# Theory Question

# 1. What is a RESTful API?

  > A RESTful API (short for Representational State Transfer API) is a way for computer systems to communicate over the internet using standard HTTP methods—kind of like how you and I are chatting using a shared language. It's widely used because it's simple, scalable, and works well with web technologies.

# 2.Explain the concept of API specification.

  > API Specification is a formal, structured document or description that defines how an application programming interface (API) should behave. It outlines the rules for how clients can interact with the API, detailing available endpoints, data formats, request/response patterns, authentication methods, error messages, and usage limits.

# 3. What is Flask, and why is it popular for building APIs.

  > Flask is a lightweight and flexible web framework written in Python that allows developers to build web applications and APIs quickly and efficiently. It follows a minimalist design philosophy, giving users the freedom to structure their projects and add components as needed.

  > Its popularity for building APIs stems from its simplicity, modularity, and extensive support for extensions, making it ideal for both small-scale and large-scale applications.

# 4. What is routing in Flask?

  > Routing in Flask is the process of mapping URLs to specific functions in a web application. It allows the application to respond to user requests by executing predefined logic based on the URL path.

# 5. How do you create a simple Flask application?

  > Creating a simple Flask application involves initializing a Python script, importing the Flask library, and defining routes to handle web requests. The core structure includes setting up an instance of the Flask class and creating view functions mapped to specific URLs using decorators like @app.route().

# 6. What are HTTP methods used in RESTful APIs?

  > HTTP Methods in RESTful APIs are standardized request types that define the action to be performed on a resource identified by a URL. Each method corresponds to a specific operation, enabling structured and predictable interactions between clients and servers.

  > The core methods include:

  > GET – Retrieves data from the server without modifying it.

  > POST – Submits new data to the server, often creating a new resource.

  > PUT – Updates an existing resource with new data.

  > PATCH – Partially updates an existing resource.

  > DELETE – Removes the specified resource from the server.

  > These methods allow RESTful APIs to support CRUD operations (Create, Read, Update, Delete) in a stateless and resource-oriented manner.

# 7. What is the purpose of the @app.route() decorator in Flask?

  > The @app.route() decorator in Flask is used to associate a specific URL path with a view function that handles requests sent to that path. It defines the routing logic for the application, telling Flask what code to execute when users access certain URLs.

# 8. What is the difference between GET and POST HTTP methods?

  > GET and POST are two fundamental HTTP methods used in RESTful APIs, each serving a distinct purpose:

  > GET is used to retrieve data from a server. It appends parameters in the URL and does not alter the server's state. This method is considered safe and idempotent, meaning multiple identical requests yield the same result.

  > POST is used to submit data to a server, typically resulting in the creation or modification of resources. It sends data in the request body and may change the server's state. Unlike GET, POST is not idempotent.

# 9. How do you handle errors in Flask APIs?

  > Error handling in Flask APIs involves defining custom responses for various error conditions to ensure clear communication between the server and the client. It enhances API reliability and user experience by returning appropriate HTTP status codes and descriptive messages when something goes wrong.

  > Flask handles errors using built-in mechanisms like try-except blocks, the abort() function for generating specific errors, and the @app.errorhandler() decorator to define custom error-handling logic for exceptions or status codes.

# 10.How do you connect Flask to a SQL database.

  > Connecting Flask to a SQL database involves configuring a database engine and integrating it with your Flask application using a library like SQLAlchemy or Flask-SQLAlchemy, which provide powerful and flexible tools for database access.

  > The typical setup includes:

  > Installing the required libraries (Flask-SQLAlchemy)

  > Initializing the SQLAlchemy extension with your Flask app

  > Setting the database URI (like for SQLite, PostgreSQL, or MySQL) in the app config

  > Defining data models using Python classes (which map to SQL tables)

  > Creating and managing the database using SQLAlchemy commands

  > This integration allows Flask to perform CRUD operations on a relational database using Python code, streamlining the development of data-driven applications.

# 11. What is the role of Flask-SQLAlchemy.

  > Flask-SQLAlchemy is an extension for the Flask framework that integrates SQLAlchemy—a powerful Object Relational Mapper (ORM)—into Flask applications. It simplifies the process of working with relational databases by allowing developers to interact with database tables as Python classes and objects.

  > Its role is to provide a high-level, Pythonic interface for performing database operations, such as creating tables, querying data, updating records, and managing relationships, all while adhering to Flask's configuration patterns and application structure.

# 12. What are Flask blueprints, and how are they useful.

  > Definition of Flask Blueprints Flask Blueprints are a feature in the Flask web framework that enable the organization of application functionality into modular, reusable components. They allow developers to define application routes, views, templates, and static files in isolated units that can be registered to the main Flask app.

  > Why They're Useful

  > Promote clean and maintainable architecture

  > Simplify code management for large applications

  > Facilitate team collaboration by segmenting features

  > Enable reuse of code across projects

# 13. What is the purpose of Flask's request object?

  > Flask's request object serves as the gateway to all incoming data from the client in a Flask web application. It's how your app knows what the user sent—whether it’s a form submission, URL parameters, headers, or JSON data.

  >Key Purposes of the request Object
  > Access Form Data: request.form gets data sent via POST forms.

  > Retrieve Query Parameters: request.args pulls data from URLs like ?name=Alex.

  > Handle JSON Payloads: request.get_json() extracts JSON sent in the request body.

  > Check Request Method: request.method tells you if it was a GET, POST, etc.

  > Inspect Headers and Cookies: request.headers, request.cookies give you extra control.

  > File Uploads: request.files manages files sent through HTML forms.

# 14. How do you create a RESTful API endpoint using Flask?

  > Creating a RESTful API Endpoint Using Flask To create a RESTful API endpoint in Flask, you set up routes that respond to HTTP methods like GET, POST, PUT, and DELETE. Each route corresponds to a resource or an action on that resource, and the data exchanged is typically in JSON format.

# 15. What is the purpose of Flask's jsonify() function?

  > jsonify() is a built-in Flask helper function used to create a valid JSON response from Python dictionaries, lists, or other serializable objects. It's especially useful in RESTful APIs where client-server communication relies on exchanging structured data.

# 16. Explain Flask's url_for() function.

  > url_for() is a built-in Flask function used to dynamically build URLs for routes defined in your application. Instead of hardcoding links, you use url_for() to generate them based on the name of a view function, making your code more robust and maintainable.

  > Why It's Useful
  > Avoids hardcoding URLs: auto-generates links even if the route changes later

  > Handles dynamic segments (like IDs or usernames) with ease

  > Plays nicely with templates and redirects

  > Makes apps easier to scale and refactor

# 17. How does Flask handle static files (CSS, JavaScript, etc.)?

  > Static File Handling in Flask Flask handles static files (such as CSS, JavaScript, and images) by serving them from a dedicated directory named static, allowing web applications to include front-end assets efficiently. These files are delivered to the client without any modification or processing by Flask, making them essential for styling and interactivity in web pages.

# 18. What is an API specification, and how does it help in building a Flask API?

  > API Specification An API specification is a formal document or blueprint that outlines how an API behaves. It defines the available endpoints, request formats, response structures, authentication methods, error codes, and other essential details needed to interact with the API—essentially acting as a contract between client and server.

  > How It Helps in Building a Flask API

  > Clarity & Consistency: Ensures developers know exactly what each route should do, what data it expects, and what it returns.

  > Faster Development: Teams can build the frontend and backend independently based on the shared specification.

  > Documentation & Testing: Tools like Swagger or Postman use specs (like OpenAPI) to auto-generate docs and test environments.

  > Error Reduction: Prevents mismatched expectations between client and server, reducing bugs.

  . Scalability: Makes it easier to maintain and update the API as it grows.

# 19. What are HTTP status codes, and why are they important in a Flask API?

  > HTTP status codes are standardized numerical responses sent by a server to indicate the outcome of a client's request. Each code communicates specific information about what happened—whether the request was successful, redirected, resulted in an error, or failed due to server issues.

  > Importance in a Flask API

  > In Flask, using the correct HTTP status code helps both developers and client applications understand how the API is behaving. Here's why they're crucial:

  > Clarify Response Outcomes: Codes like 200 OK confirm success, while 404 Not Found tells the client the resource doesn't exist.

  > Signal Errors: Status codes like 400 Bad Request or 500 Internal Server Error guide debugging and error handling.

  > Control Flow: Codes like 301 Moved Permanently or 401 Unauthorized help manage authentication, redirects, and access permissions.

  > Improve Client-Side Logic: APIs often use status codes to trigger specific behaviors in front-end apps (e.g., retry on failure, redirect to login).

  > Enhance Testing & Monitoring: They're essential for validating API responses and tracking performance or issues.

# 20. How do you handle POST requests in Flask?

  > To handle POST requests in Flask, you define a route with the methods=['POST'] argument and then use Flask's request object to access the data sent by the client—typically form data or JSON payloads.

# 21. How would you secure a Flask API.

  >  Securing a Flask API involves implementing authentication, authorization, data validation, and network-level protections to ensure that only trusted users and systems can access or manipulate API resources. The goal is to prevent unauthorized access, protect sensitive data, and safeguard against common security vulnerabilities.

  > Key Security Measures Include

  > Authentication & Authorization: Use tokens (e.g., JWT) to verify user identity and manage access control

  > Input Validation: Sanitize and validate data to prevent attacks such as SQL injection and XSS

  > HTTPS Encryption: Transmit data securely using SSL/TLS protocols

  > Rate Limiting: Control traffic to prevent abuse or brute-force attacks

  > CORS Management: Configure cross-origin access policies for frontend communication

  > Secure Configuration: Protect credentials via environment variables and limit exposure of internal errors

# 22. What is the significance of the Flask-RESTful extension.

  > Flask-RESTful is a powerful extension that streamlines the development of RESTful APIs within Flask applications. It abstracts common patterns and boilerplate code, allowing developers to build cleaner, more organized API logic using class-based views.

# 23. What is the role of Flask's session object?

  > Flask's session object provides a way to store data specific to a user across multiple requests. It's used to maintain state in an otherwise stateless HTTP protocol, allowing things like login status, preferences, or temporary data to persist as a user navigates your web app.

# Practical Queation

In [1]:
# 1. How do you create a basic Flask application?

from flask import Flask

app = Flask(__name__)

@app.route('/')
def hello():
    return 'Hello, Flask!'

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [2]:
# 2. How do you serve static files like images or CSS in Flask?

from flask import Flask, send_from_directory

app = Flask(__name__)

@app.route('/static/<path:filename>')
def serve_static(filename):
    return send_from_directory('static', filename)

In [3]:
# 3. How do you define different routes with different HTTP methods in Flask?

from flask import Flask, request

app = Flask(__name__)

# Route for GET requests
@app.route('/get-example', methods=['GET'])
def get_example():
    return 'This is a GET request!'

# Route for POST requests
@app.route('/post-example', methods=['POST'])
def post_example():
    data = request.form.get('data')
    return f'Received POST data: {data}'

# Route for both GET and POST
@app.route('/multi-method', methods=['GET', 'POST'])
def multi_example():
    if request.method == 'GET':
        return 'Handling GET method.'
    elif request.method == 'POST':
        return 'Handling POST method.'

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [4]:
# 4. How do you render HTML templates in Flask?

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [5]:
# 5. How can you generate URLs for routes in Flask using url_for?

from flask import Flask, url_for

app = Flask(__name__)

@app.route('/about')
def about():
    return 'About Page'

@app.route('/')
def home():
    # Generate URL for 'about' route
    return f"Go to the About Page: {url_for('about')}"


In [6]:
# 6. How do you handle forms in Flask?

from flask import Flask, render_template, request

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('form.html')

In [8]:
# 7. How can you validate form data in Flask?

from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def form():
    error = None
    if request.method == 'POST':
        username = request.form.get('username')
        message = request.form.get('message')

        # Basic Validation
        if not username or not message:
            error = "All fields are required."
        elif len(username) < 3:
            error = "Username must be at least 3 characters."
        else:
            return f"Thanks, {username}! Message received."

    return render_template('form.html', error=error)

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [9]:
# 8. How do you manage sessions in Flask?

from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'supersecretkey'  # Needed for sessions

@app.route('/')
def home():
    user = session.get('user')
    return f"Welcome, {user}!" if user else "You're not logged in."

@app.route('/login', methods=['POST'])
def login():
    username = request.form.get('username')
    if username:
        session['user'] = username
    return redirect(url_for('home'))

@app.route('/logout')
def logout():
    session.pop('user', None)
    return redirect(url_for('home'))

@app.route('/form')
def form():
    return '''
        <form action="/login" method="post">
            <input name="username" placeholder="Enter your name">
            <input type="submit" value="Login">
        </form>
    '''

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [10]:
# 9. How do you redirect to a different route in Flask?

from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/old-route')
def old_route():
    # Redirects to the 'new_route' function
    return redirect(url_for('new_route'))

@app.route('/new-route')
def new_route():
    return "This is the new route!"

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [11]:
# 10. How do you handle errors in Flask (e.g., 404)?

from flask import Flask, render_template

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(error):
    return render_template('404.html'), 404

# Example route
@app.route('/')
def index():
    return "Hello, world!"

# You would need a 'templates' folder with a '404.html' file for this to work fully.
# A simple 404.html could look like this:
# <h1>Page Not Found</h1>
# <p>The page you requested could not be found.</p>

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [12]:
# 11. How do you structure a Flask app using Blueprints?

from flask import Flask, Blueprint

# Create a Blueprint
simple_page = Blueprint('simple_page', __name__,
                        template_folder='templates')

# Define a route within the Blueprint
@simple_page.route('/')
def index():
    return "This is the index page of the Blueprint."

# Create the main Flask application
app = Flask(__name__)

# Register the Blueprint with the main app
app.register_blueprint(simple_page)

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [14]:
# 12. How do you define a custom Jinja filter in Flask?

from flask import Flask, render_template_string

app = Flask(__name__)

# Define a custom filter
def reverse_string(s):
    return s[::-1]

# Register the filter
app.jinja_env.filters['reverse'] = reverse_string

@app.route('/')
def index():
    template = '''
    <p>Original: Hello World</p>
    <p>Reversed: {{ "Hello World" | reverse }}</p>
    '''
    return render_template_string(template)

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [18]:
# 13. How can you redirect with query parameters in Flask?

from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/original')
def original_route():
    # Redirect to 'destination_route' with query parameters
    return redirect(url_for('destination_route', param1='value1', param2='value2'))

@app.route('/destination')
def destination_route():
    # You can access query parameters using request.args
    from flask import request
    param1 = request.args.get('param1')
    param2 = request.args.get('param2')
    return f"Reached destination with param1: {param1} and param2: {param2}"

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [16]:
# 14. How do you return JSON responses in Flask?

from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/json')
def json_example():
    data = {
        'name': 'Flask',
        'version': '1.0',
        'is_web_framework': True
    }
    return jsonify(data)

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [17]:
# 15. How do you capture URL parameters in Flask?

from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user_profile(username):
    # show the user profile for that user
    return f'User {username}'

@app.route('/post/<int:post_id>')
def show_post(post_id):
    # show the post with the given id, the id is an integer
    return f'Post {post_id}'

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat
