# Theory Questions

## 1. What is a RESTful API?

A RESTful API (Representational State Transfer) is an architectural style for designing networked applications. It uses standard HTTP methods like GET, POST, PUT, DELETE to perform CRUD operations on resources, which are identified by URIs (Uniform Resource Identifiers). REST is stateless, meaning each API call must contain all necessary information. It supports various data formats like JSON or XML, though JSON is most common.

---

## 2. Explain the concept of API Specification

An API specification defines how clients can interact with an API. It includes details like:
- Available endpoints (`/users`, `/products`, etc.)
- HTTP methods (`GET`, `POST`, `PUT`, `DELETE`)
- Expected input parameters and body
- Response format (e.g., JSON, status codes)
- Error codes and messages

A common specification format is **OpenAPI (formerly Swagger)**, which provides a machine-readable JSON/YAML description of the API and can be used to auto-generate documentation and client/server code.

---

## 3. What is Flask, and why is it popular for building APIs?

Flask is a lightweight Python web framework based on Werkzeug and Jinja2. It's popular for API development because:
- It’s minimal and easy to learn
- Highly customizable
- Has many useful extensions like Flask-SQLAlchemy, Flask-Login
- Supports quick prototyping
- Large community support

Flask is perfect for microservices and small-to-medium applications that don’t require the overhead of a full-stack framework like Django.

---

## 4. What is routing in Flask?

Routing in Flask refers to mapping a specific URL to a Python function (called a view). When a client makes a request to that URL, Flask executes the corresponding function and returns a response. This is done using the `@app.route()` decorator.

```python
@app.route("/hello")
def hello():
    return "Hello, World!"
```
This means any request to /hello will invoke the hello() function.

---
## 5. How do you create a simple Flask application?
```python
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to Flask API!"

if __name__ == '__main__':
    app.run(debug=True)
```
- Flask(__name__): Creates a Flask application instance.

- @app.route('/'): Binds the URL / to the home() function.

- app.run(): Starts the server.

---
## 6. What are HTTP methods used in RESTful APIs?
RESTful APIs use standard HTTP methods:

- GET: Retrieve data from server.

- POST: Send new data to server (e.g., add a new user).

- PUT: Update existing data.

- DELETE: Remove data from server.

- PATCH: Partially update data.

Each method has specific use cases and is often tied to CRUD operations.

---
## 7. What is the purpose of the @app.route() decorator in Flask?
The @app.route() decorator defines the URL path that a function will respond to. It's used to connect a URL endpoint with a Python function. For example:
```python
@app.route("/greet")
def greet():
    return "Hello there!"
```
Whenever a client visits /greet, the greet() function executes and returns a response. You can also specify HTTP methods like:
```python
@app.route("/submit", methods=["POST"])
```
---
##8.What is the difference between GET and POST HTTP methods?

| Feature       | GET                                | POST             |
| ------------- | ---------------------------------- | ---------------- |
| Purpose       | Retrieve data                      | Send new data    |
| Data Location | In URL query string                | In request body  |
| Safe          | Yes (does not modify server state) | No               |
| Idempotent    | Yes                                | No               |
| Use Case      | View blog post                     | Submit form data |

GET is used for fetching resources, while POST is for sending or creating data on the server.

---
## 9. How do you handle errors in Flask APIs?

Flask provides mechanisms like abort() and @app.errorhandler() to handle errors gracefully.

```python
from flask import abort

@app.route('/item/<int:id>')
def get_item(id):
    if id not in items:
        abort(404)
    return items[id]
```
Custom error handling:

```python
@app.errorhandler(404)
def not_found(error):
    return {"error": "Resource not found"}, 404
```
---

## 10.How do you connect Flask to a SQL database?
Using Flask-SQLAlchemy, you can connect Flask with databases like SQLite, PostgreSQL, MySQL.

```python
from flask_sqlalchemy import SQLAlchemy

app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///mydb.db'
db = SQLAlchemy(app)

class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100))

```
- You define models (tables) as Python classes.

- Call db.create_all() once to create tables.

---

## 11.What is the role of Flask-SQLAlchemy?
+ Flask-SQLAlchemy is an ORM (Object Relational Mapper) extension that simplifies:

  - Connecting to databases

  - Creating tables with Python classes

  - Performing CRUD operations using objects instead of SQL queries

+ Benefits:

  - Avoid writing raw SQL

  - Easier migrations

  - Integrated with Flask app lifecycle

---
## 12.What are Flask blueprints, and how are they useful?
Flask Blueprints allow structuring large Flask applications by splitting them into smaller, modular components. Each blueprint can have its own routes, templates, and static files.

```python
from flask import Blueprint

admin_bp = Blueprint('admin', __name__)

@admin_bp.route('/dashboard')
def dashboard():
    return "Admin Dashboard"

# Register blueprint
app.register_blueprint(admin_bp, url_prefix='/admin')
```
+ Benefits:

  - Clean separation of concerns

  - Better code organization in larger applications

  - Reusability across multiple projects

---
## 13.What is the purpose of Flask's request object?
The `request` object in Flask is used to handle incoming HTTP request data from clients. It gives access to data such as form inputs, query parameters, JSON payloads, cookies, file uploads, and headers.

**Common use cases:**
- `request.args` – to get query parameters
- `request.form` – to get form data from HTML forms
- `request.json` – to access JSON data in POST requests
- `request.method` – to check if the request is GET, POST, etc.

**Example:**
```python
from flask import request

@app.route('/submit', methods=['POST'])
def submit():
    data = request.json
    return f"Received: {data}"
```
This is essential for handling dynamic inputs from the client side.

---
##14.How do you create a RESTful API endpoint using Flask?

To create a RESTful API endpoint in Flask, you use the `@app.route()` decorator and specify the HTTP method(s) you want the route to handle.

**Steps:**
1. Define the route
2. Accept the appropriate HTTP method (GET, POST, etc.)
3. Process the data (from `request`)
4. Return a JSON response (typically using `jsonify`)

**Example:**
```python
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/api/data', methods=['POST'])
def api_data():
    content = request.json
    return jsonify({"message": "Received", "data": content})
```
---

## 15. What is the purpose of Flask's `jsonify()` function?

Flask’s `jsonify()` function is used to convert Python dictionaries and lists into properly formatted JSON responses.

**Why use `jsonify`:**
- Sets `Content-Type: application/json` automatically
- Handles Unicode and special characters properly
- Avoids manual `json.dumps()` and response setting

**Example:**
```python
@app.route('/info')
def info():
    return jsonify({"name": "Flask", "type": "Microframework"})
```
This ensures the response is a valid HTTP JSON response.

---

##16. Explain Flask’s `url_for()` function

`url_for()` is used to dynamically generate URLs for Flask routes using the function name of the view. This is safer than hardcoding URLs.

**Benefits:**
- Handles changes to route paths automatically
- Allows passing of parameters
- Avoids broken links in templates

**Example:**
```python
@app.route('/user/<username>')
def profile(username):
    return f"Hello, {username}!"

# Generating URL
url_for('profile', username='john')
# Output: '/user/john'
```
It ensures maintainability and reduces hardcoded URLs.


---

## 17. How does Flask handle static files (CSS, JavaScript, etc.)?

Flask serves static files (CSS, JS, images) from the `static/` folder by default.

**Access static files using:**
```html
<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">

project/
│
├── app.py
├── static/
│   └── style.css

```

---

## 18. What is an API specification, and how does it help in building a Flask API?

An API specification is a formal document that defines how an API should behave. It describes endpoints, request types, expected responses, parameters, authentication methods, and more.

**Why it's useful:**
- Serves as documentation for developers
- Helps automate client SDK generation (e.g., Swagger/OpenAPI)
- Makes the API predictable and standardized

In Flask APIs, you can use tools like `Flask-RESTful` or `Flasgger` to generate and manage specs.

---

## 19.What are HTTP status codes, and why are they important in a Flask API?

HTTP status codes indicate the result of a request. Flask APIs use them to communicate success or failure clearly to the client.

**Common codes:**
- `200 OK`: Request successful
- `201 Created`: New resource created
- `204 No Content`:server has successfully fulfilled the request, but there is no content
- `400 Bad Request`: Invalid input
- `401 Unauthorized`: Auth needed
- `404 Not Found`: Resource doesn't exist
- `500 Internal Server Error`: Server failure

**Example:**
```python
return jsonify({"error": "Not found"}), 404
```

---

### 20. How do you handle POST requests in Flask?

POST requests are used to submit data to the server. Flask handles them via `methods=['POST']` and the `request` object.

**Example:**
```python
@app.route('/submit', methods=['POST'])
def submit():
    data = request.json
    return jsonify({"status": "Data received", "data": data})

```
The above receives JSON data and returns a confirmation response. Always validate input data for security.


---

### 21. How would you secure a Flask API?

To secure a Flask API, several techniques can be used:

1. **Input Validation** – Avoid SQL injection, XSS, etc.
2. **Authentication** – Use tokens (JWT), API keys, or OAuth
3. **Authorization** – Control access to endpoints based on roles
4. **HTTPS** – Encrypt traffic
5. **Rate Limiting** – Avoid abuse with `Flask-Limiter`
6. **CORS** – Handle cross-domain issues with `Flask-CORS`

**JWT Example:**
```python
from flask_jwt_extended import JWTManager, jwt_required

@app.route('/secure-data')
@jwt_required()
def secure():
    return jsonify({"msg": "Access granted"})

```

---

### 22. What is the significance of the Flask-RESTful extension?

```markdown
Flask-RESTful is an extension that simplifies building REST APIs by providing:
- Class-based resource handling
- Built-in request parsing
- Standard error handling
- Cleaner routing structure

**Example:**
```python
from flask_restful import Resource

class Hello(Resource):
    def get(self):
        return {"message": "Hello, World"}

api.add_resource(Hello, '/hello')
```

---

### 23.What is the role of Flask’s `session` object?

Flask’s `session` object is used to store data across multiple requests from the same client, typically using cookies.

**Features:**
- Stores data securely with encryption (via secret key)
- Useful for storing login info, preferences, etc.

**Example:**
```python
from flask import session

@app.route('/login', methods=['POST'])
def login():
    session['user'] = 'John'
    return 'Logged in'
```

---



# Practical Questions

    The flask code can not run in the jupyter notebook (pls consider)

In [2]:
# 1How do you create a basic Flask application
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [None]:
# 2. How do you serve static files like images or CSS in Flask

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')  # Use <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 3. How do you define different routes with different HTTP methods in Flask
from flask import Flask, request

app = Flask(__name__)

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "POST request received"
    return "GET request received"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 4. How do you render HTML templates in Flask
# In templates folder create 'welcome.html'
# Example welcome.html: <h1>Welcome to Flask</h1>

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/welcome')
def welcome():
    return render_template('welcome.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 5. How can you generate URLs for routes in Flask using url_for

from flask import Flask, url_for, redirect

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('about'))

@app.route('/about')
def about():
    return "About Page"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 6. How do you handle forms in Flask
# Folder structure:
# - templates/
#     - form.html

# form.html:
# <form method="POST">
#     <input name="username" />
#     <input type="submit" />
# </form>

from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/form', methods=['GET', 'POST'])
def form():
    if request.method == 'POST':
        username = request.form['username']
        return f"Hello, {username}!"
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)



In [None]:
# 7.How can you validate form data in Flask
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/validate', methods=['GET', 'POST'])
def validate():
    if request.method == 'POST':
        username = request.form.get('username', '')
        if not username:
            return "Username is required!"
        elif len(username) < 3:
            return "Username too short!"
        return f"Welcome, {username}"
    return render_template('form.html')  # form.html should have <form method="POST"><input name="username"/></form>

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 8. How do you manage sessions in Flask
from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'your_secret_key'

@app.route('/login', methods=['POST', 'GET'])
def login():
    if request.method == 'POST':
        session['user'] = request.form['username']
        return redirect(url_for('profile'))
    return '''
        <form method="POST">
            <input name="username" />
            <input type="submit" />
        </form>
    '''

@app.route('/profile')
def profile():
    user = session.get('user')
    return f"Welcome {user}" if user else "Not logged in"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#  9.How do you redirect to a different route in Flask
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def index():
    return redirect(url_for('about'))

@app.route('/about')
def about():
    return "This is the about page."

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 10. How do you handle errors in Flask (e.g., 404)
from flask import Flask

app = Flask(__name__)

@app.errorhandler(404)
def not_found(e):
    return "404 Error: Page not found!", 404

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 11.How do you structure a Flask app using Blueprints
# File: app.py
from flask import Flask
from user_routes import user_bp

app = Flask(__name__)
app.register_blueprint(user_bp, url_prefix="/user")

if __name__ == '__main__':
    app.run(debug=True)

# File: user_routes.py
from flask import Blueprint

user_bp = Blueprint('user', __name__)

@user_bp.route('/profile')
def profile():
    return "User Profile"


In [None]:
# 12. How do you define a custom Jinja filter in Flask
from flask import Flask, render_template_string

app = Flask(__name__)

@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

@app.route('/')
def home():
    return render_template_string("{{ 'Flask' | reverse }}")

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 13. How can you redirect with query parameters in Flask
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('hello', name='FlaskUser'))

@app.route('/hello')
def hello():
    name = request.args.get('name', 'Guest')
    return f"Hello {name}"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 14. How do you return JSON responses in Flask
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def api_data():
    return jsonify({'name': 'Flask', 'version': '2.x', 'status': 'success'})

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# 15. How do you capture URL parameters in Flask
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user(username):
    return f"User: {username}"

@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f"Post ID: {post_id}"

if __name__ == '__main__':
    app.run(debug=True)
