for not found, 500 for server error).  
- Sending JSON responses with error messages for consistency.  

Proper error handling improves user experience and helps developers debug issues.  

---

## Q10. How do you connect Flask to a SQL database?
To connect Flask to a SQL database, developers typically use **Flask-SQLAlchemy**, which is an ORM (Object Relational Mapper).  
Steps:  
1. Install and configure the database connection string.  
2. Define models (classes that represent tables).  
3. Use SQLAlchemy methods to perform CRUD operations.  

This makes database handling more Pythonic and reduces manual SQL queries.  

---

## Q11. What is the role of Flask-SQLAlchemy?
Flask-SQLAlchemy is an extension that integrates SQLAlchemy with Flask.  
- It simplifies database setup and configuration.  
- Provides a Python class-based interface for defining database models.  
- Supports migrations, relationships, and advanced queries.  

It bridges the gap between Flask apps and relational databases like MySQL, PostgreSQL, or SQLite.  

---

## Q12. What are Flask blueprints, and how are they useful?
Blueprints in Flask are a way to organize an application into smaller, reusable components.  
- They allow grouping routes, templates, and static files into modules.  
- Useful in large projects where multiple developers work on different parts.  

For example, an app can have separate blueprints for `auth`, `admin`, and `api`.  

---

## Q13. What is the purpose of Flask's request object?
The `request` object in Flask provides access to all incoming request data.  
- Contains details like form data, JSON body, headers, and query parameters.  
- Example: `request.args` for query strings, `request.json` for JSON body.  

It is essential for handling user input in APIs.  

---

## Q14. How do you create a RESTful API endpoint using Flask?
To create a RESTful API endpoint:  
1. Define a route with `@app.route()`.  
2. Specify the allowed HTTP methods (GET, POST, etc.).  
3. Inside the function, handle logic and return JSON responses.  

Endpoints define how clients interact with the API resources.  

---

## Q15. What is the purpose of Flask's `jsonify()` function?
The `jsonify()` function converts Python dictionaries or lists into proper JSON responses with the correct MIME type (`application/json`).  
- Ensures responses follow JSON standards.  
- Automatically sets correct headers.  

It is the preferred way of returning JSON data in Flask APIs.  

---

## Q16. Explain Flask’s `url_for()` function.
The `url_for()` function generates URLs dynamically based on route names instead of hardcoding them.  
- Example: `url_for("home")` → `/home`.  
- Helps maintain flexibility – if routes change, code still works.  
- Reduces errors in large applications with many routes.  

---

## Q17. How does Flask handle static files (CSS, JavaScript, etc.)?
Flask serves static files (images, CSS, JavaScript) from a default folder named `static/`.  
- Developers can access them via `url_for("static", filename="style.css")`.  
- This keeps assets organized and easily accessible.  

Static files are crucial for styling and interactivity in web applications.  

---

## Q18. What is an API specification, and how does it help in building a Flask API?
An API specification formally defines how the API behaves. It includes endpoints, methods, input/output formats, and status codes.  
- In Flask, following a specification ensures the API is consistent and predictable.  
- Tools like Swagger/OpenAPI can generate documentation from specs.  
- It helps teams collaborate efficiently and reduces misunderstandings.  

---

## Q19. What are HTTP status codes, and why are they important in a Flask API?
HTTP status codes are 3-digit numbers that indicate the result of an HTTP request.  
- **200 (OK):** Request successful.  
- **201 (Created):** Resource created successfully.  
- **400 (Bad Request):** Invalid input from client.  
- **404 (Not Found):** Requested resource missing.  
- **500 (Server Error):** Internal server problem.  

They are important because they communicate the outcome of API calls clearly to clients.  

---

## Q20. How do you handle POST requests in Flask?
To handle a POST request:  
- Define a route with `methods=["POST"]`.  
- Use `request.form`, `request.json`, or `request.data` to extract input.  
- Process the data (e.g., save to database).  
- Return a JSON response with a relevant status code.  

POST requests are mainly used to create new records in RESTful APIs.  

---

## Q21. How would you secure a Flask API?
Securing a Flask API involves:  
- **Authentication & Authorization:** Using JWT (JSON Web Tokens) or OAuth2.  
- **Input validation:** Preventing malicious inputs (SQL injection, XSS).  
- **HTTPS:** Encrypting data in transit.  
- **Rate limiting:** Protecting against denial-of-service attacks.  
- **Error handling:** Avoid exposing sensitive server information.  

Security ensures only legitimate users can access and manipulate resources.  

---

## Q22. What is the significance of the Flask-RESTful extension?
Flask-RESTful is an extension that simplifies the creation of REST APIs.  
- Provides `Resource` classes to define endpoints more cleanly.  
- Handles input parsing, request/response formatting, and error handling.  
- Encourages best practices for RESTful API design.  

It reduces boilerplate code and speeds up development.  

---

## Q23. What is the role of Flask’s session object?
The `session` object in Flask stores data specific to a user across multiple requests.  
- It is stored securely on the client side using cookies (signed with a secret key).  
- Commonly used for login sessions, preferences, and temporary data.  

This allows web apps to “remember” users between page visits.  

---

In [8]:
# Q1. How do you create a basic Flask application?
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, this is my first Flask app!"



In [9]:
# Q2. How do you serve static files like images or CSS in Flask?
from flask import Flask

app = Flask(__name__, static_url_path='/static')




In [10]:
# Q3. How do you define different routes with different HTTP methods in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Form submitted using POST"
    return "Send form data using GET or POST"




In [11]:
# Q4. How do you render HTML templates in Flask?
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/hello')
def hello():
    return render_template('hello.html')



In [12]:
# Q5. How can you generate URLs for routes in Flask using url_for?
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/profile')
def profile():
    return "User Profile Page"

with app.test_request_context():
    print(url_for('profile'))




/profile


In [13]:
# Q6. How do you handle forms in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        return f"Welcome {request.form['username']}"
    return '''
        <form method="post">
            <input type="text" name="username"/>
            <input type="submit"/>
        </form>
    '''




In [15]:
# Q7. How can you validate form data in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/validate', methods=['POST'])
def validate():
    username = request.form.get("username", "")
    if not username:
        return "Username is required!"
    return f"Valid Username: {username}"




In [16]:
# Q8. How do you manage sessions in Flask?
from flask import Flask, session

app = Flask(__name__)
app.secret_key = "secret_key"

@app.route('/set_session')
def set_session():
    session['user'] = "Karan"
    return "Session set!"

@app.route('/get_session')
def get_session():
    return session.get('user', 'No session found')




In [17]:
# Q9. How do you redirect to a different route in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('dashboard'))

@app.route('/dashboard')
def dashboard():
    return "Welcome to Dashboard!"



In [18]:
# Q10. How do you handle errors in Flask (e.g., 404)?
from flask import Flask

app = Flask(__name__)

@app.errorhandler(404)
def not_found(e):
    return "404 Error: Page not found", 404




In [19]:
# Q11. How do you structure a Flask app using Blueprints?
from flask import Flask, Blueprint

bp = Blueprint('simple_page', __name__)

@bp.route('/hello')
def hello():
    return "Hello from Blueprint!"

app = Flask(__name__)
app.register_blueprint(bp)




In [20]:
# Q12. How do you define a custom Jinja filter in Flask?
from flask import Flask

app = Flask(__name__)

@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

@app.route('/filter')
def filter_demo():
    return "{{ 'hello'|reverse }}"




In [21]:
# Q13. How can you redirect with query parameters in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/redirect')
def redir():
    return redirect(url_for('greet', name="Karan"))

@app.route('/greet')
def greet():
    return "Hello Karan!"




In [22]:
# Q14. How do you return JSON responses in Flask?
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/json')
def json_demo():
    return jsonify({"name": "Karan", "age": 21})




In [23]:
# Q15. How do you capture URL parameters in Flask?
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user(username):
    return f"Hello {username}!"


