# **Restful API & Flask**

Q1. What is a RESTful API?

Answer:

A RESTful API (Representational State Transfer API) is an interface that allows communication between client and server using HTTP methods (GET, POST, PUT, DELETE). It follows REST principles:

1. Stateless: Each request is independent.

2. Client-Server: Separation of client (frontend) and server (backend).

3. Uniform Interface: Standard endpoints and data formats (usually JSON).

4. Resource-based: Uses URLs to represent resources.

Q2. Explain the concept of API specification?

Answer:

An API specification defines how an API works. It includes:

* Available endpoints (URLs).

* Supported HTTP methods (GET, POST, PUT, DELETE).

* Request/response formats (JSON, XML).

* Authentication rules (e.g., JWT, OAuth).

* Error handling.

Example: OpenAPI (Swagger) is a popular API specification standard.


Q3. What is Flask, and why is it popular for building APIs?

Answer:

Flask is a lightweight Python web framework used for building web applications and APIs.

* Why popular?

    * Minimal and easy to learn.

    * Flexible and does not force specific project structure.

    * Supports extensions (Flask-SQLAlchemy, Flask-RESTful, etc.).

    * Fast development for small to medium apps.

Q4. What is routing in Flask?

Answer:

Routing means mapping a URL path to a specific function in Flask.

For example:

      @app.route('/hello')
      def hello():
          return "Hello, World!"

Here, visiting /hello in the browser triggers the hello() function.


Q5. How do you create a simple Flask application?

Answer:

    from flask import Flask

    app = Flask(__name__)

    @app.route('/')
    def home():
        return "Welcome to Flask API!"

    if __name__ == '__main__':
        app.run(debug=True)

Steps:

1. Import Flask.

2. Create an app instance.

3. Define routes using @app.route().

4. Run the app.


Q6. What are HTTP methods used in RESTful APIs?

Answer:

* GET → Retrieve data.

* POST → Create new data.

* PUT → Update existing data (replace).

* PATCH → Partially update data.

* DELETE → Remove data.

Q7. What is the purpose of the @app.route() decorator in Flask?

Answer:

@app.route() maps a URL endpoint to a function.
It tells Flask: When a client requests this URL, call this function.

Q8. What is the difference between GET and POST HTTP methods?

Answer:

* GET → Request data from the server. Parameters are in the URL. Safe & idempotent.

* POST → Send data to the server (form submissions, JSON). Data is in the request body. Used for creating resources.

Q9. How do you handle errors in Flask APIs?

Answer:

Use error handlers:

    from flask import jsonify

    @app.errorhandler(404)
    def not_found(error):
        return jsonify({"error": "Not Found"}), 404

This ensures consistent error responses.


Q10. How do you connect Flask to a SQL database?

Answer:

    from flask import Flask
    from flask_sqlalchemy import SQLAlchemy

    app = Flask(__name__)

    # PostgreSQL connection
    app.config['SQLALCHEMY_DATABASE_URI'] = 'postgresql://username:password@localhost:5432/mydatabase'
    app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

    db = SQLAlchemy(app)



Q11. What is the role of Flask-SQLAlchemy?

Answer:

It is an ORM (Object Relational Mapper) that allows working with databases using Python objects instead of raw SQL.

* Simplifies database queries.

* Handles table creation & migrations.

* Secure and cleaner code.


Q12.  What are Flask blueprints, and how are they useful?

Answer:

Blueprints allow modularizing Flask applications.
Instead of writing all routes in one file, you can split into modules.
Example:

    from flask import Blueprint

    users_bp = Blueprint('users', __name__)

    @users_bp.route('/users')
    def get_users():
        return "List of users"

Useful for large projects with multiple modules (auth, admin, etc.).

Q13.  What is the purpose of Flask's request object?

Answer:

The request object gives access to data sent by the client.

* request.args → Query params (GET).

* request.form → Form data (POST).

* request.json → JSON body.

* request.headers → Headers.

Q14. How do you create a RESTful API endpoint using Flask?

Answer:

    from flask import Flask, jsonify, request

    app = Flask(__name__)

    @app.route('/api/data', methods=['GET', 'POST'])
    def data():
        if request.method == 'GET':
            return jsonify({"message": "Data fetched"})
        elif request.method == 'POST':
            content = request.json
            return jsonify({"received": content}), 201

Q15. What is the purpose of Flask's jsonify() function?

Answer:

jsonify() converts Python dictionaries/lists into JSON responses with proper headers (Content-Type: application/json).
Example:

    return jsonify({"name": "Priyanshu", "age": 25})


Q16. Explain Flask’s url_for() function?

Answer:

* url_for() is used to generate URLs dynamically for a given function name.

* Instead of hardcoding URLs (/home, /profile), we use url_for() so if routes change, the code still works.

* It improves maintainability and avoids broken links.

Example:

    from flask import Flask, url_for

    app = Flask(__name__)

    @app.route('/profile/<username>')
    def profile(username):
        return f"Profile of {username}"

    with app.test_request_context():
        print(url_for('profile', username='Priyanshu'))  # /profile/Priyanshu


Q17. How does Flask handle static files (CSS, JavaScript, etc.)?

Answer:

* Flask automatically serves static files from a folder named static/ in your project directory.

* Example project structure:

      /project
        /static
          style.css
          script.js
        /templates
          index.html

You can reference static files in HTML using url_for('static', filename='style.css').



Q18. What is an API specification, and how does it help in building a Flask API?

Answer:

An API specification is a blueprint that defines how an API should work.

* It includes:

  * Endpoints (/users, /orders)

  * HTTP methods (GET, POST, etc.)

  * Request/Response formats (JSON, XML)

  * Authentication & error codes

Helps because:

* Provides clear documentation for developers.

* Ensures consistency across APIs.

* Makes it easier to test and integrate with clients.

* Common standard: OpenAPI (Swagger).

Q19. What are HTTP status codes, and why are they important in a Flask API?

Answer:

* HTTP status codes are three-digit numbers sent in responses to indicate request outcome.

* They help clients understand what happened.

Categories:

* 200 OK → Success

* 201 Created → Resource created

* 400 Bad Request → Invalid input

* 401 Unauthorized → Authentication failed

* 404 Not Found → Resource missing

* 500 Internal Server Error → Server crash

Q20. How do you handle POST requests in Flask?

Answer:

* Use methods=['POST'] in @app.route.

* Extract data from request.form or request.json.

Example:

    from flask import request, jsonify

    @app.route('/submit', methods=['POST'])
    def submit():
        data = request.json
        return jsonify({"received": data}), 201


Q21. How would you secure a Flask API?

Answer:

1. Authentication – Use JWT tokens or OAuth.

2. Authorization – Ensure users can only access their resources.

3. Input Validation – Prevent SQL injection, XSS.

4. HTTPS – Encrypt data with SSL/TLS.

5. Rate Limiting – Prevent abuse (e.g., Flask-Limiter).

6. Error Handling – Hide sensitive error details.

Q22. What is the significance of the Flask-RESTful extension?

Answer:

* Flask-RESTful is an extension for Flask that simplifies building REST APIs.
Features:

* Provides a Resource class to organize endpoints.

* Automatic input parsing.

* Better error handling.

* Helps maintain clean, structured, REST-compliant APIs.

Example:

    from flask_restful import Resource, Api

    api = Api(app)

    class Hello(Resource):
        def get(self):
            return {"message": "Hello, RESTful!"}

    api.add_resource(Hello, '/hello')

Q23. What is the role of Flask’s session object?

Answer:

* Session in Flask is used to store data across requests for a single user.

* Data is stored in a signed cookie (client-side) using Flask’s secret key.

* Commonly used for login sessions, storing small user preferences, etc.

Example:

    from flask import session

    app.secret_key = "mysecretkey"

    @app.route('/login')
    def login():
        session['username'] = 'Priyanshu'
        return "Logged in!"

    @app.route('/profile')
    def profile():
        return f"Welcome {session['username']}"


# **Practical**

In [1]:
# Q1. How do you create a basic Flask application?
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to Basic Flask Application!"

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [2]:
# Q2. How do you serve static files like images or CSS in Flask?

from flask import Flask, send_from_directory

app = Flask(__name__)

@app.route('/static/<path:filename>')
def serve_static(filename):
    return send_from_directory('static', filename)

In [3]:
Q3. How do you render HTML templates in Flask?

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

In [1]:
#Q4. How can you generate URLs for routes in Flask using url_for?

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

@app.route('/about')
def about():
    return render_template('about.html')

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [2]:
#Q5. How can you generate URLs for routes in Flask using url_for?
from flask import Flask, url_for, redirect

app = Flask(__name__)

@app.route('/')
def home():
    # Generates URL for about() function
    return f"Go to About Page: {url_for('about')}"

@app.route('/about')
def about():
    return "This is the About page"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [3]:
#Q6. How do you handle forms in Flask?
from flask import Flask, request, render_template_string

app = Flask(__name__)

@app.route('/', methods=['GET', 'POST'])
def form_example():
    if request.method == 'POST':
        name = request.form['name']
        return f"Hello {name}!"
    return render_template_string('''
        <form method="POST">
            <input type="text" name="name">
            <input type="submit" value="Submit">
        </form>
    ''')

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [4]:
#Q7. How can you validate form data in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/register', methods=['POST'])
def register():
    email = request.form.get('email')
    if not email or "@" not in email:
        return "Invalid email!", 400
    return f"Registered with {email}"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [5]:
#Q8. How do you manage sessions in Flask?
from flask import Flask, session

app = Flask(__name__)
app.secret_key = "mysecretkey"  # Needed for sessions

@app.route('/login')
def login():
    session['user'] = 'Priyanshu'
    return "User logged in!"

@app.route('/profile')
def profile():
    return f"Hello {session['user']}"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [6]:
#Q9. How do you redirect to a different route in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('dashboard'))

@app.route('/dashboard')
def dashboard():
    return "Welcome to Dashboard!"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [7]:
#Q10. How do you handle errors in Flask (e.g., 404)?
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(e):
    return jsonify({"error": "Page not found"}), 404

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [8]:
#Q11. How do you structure a Flask app using Blueprints?
# file: app.py
from flask import Flask
from user_routes import user_bp

app = Flask(__name__)
app.register_blueprint(user_bp, url_prefix="/users")

if __name__ == '__main__':
    app.run(debug=True)

# file: user_routes.py
from flask import Blueprint

user_bp = Blueprint('user_bp', __name__)

@user_bp.route('/')
def users():
    return "User List"


ModuleNotFoundError: No module named 'user_routes'

In [1]:
#Q12. How do you define a custom Jinja filter in Flask?
from flask import Flask, render_template_string

app = Flask(__name__)

@app.template_filter('capitalize_words')
def capitalize_words(s):
    return s.title()

@app.route('/')
def home():
    return render_template_string("{{ 'hello flask' | capitalize_words }}")

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [2]:
#Q13. How can you redirect with query parameters in Flask?
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('search', q='flask'))

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Search results for: {query}"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [3]:
#Q14. How do you return JSON responses in Flask?
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def data():
    return jsonify({"name": "Priyanshu", "age": 25})

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


In [4]:
#Q15. How do you capture URL parameters in Flask?
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def user_profile(username):
    return f"Profile page of {username}"

@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f"Post ID: {post_id}"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)
