#Restful API & Flask

**1. What is a RESTful API?**
- A RESTful API is a way for apps or systems to talk to each other over the internet. It follows a set of simple rules so that anyone can understand and use it. It mostly works through web links (URLs), and each link does a specific job — like getting data, adding new data, updating something, or deleting it.

  **It uses common methods:**
    > GET – to read data

    > POST – to add new data

    > PUT – to update something

    > DELETE – to remove something

    Think of it like a menu at a restaurant. You (the client) order using a menu (the API), and the kitchen (the server) gives you what you asked for. It’s all about clear communication using standard methods. Everything is stateless, meaning each request is treated separately.



**2. Explain the concept of API specification.**
- An API specification is like a rulebook or blueprint that explains how an API should work. It tells developers what the API can do, how to use it, and what kind of data to send or expect. It's not the actual code — it's more like the instructions.

**3. What is Flask, and why is it popular for building APIs?**
-Flask is a lightweight web framework in Python that helps you build web apps and APIs quickly and easily. It's super beginner-friendly and doesn’t come with too many built-in tools, which means you get full control and flexibility to build things your way.

**Why it’s popular for APIs:**
  > Simple and clean: We can create a working API in just a few lines of code.

  > Flexible: We can add only what you need — no extra baggage.

  > Great for learning: Perfect for beginners to understand how APIs work under the hood.

  > Large community: Lots of tutorials, examples, and support available online.

**4. What is routing in Flask?**
- Routing in Flask means connecting a specific URL to a specific function in your code. When someone visits a URL (like /home or /users), Flask checks the route and runs the function linked to it — this function decides what to show or return.
Routing helps you build different parts of your API or website — each route handles a specific task, like showing users, adding a new item, or deleting something.

**5. How do you create a simple Flask application?**
- Creating a simple Flask application means setting up a small Python program that can respond to web requests. You import Flask, create an app object, and then define routes — each route is a path (like /) that points to a function, and that function controls what’s shown on that page.

  Once your app runs, it starts a local server that you can open in your browser. Flask listens for requests (like visiting a webpage) and responds based on the logic you wrote.

**6. What are HTTP methods used in RESTful APIs?**
- HTTP methods in RESTful APIs are actions you can perform on resources (like data or objects). They tell the server what you want to do.

  **The main ones are:**
    > GET – To read or fetch data

    > POST – To add or create new data

    > PUT – To update existing data completely

    > PATCH – To update part of the data

    > DELETE – To remove data

**7. What is the purpose of the @app.route() decorator in Flask?**
- The @app.route() decorator in Flask is used to link a URL to a specific function in your code. It tells Flask: "*When someone visits this URL, run this function.*"

**8. What is the difference between GET and POST HTTP methods?**
- The main difference between GET and POST is in how they send data and what they’re used for.

  > **GET** is used to fetch data from the server. The data is sent in the URL (like ?name=John). It’s visible, so it’s best for simple requests like searching or reading something.

  > **POST** is used to send data to the server, usually to create something new. The data is hidden in the request body, not the URL, making it more secure for things like login forms or submitting information.

**9. How do you handle errors in Flask APIs?**
- In Flask APIs, error handling means giving a clear response when something goes wrong — like when a page isn’t found or bad data is sent. You do this using custom error messages and status codes.

  Flask lets you handle errors using the @app.errorhandler() decorator.

**10. How do you connect Flask to a SQL database?**
- To connect Flask to a SQL database, you usually use a tool like Flask-SQLAlchemy, which makes it easy to work with databases using Python code instead of raw SQL.

  > Install Flask-SQLAlchemy.

  > Configure the database URL in your app.

  > Create models (Python classes that represent tables).

  > Use them to add, update, or get data.

  So instead of writing SQL commands, you just interact with Python objects — and it handles the rest.

**11. What is the role of Flask-SQLAlchemy?**
- Flask-SQLAlchemy is an extension for Flask that helps you work with SQL databases using Python classes and objects instead of raw SQL queries.

  **Its role:**
    > It connects your Flask app to a database.

    > Lets you define tables as Python classes (called models).

    > Makes it easy to create, read, update, and delete data using simple Python code.

    > Manages the connection and sessions for you behind the scenes.

**12. What are Flask blueprints, and how are they useful?**
-  Flask Blueprints are a way to organize your app into smaller parts. They let you group related routes, functions, and files together — like mini-apps inside your main app.

  **Why they’re useful**:
    > Keep your code clean and modular

    > Make it easier to manage big projects

    > Allow you to reuse code across different parts of your app

  **For example, you could have:**

  > A user blueprint for login/signup routes

  > An admin blueprint for admin panel routes

**13. What is the purpose of Flask's request object?**
- The Flask request object holds all the information about the current web request a user sends to your app. It lets you access things like:

  > Data sent from a form or API call

  > URL parameters

  > Headers (extra info about the request)

  > Cookies

**14. How do you create a RESTful API endpoint using Flask?**
- To create a RESTful API endpoint in Flask, you define a route that listens for specific HTTP methods (like GET or POST) and write a function that handles the request and returns data, usually in JSON format.

  You use the @app.route() decorator to specify the URL and allowed methods. Inside the function, you process the request and send back a response.

**15. What is the purpose of Flask's jsonify() function?**
- The purpose of Flask’s jsonify() function is to convert Python data (like dictionaries or lists) into a JSON response that can be sent to the client.


**16. Explain Flask’s url_for() function.**
- Flask’s url_for() function is used to generate the URL for a specific function or route in your app, based on its name. Instead of writing URLs manually, you use url_for() to avoid mistakes and make your code easier to maintain.

**17. How does Flask handle static files (CSS, JavaScript, etc.)?**
- Flask handles static files like CSS, JavaScript, and images by serving them from a special folder called static inside your project.

  When you put your files (like style.css or script.js) in the static folder, Flask automatically makes them available at URLs like /static/style.css.

  In your HTML, you link to these files using a URL that points to /static/filename.

  This way, Flask keeps your static assets organized and easily accessible without extra setup.

**18. What is an API specification, and how does it help in building a Flask API?**
- An API specification is a detailed document or blueprint that describes how an API should behave — what endpoints it has, what data it accepts, what it returns, and the rules for using it.

  **When building a Flask API, an API specification helps by:**
    > Defining clear rules for what your API will do before you start coding

    > Making sure everyone (developers, testers, clients) understands how to use the API

    > Helping you stay organized and avoid confusion as your API grows

    > Allowing tools like Swagger or OpenAPI to automatically generate docs or test your API

**19. What are HTTP status codes, and why are they important in a Flask API?**
- HTTP status codes are numbers sent by the server to tell the client how a request went. They let the client know if the request was successful, if there was an error, or if something else happened.

  **Common examples:**

  > 200 – Success (everything worked)

  > 201 – Created (new data was made)

  > 400 – Bad Request (something was wrong with the request)

  > 404 – Not Found (the requested resource doesn’t exist)

  > 500 – Server Error (something went wrong on the server)

**20. How do you handle POST requests in Flask?**
- To handle POST requests in Flask, you create a route that accepts the POST method, and inside the route function, we access the data sent by the client using Flask’s request object.

  We usually get data from forms or JSON and then process or save it.

**21. How would you secure a Flask API?**
- To secure a Flask API, you need to protect it so only authorized users or apps can access it, and to keep data safe. Here are common ways to do that:

  > Use authentication like API keys, tokens (e.g., JWT), or OAuth to verify who is making requests.

  > Validate and sanitize input data to avoid attacks like SQL injection or bad data causing errors.

  > Use HTTPS to encrypt data sent between clients and your API, so no one can snoop.

  > Limit request rates (rate limiting) to prevent abuse or DDoS attacks.

  > Handle errors carefully so you don’t expose sensitive info.

  > Keep your Flask and dependencies up to date to avoid known security issues.

**22. What is the significance of the Flask-RESTful extension?**
- Flask-RESTful is an extension that makes building RESTful APIs in Flask easier and more organized. It provides helpful tools and classes to manage resources, handle HTTP methods, and format responses cleanly.

  **Why it’s significant:**

  > Simplifies creating API endpoints by letting you define resources as classes

  > Automatically handles routing based on HTTP methods (GET, POST, etc.) inside those classes

  > Helps with input validation and formatting responses (like JSON)

  > Keeps your API code cleaner and more maintainable as it grows

**23. What is the role of Flask’s session object?**
- Flask’s session object is used to store data specific to a user’s session — like when they log in or add items to a cart. It keeps information across different requests from the same user, so your app can remember who they are or what they did.

  This data is stored securely on the client side (usually in cookies) but signed to prevent tampering.

  In short, the session object helps your Flask app keep track of user-specific info between pages or visits without needing a database every time.

# Practical

**1. How do you create a basic Flask application?**

In [7]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return 'Hello, Flask!'

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**2. How do you serve static files like images or CSS in Flask?**

In [9]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('main.html')

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**3. How do you define different routes with different HTTP methods in Flask?**

In [12]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/')
def home():
    return 'Home Page - GET only'

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return 'Data submitted using POST!'
    else:
        return 'Submit form using GET!'

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**4. How do you render HTML templates in Flask?**

In [13]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**5. How can you generate URLs for routes in Flask using url_for?**

In [14]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return f"Go to the about page: {url_for('about')}"

@app.route('/about')
def about():
    return "This is the About Page"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**6. How do you handle forms in Flask?**

In [16]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def form_example():
    if request.method == 'POST':
        name = request.form['name']
        return f'Hello, {name}!'
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**7. How can you validate form data in Flask?**

In [17]:
from flask import Flask, request, render_template_string

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def form_example():
    error = ''
    if request.method == 'POST':
        name = request.form.get('name')
        if not name:
            error = 'Name is required!'
        else:
            return f'Hello, {name}!'

    return render_template_string('''
        <form method="POST">
            Name: <input type="text" name="name">
            <input type="submit">
            <p style="color:red;">{{ error }}</p>
        </form>
    ''', error=error)

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**8. How do you manage sessions in Flask?**

In [18]:
@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']
        return redirect(url_for('profile'))
    return '''
        <form method="POST">
            <input type="text" name="username">
            <input type="submit" value="Login">
        </form>
    '''

@app.route('/profile')
def profile():
    if 'username' in session:
        return f"Welcome, {session['username']}!"
    return 'You are not logged in.'

@app.route('/logout')
def logout():
    session.pop('username', None)  # Removes 'username' from session
    return 'Logged out.'


**9. How do you redirect to a different route in Flask?**

In [19]:
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return 'Home Page'

@app.route('/login')
def login():
    # After login, redirect to the profile
    return redirect(url_for('profile'))

@app.route('/profile')
def profile():
    return 'Welcome to your profile!'


**10. How do you handle errors in Flask (e.g., 404)?**

In [20]:
from flask import Flask, render_template

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(e):
    return "<h1>404 - Page Not Found</h1>", 404

@app.route('/')
def home():
    return 'Home Page'

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**11. How do you structure a Flask app using Blueprints?**

In [27]:
'''

your_project/
│
├── app.py
├── auth/
│   ├── __init__.py
│   └── routes.py
└── templates/
    └── ...


'''


from flask import Blueprint

auth = Blueprint('auth', __name__)

@auth.route('/login')
def login():
    return "This is the login page"


**12. How do you define a custom Jinja filter in Flask?**


In [22]:
from flask import Flask, render_template_string

app = Flask(__name__)

# Define the custom filter function
@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

@app.route('/')
def home():
    # Use the filter in a template string for demo
    return render_template_string("{{ 'Flask' | reverse }}")

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**13. How can you redirect with query parameters in Flask?**

In [23]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    # Redirect to /search with query parameters ?q=flask&page=2
    return redirect(url_for('search', q='flask', page=2))

@app.route('/search')
def search():
    q = request.args.get('q')
    page = request.args.get('page')
    return f"Search query: {q}, Page: {page}"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**14. How do you return JSON responses in Flask?**

In [25]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def data():
    my_data = {
        "name": "Waqar",
        "age": 25,
        "skills": ["Python", "Flask", "Data Science"]
    }
    return jsonify(my_data)

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


**15. How do you capture URL parameters in Flask?**

In [26]:
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def profile(username):
    return f"User profile: {username}"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat
