#Requirements


In [1]:
# First Cell: Install Flask and Pyngrok
!pip install flask
!pip install flask-ngrok
!pip install pyngrok

Collecting pyngrok
  Downloading pyngrok-7.2.11-py3-none-any.whl.metadata (9.4 kB)
Downloading pyngrok-7.2.11-py3-none-any.whl (25 kB)
Installing collected packages: pyngrok
Successfully installed pyngrok-7.2.11


#Theory Questions


## **Q. 1 What is a RESTful API?**

Answer:

REST stands for Representational State Transfer.

A **RESTful API** is a web-based interface that allows systems to communicate over the internet using the **HTTP protocol**, based on the **REST (Representational State Transfer)** architectural style.

It enables interaction with **resources**, which are uniquely identified by **URLs**, using standard HTTP methods:

* `GET` – Retrieve data
* `POST` – Create new data
* `PUT` – Update existing data
* `DELETE` – Remove data

---

#### 🔑 **Key Characteristics of RESTful APIs:**

1. **Stateless:** Each request from the client must contain all necessary information; the server does not retain session state between requests.

2. **Client-Server Architecture:** The client (e.g., browser/app) and server (e.g., database/API) operate independently.

3. **Cacheable:** Responses can be cached by the client or intermediate systems to improve performance.

4. **Uniform Interface:** Uses consistent, standardized methods and data formats like JSON or XML.

5. **Layered System:** Requests can pass through multiple layers (like firewalls, load balancers, or security layers) transparently.

6. **Code on Demand (optional):** Servers can optionally send executable code (like JavaScript) to enhance client functionality.

---

#### 🧾 **Example API Endpoints for User Management:**

* `GET /users` → Fetch all users
* `GET /users/101` → Fetch user with ID 101
* `POST /users` → Add a new user
* `PUT /users/101` → Modify user 101
* `DELETE /users/101` → Remove user 101

---


## **Q. 2:  Explain the concept of API specification?**

Answer:

- An API specification defines how clients should communicate with an API.

- It includes:

 - Endpoints (URLs)

 - Methods (GET, POST, etc.)

 - Parameters (query/path/body)

 - Request/response format (JSON, XML)

- Example Tool: Popular API Specification Formats:
 - OpenAPI (Swagger): Most widely used for designing and documenting REST APIs.

 - RAML (RESTful API Modeling Language): YAML-based format for defining APIs.

 - API Blueprint: Markdown-style format to write readable API documentation.

## **Q. 3: What is Flask, and why is it popular for building APIs?**

Answer:
- Flask is a lightweight, micro web framework in Python  for building web applications and APIs.

- It is lightweight and easy to use for building APIs.

- Why popular:
 - Minimalistic – Small core with extensibility.
 - Easy to Learn – Simple syntax, beginner-friendly.
 - Built-in Development Server – No need for external servers.
 - Supports RESTful APIs – Works well with Flask-RESTful.
 - Flexible – No strict project structure.
 - Large Community & Extensions – Authentication, database integration, etc.


## **Q. 4:   What is routing in Flask?**

Answer:
- When a user visits a URL, Flask looks at the route and runs the function linked to it.
- Routing in Flask means connecting a URL to a function.
- Defined using @app.route() decorator.
- Routing in Flask refers to the process of mapping URLs to functions, which handle the request and generate a response






## **Q. 5:    How do you create a simple Flask application?**

Answer:

To create a basic Flask application:

1. Install Flask using pip:

`pip install flask`

2. Create a Python file (e.g., app.py) and write the following code:


```
from flask import Flask
app = Flask(__name__)

@app.route('/')
def index():
    return "Hello, World!"

if __name__ == '__main__':
    app.run(debug=True)
    
```




Explanation:

`Flask(__name__)`: Initializes the Flask app.

`@app.route('/')`: Creates a route for the home page.

`debug=True`: Enables debug mode for easier development.

## **Q. 6: What are HTTP methods used in RESTful APIs?**

Answer:

- GET: Retrieves data from the server without modifying it.

 - Example:` GET /users` → Fetch list of users.

- POST: Sends new data to the server to create a resource.

 - Example: `POST /users` with body `{"name": "Yash"}` → Creates a new user.

- PUT: Updates an existing resource entirely.

 - Example: `PUT /users/1` with full data → Updates user with ID 1.

- PATCH: Updates part of an existing resource.

 - Example: `PATCH /users/1` with` {"name": "Yashika"} `→ Updates only the name.

- DELETE: Deletes a specified resource.

 - Example: `DELETE /users/1` → Deletes user with ID 1.

##Summary
- Common methods:
 - GET    – To read or fetch data
 - POST   – To create new data
 - PUT    – To update existing data
 - DELETE – To delete data
 - PATCH  – To partially update data (optional)
- Example:
 - `GET /users` → Get list of users
 - `POST /users` → Add a new user
 - `PUT /users/1` → Update user with ID 1
 - `DELETE /users/1` → Delete user with ID 1

## **Q. 7: What is the purpose of the @app.route() decorator in Flask?**

Answer:
The @app.route() decorator is used to define the URL pattern for a specific function. It tells Flask which function should handle a particular route.

It maps a URL path to a specific function.

Helps Flask know which function to call when a route is accessed.

The @app.route() decorator tells Flask which URL should trigger a specific function.

It connects a web address (route) to the code that runs when someone visits that address.

The @app.route() decorator in Flask is used to define URL routes, mapping them to specific functions that handle requests.

Defines URL Endpoints → Specifies the path for a webpage or API.
Handles Requests → Maps a function to a URL, executing it when the URL is accessed.
Supports Multiple Routes → Allows different routes to point to different functions.
Purpose of @app.route() Defines Routes: It binds a URL to a view function, making it accessible to users.

Handles HTTP Requests: It can be configured to handle different HTTP methods (e.g., GET, POST).

Simplifies Routing: Instead of manually mapping URLs to functions, @app.route() provides a clean and readable way to define routes.

The @app.route() decorator in Flask is used to define URL routes, mapping them to specific functions that handle requests.

Defines URL Endpoints → Specifies the path for a webpage or API.
Handles Requests → Maps a function to a URL, executing it when the URL is accessed.
Supports Multiple Routes → Allows different routes to point to different functions.

When to Use @app.route()?
✅ When defining web pages and API endpoints.
✅ When handling user input and database queries.
✅ When structuring RESTful APIs in Flask.



```
@app.route('/about')  
def about():
    return "About Page"
```
When users visit /about, Flask calls the about() function and returns "About Page".


## **Q. 8: What is the difference between GET and POST HTTP methods?**

Answer:

| Feature          | GET                                   | POST                                     |
| ---------------- | ------------------------------------- | ---------------------------------------- |
| Purpose          | Retrieve data from the server         | Send data to the server to create/update |
| Data Location    | Sent in the URL                       | Sent in the request body                 |
| Visibility       | Visible in browser URL                | Hidden from URL                          |
| Use Case Example | `GET /users?name=John`                | `POST /users` with `{"name": "John"}`    |
| Caching          | Can be cached                         | Not cached                               |
| Idempotency      | Yes (multiple requests = same result) | No (may create duplicates)               |
| Bookmarked URLs  | Can be bookmarked easily              | Cannot be bookmarked                     |
| Security         | Less secure (data in URL)             | More secure for sensitive data           |




## **Q.  9:  How do you handle errors in Flask APIs?**

Answer:

Flask provides several ways to handle errors gracefully in APIs, allowing you to return user-friendly messages, custom status codes, and maintain robust application behavior.

 1. Using @app.errorhandler() Decorator / Error Handlers:
  - Define custom responses for specific HTTP errors using '@app.errorhandler()'.

  -  @app.errorhandler(404) def not_found(error): return {"error": "Not found"}, 404

  -  This allows you to catch specific HTTP error codes (like 404 or 500) and define custom responses.


 2. Using try-except Blocks
   - Use Python’s built-in exception handling to catch runtime errors and return a meaningful response.
  - Try-Except Blocks: Catch and manage exceptions in view functions.

  - try: # some code except Exception as e: return {"error": str(e)}, 500

 3. Using abort() Function
  - abort() Function: Manually trigger HTTP errors.

  - Example:   from flask import abort abort(400)
  - Manually abort a request with a specific HTTP error code if a condition fails.

 4. Logging Errors for Debugging

You can log errors to the console or a file to monitor issues:

* Best Practices for Error Handling in APIs:

| Practice                         | Why It Matters                              |
| -------------------------------- | ------------------------------------------- |
| Use proper **HTTP status codes** | Helps clients understand the type of error  |
| Return **JSON-formatted errors** | Easy to parse in frontend or other services |
| Provide **clear error messages** | Improves API usability and debugging        |
| Avoid exposing internal errors   | Prevents security leaks                     |
| Log critical errors              | Useful for monitoring and maintenance       |


**Use Flask's Built-in Error Handling** :  
- Flask automatically provides default error responses, but they may not be user-friendly.

**Define Custom Error Handlers** :  
- You can create functions to handle specific errors (e.g., 404, 400, 500) and return a structured response, usually in JSON format.

**Use HTTP Status Codes**:  
- Proper status codes (e.g., 400 for Bad Request, 404 for Not Found, 500 for Internal Server Error) should be included in the response to help clients understand the issue.

**Log Errors for Debugging** :  
- Keeping track of errors in logs helps in debugging and maintaining the API.

**Provide Meaningful Error Messages** :  
- Instead of generic error messages, give clear descriptions of what went wrong to improve the API's usability.



## **Q. 10:  How do you connect Flask to a SQL database?**

Answer:

1. **Install Required Libraries**

   * Install `Flask` and `Flask-SQLAlchemy` for database integration.

2. **Configure the Database URI**

   * Set the connection string in `app.config` for SQLite, MySQL, or PostgreSQL.

3. **Initialize SQLAlchemy**

   * Create an instance of `SQLAlchemy` to manage the connection and models.

4. **Define Models**

   * Create Python classes that represent database tables using SQLAlchemy ORM.

5. **Create the Database and Tables**

   * Use SQLAlchemy to generate database tables based on the defined models.

6. **Insert Data**

   * Use the session object to add and commit new records to the database.

7. **Query Data**

   * Use model queries to fetch records, filter data, or apply conditions.

8. **Database Options**

   * Supports multiple databases: SQLite (local), MySQL, PostgreSQL, etc.

9. **Optional: Flask-Migrate**

   * Use Flask-Migrate for managing database schema changes over time.

10. **Alternative: Without ORM**

* You can also connect directly using `sqlite3` and manage queries manually.


## **Q.11 : What is the role of Flask-SQLAlchemy?**

Answer:

**Flask-SQLAlchemy** is an **Object Relational Mapper (ORM)** extension for Flask that simplifies working with SQL databases using Python classes instead of writing raw SQL queries.

### **Why Flask-SQLAlchemy is Used – Key Points:**

1. **Simplifies Database Operations**

   * Allows you to interact with the database using Python objects (classes), making code cleaner and more readable.

2. **Maps Python Classes to Tables**

   * Each class represents a table, and each class attribute represents a column.

3. **No Need to Write Raw SQL**

   * Performs database actions like insert, update, delete, and query without manual SQL queries.

4. **Supports Multiple Databases**

   * Works with SQLite, MySQL, PostgreSQL, and more.

5. **Integrates Easily with Flask**

   * Fits naturally into Flask apps and supports Flask’s configuration and context system.

6. **Supports Advanced Features**

   * Relationships between tables, migrations, filters, joins, and model-based queries.

7. **Maintains Code Scalability**

   * Helps build large, well-structured applications with clean separation between logic and data layers.

8. **Works with Flask-Migrate**

   * Supports automatic database schema versioning and migrations.

Flask-SQLAlchemy provides a **powerful, Pythonic, and easy-to-use way** to work with SQL databases in Flask. It abstracts complex SQL operations and enables efficient database management through models and sessions.


## **Q.12 : What are Flask blueprints, and how are they useful?**

Answer:

A **Flask Blueprint** is a way to organize a Flask application into **modular components**. It allows you to **group related routes, templates, and static files** together, promoting cleaner code and better scalability.


### **Key Points about Flask Blueprints:**

**Flask Blueprints** are useful because they help in building **structured, scalable, and maintainable** web applications. Here's how:



1. **Modularization of Code**

   * Blueprints allow you to split your app into components (e.g., `auth`, `admin`, `blog`), making large apps easier to manage.

2. **Improves Readability**

   * Keeps your code organized by grouping related routes, templates, and logic together.

3. **Reusability**

   * You can reuse the same blueprint across multiple projects or apps.

4. **Team Collaboration**

   * Developers can work on different blueprints (modules) independently without conflicts.

5. **Cleaner Application Structure**

   * Keeps your `app.py` or `__init__.py` clean and focused on configuration and app startup only.

6. **Centralized Routing**

   * All blueprints are registered in one place, giving you better control over route management.

7. **Easy Maintenance**

   * Bugs and updates are easier to track and fix in small, separated blueprint files.

8. **Support for Large-Scale Projects**

   * Essential for scaling Flask applications with multiple functionalities or microservices.



**Flask Blueprints** make your application **modular, organized, reusable**, and **easy to scale** — especially helpful as your project grows in size or complexity.








## **Q.13 : What is the purpose of Flask's request object?**

Answer:

The `request` object in Flask is used to **access and process incoming request data** sent by the client (browser, mobile app, or API tool). It provides all the information related to the HTTP request.


###  **Key Purposes of Flask's `request` Object:**

1. **Access Request Method**

   * Check whether the request is `GET`, `POST`, `PUT`, etc.
   * Example: `request.method`

2. **Retrieve Query Parameters**

   * Access data sent in the URL using `request.args`
   * Example: `/search?query=python`

3. **Handle Form Data**

   * Access data submitted via HTML forms using `request.form`

4. **Process JSON Data**

   * Get JSON payload from API clients using `request.json`

5. **Read Request Headers**

   * Access metadata sent with the request using `request.headers`

6. **Handle File Uploads**

   * Use `request.files` to access uploaded files from forms

7. **Access Cookies**

   * Use `request.cookies` to read browser cookies

8. **Get Raw Request Body**

   * Use `request.data` to get unprocessed request content (raw binary/text)

Flask’s `request` object is essential for handling **user input and client data** in web applications and APIs. It gives you full control over what the client sends and allows the backend to respond accordingly.



## **Q.14 : How do you create a RESTful API endpoint using Flask?**

Answer:

To create a RESTful API endpoint using Flask, you define a **route** using `@app.route()` and implement the logic to **handle HTTP methods** like `GET`, `POST`, `PUT`, and `DELETE`.


### **Steps to Create a RESTful API Endpoint in Flask:**

1. **Import Required Modules**

   * Import `Flask` and `request` from the Flask package.

2. **Create Flask App Instance**

   * Initialize your Flask application with `app = Flask(__name__)`.

3. **Define an API Route**

   * Use `@app.route('/endpoint', methods=['GET', 'POST', ...])` to create the endpoint.

4. **Handle HTTP Methods**

   * Inside the function, check the method using `request.method` and return appropriate responses.

5. **Return Data in JSON Format**

   * Use Python dictionaries and `Flask` will automatically convert them to JSON.

6. **Run the App**

   * Use `app.run()` to start the Flask development server.


---


            
### 📌 **Common HTTP Methods in REST API:**

| Method   | Purpose              | Example Route |
| -------- | -------------------- | ------------- |
| `GET`    | Retrieve data        | `/users`      |
| `POST`   | Create new data      | `/users`      |
| `PUT`    | Update existing data | `/users/<id>` |
| `DELETE` | Delete data          | `/users/<id>` |

Creating a RESTful API endpoint in Flask involves defining routes, handling request methods, and returning data in structured formats like JSON. This allows client-server communication in a clean and scalable way.



## **Q.15 : What is the purpose of Flask's jsonify() function?**

Answer:


Flask’s `jsonify()` function is used to **convert Python data (like dictionaries or lists) into JSON format** and return it as a proper HTTP response.


### **Purpose of `jsonify()` – Key Points:**

1. **Converts Python Data to JSON**

   * Takes Python objects (dict, list, tuple, etc.) and converts them into a JSON-formatted HTTP response.

2. **Sets Correct Content-Type**

   * Automatically sets the `Content-Type` header to `application/json`, which is standard for APIs.

3. **Handles Unicode and Special Characters**

   * Safely encodes special characters and Unicode strings in the output.

4. **Simplifies API Development**

   * Makes it easy to return structured JSON data from API endpoints.

5. **Ensures Valid JSON Structure**

   * Avoids manual formatting errors by handling serialization internally.



### ✅ **When to Use `jsonify()`:**

* Returning API responses
* Sending structured data like messages, lists, or database results
* Replacing `return json.dumps(...)` in Flask views


`jsonify()` in Flask is used to **send Python data as a JSON response** to the client. It ensures proper formatting and headers, making it a key tool for building RESTful APIs.





## **Q.16 : Explain Flask’s url_for() function?**

Answer:


Flask’s `url_for()` function is used to **generate URLs dynamically** for view functions based on their **function names**. It ensures flexibility and avoids hardcoding URLs in your application.


### **Key Points about `url_for()`**

1. **Generates URLs from Function Names**

   * You pass the name of the view function to `url_for()` and it returns the correct route URL.

2. **Avoids Hardcoding Paths**

   * If the route path changes, `url_for()` automatically updates the link without breaking your app.

3. **Supports Dynamic Parameters**

   * You can pass arguments for dynamic URL parts (e.g., `/user/<id>`) and query parameters.

4. **Used in Python Code & Templates**

   * Commonly used in Flask views and Jinja2 HTML templates to build links and redirects.

5. **Improves Maintainability**

   * Reduces errors and makes the code cleaner, especially in large projects.



### ✅ **Example Use Case**

* Instead of writing: `/user/5`,

  Use: `url_for('user_profile', user_id=5)`

  → Safer and updates automatically if the route changes.


The `url_for()` function in Flask **dynamically builds URLs** using view function names and parameters. It helps keep your application **flexible, clean, and less error-prone**.



## **Q.17 : How does Flask handle static files (CSS, JavaScript, etc.)?**

Answer:

* Flask handles static files (like **CSS**, **JavaScript**, **images**, etc.) using a **dedicated folder named `static/`** in your project directory.
* By default, Flask serves static files from the `static` folder and makes them accessible through the `/static` path.

#### **Steps to use static files:**

1. Create a folder named `static` in your Flask project.
2. Place your files (e.g., `style.css`, `main.js`, `logo.png`) inside that folder.
3. Reference those files using the `/static/filename` path or `url_for('static', filename='...')` in templates.


####  **Example Directory Structure:**

```
my_flask_app/
│
├── app.py
├── static/
│   ├── style.css
│   ├── script.js
│   └── logo.png
```

#### **Why use `url_for()` with static files?**

* Ensures Flask builds the correct URL dynamically.
* Automatically handles file versioning or changes if needed.




## **Q.18 : What is an API specification, and how does it help in building a Flask API?**

Answer:

* An **API specification** is a **detailed blueprint** that defines how an API should behave and how clients can interact with it.
* It includes details like:

  * Available endpoints (routes)
  * HTTP methods (GET, POST, etc.)
  * Required request parameters
  * Request/response formats (JSON, XML)
  * Authentication methods
  * Expected status codes


#### **How it helps Flask API development:**

1. **Provides Clear Guidelines**

   * Clearly defines what endpoints to create, what data to accept, and what responses to return.

2. **Ensures Consistency**

   * Keeps the structure of requests and responses uniform across all API routes.

3. **Improves Team Collaboration**

   * Frontend and backend teams can work independently using the spec as a shared reference.

4. **Simplifies Debugging & Testing**

   * Helps testers and developers verify that the API works as expected based on documented behavior.

5. **Supports Auto-Documentation**

   * Tools like Swagger/OpenAPI can generate interactive API docs directly from the spec.

6. **Saves Development Time**

   * Reduces guesswork and repeated discussions, speeding up backend development.

7. **Enhances API Reliability**

   * Reduces chances of errors, mismatches, or missing information in the API.

8. **Useful for Validation and Security**

   * Helps ensure that data formats, types, and access methods are properly handled.







## **Q.19 : What are HTTP status codes, and why are they important in a Flask API?**

Answer:

### **What Are HTTP Status Codes?**

* HTTP status codes are **3-digit numbers** sent by the server in response to a client’s request.
* They indicate **whether the request was successful**, caused an error, or requires further action.
* Used in **every HTTP interaction** — websites, REST APIs, web services, etc.

---

### **Why Are HTTP Status Codes Important in Flask APIs?**

1. **Communicate Request Outcome**

   * Tell the client if a request was successful, failed, or needs correction (e.g., 200 OK, 404 Not Found).

2. **Enable Error Handling**

   * Help frontend or API clients show proper messages or actions when something goes wrong.

3. **Support RESTful Design Principles**

   * REST APIs depend on proper use of status codes to follow standard API practices.

4. **Improve Developer Experience**

   * Make it easier for developers to understand how the API is behaving and debug faster.

5. **Assist in Automation & Testing**

   * Tools like Postman, curl, or automated test cases rely on status codes to validate responses.

6. **Provide Feedback to Users or Clients**

   * Users get meaningful feedback (like “Unauthorized” or “Server Error”) rather than generic messages.


HTTP status codes are like **traffic signals** for the client–server communication.
They are **essential for building clear, reliable, and user-friendly APIs** in Flask.





## **Categories of HTTP Status Codes**

HTTP status codes are grouped into **5 main categories** based on the first digit of the 3-digit code:

| Category | Code Range | Meaning                                                             |
| -------- | ---------- | ------------------------------------------------------------------- |
| **1xx**  | 100–199    | **Informational** – Request received, continue processing.          |
| **2xx**  | 200–299    | **Success** – The request was successfully received and processed.  |
| **3xx**  | 300–399    | **Redirection** – Further action is needed to complete the request. |
| **4xx**  | 400–499    | **Client Errors** – The request is invalid or cannot be processed.  |
| **5xx**  | 500–599    | **Server Errors** – The server failed to process a valid request.   |







## **Common HTTP Status Codes in Flask APIs**

| Code    | Category | Meaning               | When to Use in Flask API                                                    |
| ------- | -------- | --------------------- | --------------------------------------------------------------------------- |
| **200** | 2xx      | OK                    | When the request is successful and data is returned.                        |
| **201** | 2xx      | Created               | When a new resource is successfully created (e.g., after a POST).           |
| **204** | 2xx      | No Content            | When the request is successful but there’s no content to return.            |
| **400** | 4xx      | Bad Request           | When the client sends invalid data or parameters.                           |
| **401** | 4xx      | Unauthorized          | When authentication is required and has failed or is missing.               |
| **403** | 4xx      | Forbidden             | When the client is authenticated but not authorized to access the resource. |
| **404** | 4xx      | Not Found             | When the requested resource does not exist.                                 |
| **405** | 4xx      | Method Not Allowed    | When the HTTP method used is not allowed for the endpoint.                  |
| **500** | 5xx      | Internal Server Error | When the server encounters an unexpected error.                             |
| **503** | 5xx      | Service Unavailable   | When the server is temporarily unavailable (e.g., maintenance).             |

## **Q.20 : How do you handle POST requests in Flask?**

Answer:


In Flask, **POST requests** are handled to **receive and process data sent by the client**, such as form data or JSON. You define a route with the `POST` method and use the `request` object to access incoming data.



###   **Steps to Handle POST Requests in Flask:**

1. **Define a Route with POST Method**

   * Use `@app.route('/submit', methods=['POST'])` to create a POST endpoint.

2. **Use `request` Object to Access Data**

   * Flask provides the `request` object to get data from:

     * `request.form` → For HTML form data
     * `request.json` → For JSON data
     * `request.data` → For raw binary/text data

3. **Validate the Input**

   * Check for required fields or validate data types before processing.

4. **Process and Store Data**

   * Use the data to update databases, perform calculations, or trigger actions.

5. **Return a Response**

   * Send a confirmation message or result using `jsonify()` and appropriate status code (e.g., `201 Created`).



### ✅ **Why POST is Used in APIs:**

* To **create** new resources (e.g., user registration, form submission)
* To **send** sensitive or large data that shouldn’t appear in the URL
* To **secure** data transmission (used with HTTPS)




## **Q.21 : How would you secure a Flask API?**

*Answer:*


* Use **HTTPS** to encrypt data transfer.
* Implement **Authentication** (JWT, OAuth2, API Keys).
* Enable **Authorization** to restrict access to specific users/roles.
* Apply **Input Validation** to prevent injections (SQL/XSS).
* Add **Rate Limiting** to prevent abuse (e.g., `Flask-Limiter`).
* Use **CORS** to control which domains can access your API.
* Set **Strong Secret Keys** for sessions and tokens.
* **Hide sensitive data** in responses and logs.
* Return **generic error messages**, not stack traces.
* Use security extensions: `Flask-JWT-Extended`, `Flask-CORS`, `Flask-Talisman`.


## **Q.22 : What is the significance of the Flask-RESTful extension?**

*Answer:*

* **Flask-RESTful** is an extension for Flask that simplifies the creation of **REST APIs**.
* It provides a clean and structured way to define API resources using **class-based views**.

#### **Key Significance:**

* Makes APIs **more organized** using `Resource` classes.
* Supports **multiple HTTP methods** (`GET`, `POST`, etc.) in a single class.
* Simplifies **request parsing** using `reqparse`.
* Helps in building **scalable and modular APIs**.
* Integrates well with **Flask and Flask-SQLAlchemy**.

## **Q.23 : What is the role of Flask’s session object?**

*Answer:*

Flask’s `session` object is used to **store information about a user across multiple requests**. It allows temporary data (like login info) to persist between page visits.


### **Key Features of Flask’s `session` Object:**

1. **Stores User-Specific Data**

   * Stores small pieces of data like username, user ID, or shopping cart contents during a user’s visit.

2. **Works Across Multiple Requests**

   * Keeps data available across pages, even if the user moves between different routes.

3. **Backed by Secure Cookies**

   * Flask stores session data on the client side in a cookie, but it’s **signed** to prevent tampering.

4. **Session is Temporary**

   * The data is stored temporarily and is cleared when the user closes the browser (unless customized).

5. **Modifiable Like a Dictionary**

   * The `session` object works like a Python dictionary: `session['key'] = value`.

6. **Requires Secret Key**

   * Flask needs a `SECRET_KEY` to securely sign session data and prevent tampering.

7. **Useful for Login Systems**

   * Commonly used to remember whether a user is logged in or not.

#### **Common Use Cases:**

* User login sessions
* Flash messaging
* Storing temporary data like selected items




#Practical Questions


**Q.1 :  How do you create a basic Flask application**

In [None]:
# Step 1: Import Flask
from flask import Flask

# Step 2: Create a Flask app instance
app = Flask(__name__)

# Step 3: Define a route and associate it with a function
@app.route('/')
def home():
    return "Hello, this is a basic Flask app!"  # Output shown when visiting http://localhost:5000/

# Step 4: Run the app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# When the server runs, open http://127.0.0.1:5000 in browser
# You'll see: Hello, this is a basic Flask app!


**Q.2 :  How do you serve static files like images or CSS in Flask**

In [None]:
# Import necessary modules
from flask import Flask, url_for

# Create Flask app instance
app = Flask(__name__)

# Define a route for home page
@app.route('/')
def home():
    # Generate URL for static CSS file
    css_url = url_for('static', filename='style.css')
    # Generate URL for static image file
    image_url = url_for('static', filename='logo.png')

    # Return HTML that uses the static CSS and image
    return f'''
    <html>
        <head>
            <title>Static File Demo</title>
            <!-- Link to CSS file inside static folder -->
            <link rel="stylesheet" type="text/css" href="{css_url}">
        </head>
        <body>
            <h1>Serving Static Files in Flask</h1>
            <!-- Display image from static folder -->
            <img src="{image_url}" alt="Logo" width="200">
        </body>
    </html>
    '''

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# Visiting http://127.0.0.1:5000 will show a styled page with a heading and an image loaded from the 'static' folder


In [None]:
#project Structure
my_project/
├── app.py
├── static/
│   ├── style.css
│   └── logo.png


In [None]:
# Sample style.css (inside static folder):
body {
    background-color: #f5f5f5;
    font-family: Arial, sans-serif;
    text-align: center;
}

h1 {
    color: #4CAF50;
}


**Q.3 :  How do you define different routes with different HTTP methods in Flask**

In [None]:
# Import necessary modules
from flask import Flask, request, jsonify

# Initialize Flask app
app = Flask(__name__)

# Route that accepts only GET requests
@app.route('/get-example', methods=['GET'])
def get_example():
    return jsonify({"message": "This is a GET request"})

# Route that accepts only POST requests
@app.route('/post-example', methods=['POST'])
def post_example():
    # Get JSON data from the request body
    data = request.get_json()
    return jsonify({"received": data}), 201  # HTTP 201 = Created

# Route that supports both GET and POST methods
@app.route('/multi-method', methods=['GET', 'POST'])
def multi_method():
    if request.method == 'GET':
        return jsonify({"method": "GET", "message": "You used GET method"})
    elif request.method == 'POST':
        posted_data = request.get_json()
        return jsonify({"method": "POST", "received_data": posted_data})

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# 1. GET /get-example → {"message": "This is a GET request"}
# 2. POST /post-example with JSON → {"received": {"key": "value"}}
# 3. GET or POST /multi-method → responds accordingly


In [None]:
#Test Example for POST (use Postman or curl):
POST http://127.0.0.1:5000/post-example
Content-Type: application/json
Body:
{
  "username": "student",
  "score": 99
}


In [None]:
#Response:
 {
  "received": {
    "username": "student",
    "score": 99
  }
}


**Q.4 :  How do you render HTML templates in Flask**

 **Steps:**

1. Create a folder named `templates/` in your Flask project directory.
2. Add your HTML file (e.g., `index.html`) inside the `templates/` folder.
3. Use `render_template()` in your Flask route to render the HTML file and pass data.



### ✅ Summary:

| Step | Description                                     |
| ---- | ----------------------------------------------- |
| 1️⃣  | Place all HTML files in the `templates/` folder |
| 2️⃣  | Use `render_template('file.html', key=value)`   |
| 3️⃣  | Access that value inside HTML using `{{ key }}` |



In [None]:
# Import Flask and render_template
from flask import Flask, render_template

# Create Flask application
app = Flask(__name__)

# Define route to render the HTML template
@app.route('/')
def home():
    # Pass 'name' variable to the template
    return render_template('index.html', name='Alice')

# Run the app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# Visiting http://127.0.0.1:5000/ will display:
# Hello, Alice!


In [None]:
### HTML Template (templates/index.html):
html
<!DOCTYPE html>
<html>
<head>
    <title>Home</title>
</head>
<body>
    <h1>Hello, {{ name }}!</h1>  <!-- This renders the value passed from Flask -->
</body>
</html>

**Q.5 :  How can you generate URLs for routes in Flask using url_for**

In [None]:
from flask import Flask, url_for, redirect

# Initialize Flask application
app = Flask(__name__)

# Simple route
@app.route('/about')
def about():
    return "This is the About page."  # Output: This is the About page.

# Route that redirects to another using url_for
@app.route('/go-to-about')
def go_to_about():
    # url_for dynamically generates the URL for 'about' route
    return redirect(url_for('about'))

# Route with dynamic parameter
@app.route('/hello/<name>')
def hello(name):
    return f"Hello, {name}!"  # Output: Hello, John!

# Route that uses url_for to create a link to a dynamic route
@app.route('/')
def index():
    # Generate a URL for the hello() route with name='John'
    hello_url = url_for('hello', name='John')
    return f'<a href="{hello_url}">Go to Hello Page</a>'

# Run the app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# 1. Visit /go-to-about → Redirects to /about
# 2. Visit /           → Shows link: Go to Hello Page
# 3. Click link        → Goes to /hello/John and shows: Hello, John!


**Q.6 :  How do you handle forms in Flask**

In [None]:
from flask import Flask, request, render_template_string

# Initialize the Flask application
app = Flask(__name__)

# HTML form template (inline using render_template_string)
form_html = '''
<!DOCTYPE html>
<html>
<head>
    <title>Flask Form Example</title>
</head>
<body>
    <h2>Enter your name:</h2>
    <form method="POST">
        <input type="text" name="username" placeholder="Your Name">
        <input type="submit" value="Submit">
    </form>
    {% if name %}
        <h3>Hello, {{ name }}!</h3>
    {% endif %}
</body>
</html>
'''

@app.route('/form', methods=['GET', 'POST'])
def form_example():
    name = None  # Initialize name to None
    if request.method == 'POST':
        # Access form data using request.form
        name = request.form.get('username')
    return render_template_string(form_html, name=name)

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# 1. Visit http://127.0.0.1:5000/form
# 2. Fill the form with a name and submit
# 3. You’ll see: Hello, [your_name]!


**Q.7 : How can you validate form data in Flask**

In [None]:
from flask import Flask, render_template_string, request
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField
from wtforms.validators import DataRequired, Email, Length

# Initialize app and secret key for form security
app = Flask(__name__)
app.secret_key = 'your_secret_key'  # Required for CSRF protection

# Define the form class with validation rules
class LoginForm(FlaskForm):
    email = StringField('Email', validators=[DataRequired(), Email()])
    password = PasswordField('Password', validators=[DataRequired(), Length(min=6)])

# Inline template string for rendering the form
form_template = '''
<form method="POST">
    {{ form.hidden_tag() }}
    {{ form.email.label }} {{ form.email(size=32) }}<br>
    {{ form.password.label }} {{ form.password(size=32) }}<br>
    <input type="submit" value="Login">
</form>
{% for field, errors in form.errors.items() %}
    {% for error in errors %}
        <p style="color:red;">{{ error }}</p>
    {% endfor %}
{% endfor %}
'''

@app.route('/login', methods=['GET', 'POST'])
def login():
    form = LoginForm()
    if form.validate_on_submit():
        return "Login successful!"
    return render_template_string(form_template, form=form)

if __name__ == '__main__':
    app.run(debug=True)

# Output:
# - Displays validation errors if input is invalid
# - Shows 'Login successful!' if all data is valid


**Q.8 :  How do you manage sessions in Flask**

In [None]:
from flask import Flask, session, redirect, url_for, request, render_template_string

# Initialize Flask app
app = Flask(__name__)
app.secret_key = 'mysecretkey'  # Required to use session securely

# Inline HTML form template
login_form = '''
<!DOCTYPE html>
<html>
<head><title>Login</title></head>
<body>
    <h2>Login Form</h2>
    <form method="POST">
        Name: <input type="text" name="username"><br><br>
        Age: <input type="number" name="age"><br><br>
        <input type="submit" value="Login">
    </form>
</body>
</html>
'''

@app.route('/')
def home():
    # Check if user is logged in using session
    if 'username' in session:
        return f'''
            <h2>Welcome, {session["username"]}!</h2>
            <p>Your age is {session["age"]}</p>
            <a href="/logout">Logout</a>
        '''
    return '''
        <h2>You are not logged in.</h2>
        <a href="/login">Login Here</a>
    '''

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        # Store form data in session variables
        session['username'] = request.form['username']
        session['age'] = request.form['age']
        return redirect(url_for('home'))
    return render_template_string(login_form)

@app.route('/logout')
def logout():
    # Remove session data to log out user
    session.pop('username', None)
    session.pop('age', None)
    return redirect(url_for('home'))

if __name__ == '__main__':
    app.run(debug=True)

# Output:
# 1. Visiting /login shows a login form.
# 2. After submitting, you're redirected to home and greeted.
# 3. Logout clears session data and returns to login link.

**Q.9 :  How do you redirect to a different route in Flask**

In [None]:
from flask import Flask, redirect, url_for

# Initialize Flask app
app = Flask(__name__)

# Home route
@app.route('/')
def home():
    return 'Welcome to the Home Page!'  # Output when user lands on '/'

# About route
@app.route('/about')
def about():
    return 'This is the About Page.'  # Output when redirected to '/about'

# Route that redirects to the 'about' page
@app.route('/go-to-about')
def go_to_about():
    # Use url_for() to generate the URL and redirect to it
    return redirect(url_for('about'))

# Run the app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# 1. Visiting /go-to-about → Redirects to /about
# 2. Visiting /about → Displays "This is the About Page."
# 3. Visiting / → Shows Home Page message


**Q.10 :  How do you handle errors in Flask (e.g., 404)**

In [None]:
from flask import Flask

# Initialize Flask app
app = Flask(__name__)

# Home route
@app.route('/')
def home():
    return "Welcome to the Home Page!"  # Output when visiting '/'

# Custom error handler for 404 Not Found
@app.errorhandler(404)
def page_not_found(e):
    # Return a custom message and the 404 status code
    return "Oops! Page not found (404).", 404

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# 1. Visiting / → "Welcome to the Home Page!"
# 2. Visiting /unknown → "Oops! Page not found (404)."


**Q.11 :  How do you structure a Flask app using Blueprints**

In [None]:
# user_routes.py
from flask import Blueprint

# Create a Blueprint object
user_bp = Blueprint('user', __name__)

# Define routes under this blueprint
@user_bp.route('/profile')
def profile():
    return "This is the user profile page."  # Output: Page under /user/profile


In [None]:
# app.py
from flask import Flask
from user_routes import user_bp  # Import the blueprint

app = Flask(__name__)

# Register the blueprint with a URL prefix
app.register_blueprint(user_bp, url_prefix='/user')

# Main route
@app.route('/')
def home():
    return "Welcome to the main page."

if __name__ == '__main__':
    app.run(debug=True)

# Output:
# - Visiting / → "Welcome to the main page."
# - Visiting /user/profile → "This is the user profile page."


In [None]:
project/
├── app.py
└── user_routes.py


**Q.12 :  How do you define a custom Jinja filter in Flask**

In [None]:
from flask import Flask, render_template_string

# Initialize Flask app
app = Flask(__name__)

# Step 1: Define a custom Jinja filter function
def reverse_string(s):
    return s[::-1]  # Reverses the input string

# Step 2: Register the custom filter with Flask's Jinja environment
app.jinja_env.filters['reverse'] = reverse_string

# Step 3: Use the custom filter in a route with render_template_string
@app.route('/')
def home():
    return render_template_string("Original: 'hello' → Reversed: {{ 'hello' | reverse }}")

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# When you visit http://127.0.0.1:5000/
# You will see: Original: 'hello' → Reversed: olleh


**Q.13 :  How can you redirect with query parameters in Flask**

In [None]:
from flask import Flask, redirect, url_for, request

# Initialize Flask app
app = Flask(__name__)

# Route to handle the search page and extract query parameter
@app.route('/search')
def search():
    query = request.args.get('q')  # Get query parameter 'q' from URL
    if query:
        return f"Search results for: {query}"
    return "No search query provided."

# Route to redirect to /search with a query parameter
@app.route('/go-search')
def go_search():
    # url_for can add query parameters using keyword arguments
    return redirect(url_for('search', q='flask'))

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# Visiting /go-search → redirects to /search?q=flask
# Visiting /search?q=flask → shows: "Search results for: flask"


**Q.14 :  How do you return JSON responses in Flask**

In [None]:
from flask import Flask, jsonify

# Initialize Flask app
app = Flask(__name__)

# Route that returns JSON data
@app.route('/data')
def data():
    # Define a Python dictionary
    info = {
        "name": "Alice",
        "age": 25,
        "city": "New York"
    }

    # Use jsonify() to convert it into a proper JSON HTTP response
    return jsonify(info)

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

# Output:
# Visiting http://127.0.0.1:5000/data will return:
# {
#   "name": "Alice",
#   "age": 25,
#   "city": "New York"
# }


**Q.15 :  How do you capture URL parameters in Flask**

In [None]:
from flask import Flask

# Initialize Flask app
app = Flask(__name__)

# Route that captures a string from the URL
@app.route('/user/<username>')
def show_user(username):
    # Returns a greeting using the captured username
    return f"Hello, {username}!"  # Example: /user/John → Hello, John!

# Route that captures an integer from the URL
@app.route('/post/<int:post_id>')
def show_post(post_id):
    # Displays the post number
    return f"Showing post number {post_id}"  # Example: /post/5 → Showing post number 5

# Run the app
if __name__ == '__main__':
    app.run(debug=True)
