# Restful API & Flask Theory





## 1.What is a RESTful API?
-> A RESTful API (Representational State Transfer API) is a standardized way for computer systems to communicate over the internet using the HTTP protocol. It enables applications to interact with each other by accessing and manipulating resources—such as data objects or services—through a set of well-defined rules and operations.

## 2. Explain the concept of API specification.
-> An API specification lays out exactly how an API behaves: the endpoints, methods, parameters, request/response formats, authentication, error handling, and other operational rules. It's akin to a technical blueprint, ensuring that all consumers and providers understand what’s expected.

## 3. What is Flask, and why is it popular for building APIs?
-> Flask is a micro web framework written in Python. Developed by Armin Ronacher and the Pocoo (now Pallets) team, it was first released in April 2010. Unlike more opinionated frameworks, Flask provides only the fundamental building blocks for web development—routing, request handling, templating, and a development server—while leaving everything else optional and extensible.


## 4. What is routing in Flask?
-> Routing in Flask is the mechanism that maps incoming HTTP request URLs to specific view functions that process them.

When you define a route, you tell Flask: “If a client requests this particular URL, call this function.”

Flask uses the Werkzeug routing system under the hood, which efficiently manages route matching and ordering—even when routes are declared in varying modules—ensuring consistent behavior.

## 5. How do you create a simple Flask application?
-> Install Flask in a virtual environment

python3 -m venv venv → source venv/bin/activate (macOS/Linux) or venv\Scripts\activate (Windows)

pip install Flask

Create app.py with minimal structure

@app.route('/') maps the root URL to a function that returns a response

app.run(debug=True) starts built-in dev server with hot-reload and error debugging

Run the application

Execute via python app.py

Access at http://127.0.0.1:5000/ and see Hello, World!

Why Flask is ideal for this

It's a microframework: minimal core, no default ORM/auth—add only what you need

Built on Werkzeug (WSGI tooling) and Jinja2 (templating engine)

Lightweight, flexible, beginner-friendly, excellent for prototyping & APIs

## 6. What are HTTP methods used in RESTful APIs?
-> Safe methods (do not modify server state): GET, HEAD, OPTIONS, TRACE .

Idempotent methods (repeatable without side effects): GET, PUT, DELETE, HEAD, OPTIONS, TRACE.

Cacheable methods (responses may be cached): GET, HEAD, POST (conditionally).

## 7. What is the purpose of the @app.route() decorator in Flask?
-> @app.route() lets you declare what URL triggers what function in your Flask app. It handles route registration naturally and cleanly, without extra boilerplate—making your code both readable and expressive.

## 8. What is the difference between GET and POST HTTP methods?
-> Use GET to retrieve data:

Makes requests idempotent and cacheable.

Keeps data visible and shareable in URLs.

Use POST to submit data:

Wraps data in body—not exposed in URL.

Can handle large, complex, or sensitive payloads.

Intended for operations that change server state.

## 9. How do you handle errors in Flask APIs?
-> Use @app.errorhandler(status_code or ExceptionType).

Leverage built-in exceptions (werkzeug.exceptions.HTTPException).

Use abort() for early exit in view functions.

Implement generic exception handler (@app.errorhandler(Exception)).

Create and register custom exception classes.

Flask-RESTful has its own error handling semantics.

Prefer JSON responses over HTML in APIs.

Adopt best practices.

## 10. How do you connect Flask to a SQL database?
-> Connecting Flask to a SQL Database —

Use Flask-SQLAlchemy, an ORM extension, to bridge Flask and SQL databases with Pythonic models instead of raw SQL.



Install necessary packages: Flask and Flask-SQLAlchemy via pip.



Configure the app using a SQLALCHEMY_DATABASE_URI for your database engine (e.g., SQLite, MySQL, PostgreSQL), and disable modification tracking for performance.



Initialize the ORM by attaching the SQLAlchemy object to your Flask app, either directly or with an app factory.


Define models as Python classes (subclassing the ORM base), with attributes representing table columns.


Create database tables automatically from these models within the Flask application context.


Support multiple backends by using appropriate connection strings for SQLite (dev) or MySQL/PostgreSQL (production).


Benefit from ORM features such as connection pooling, session management, and abstraction over SQL across different databases.


## 11. What is the role of Flask-SQLAlchemy?
-> Flask-SQLAlchemy provides a streamlined, Flask-native way to integrate ORM-backed database functionality—combining ease of use with Flask's design philosophies.

## 12.What are Flask blueprints, and how are they useful?
-> Flask Blueprints are your go-to tool for organizing non-trivial applications. They let you split your app into reusable, testable, and logically separated chunks—improving structure, scalability, and developer efficiency.

## 13. What is the purpose of Flask's request object?
-> Encapsulates all data sent by the client during an HTTP request.

Accessible globally within the request’s context, no need to pass it explicitly.

Provides easy access to:

Request method (e.g., GET, POST).

Query parameters, form data, JSON payloads, uploaded files.

HTTP headers, cookies, and URL details.

Simplifies handling of HTTP data using intuitive, high-level attributes.

Built-in, created automatically for every incoming request.

## 14. How do you create a RESTful API endpoint using Flask?
-> Choose Flask for a lightweight, flexible framework ideal for REST APIs.

Define a route using @app.route() linked to the appropriate HTTP methods (e.g., GET, POST, PUT, DELETE).


Return data formatted as JSON using Flask's JSON utilities for clean API responses.


Handle CRUD operations through distinct HTTP methods mapped to RESTful actions.


## 15. What is the purpose of Flask's jsonify() function?
-> jsonify() is your go-to when returning JSON in Flask—it serializes data and handles HTTP response details cleanly and reliably.

## 16. Explain Flask’s url_for() function.
-> It allows to 'automagically' provide a URL for certain route by their name, even when folder structure changes… more flexibility when the project grows.

## 17.  How does Flask handle static files (CSS, JavaScript, etc.)?
-> Flask simplifies static content management through a well-defined folder, automatic routing, and utilities for flexibility—making it clean and efficient for both development and production workflows. Let me know if you’d like details on optimizing static assets (e.g. cache busting or bundling)!

## 18.  What is an API specification, and how does it help in building a Flask API.
-> In the realm of Flask APIs, using an API specification—especially with tools like OpenAPI—gives your project structure, clarity, and maintainability, making the development and collaboration process smoother and more robust.

## 19. What are HTTP status codes, and why are they important in a Flask API?
-> In a Flask API, using meaningful HTTP status codes according to standards makes your API transparent, reliable, and easier to integrate.

## 20. How do you handle POST requests in Flask?
-> Enable POST on a route by including it in the methods list (e.g., methods=['GET', 'POST'])—Flask defaults to GET only.

Use request.form to read submitted form data from HTML forms (application/x-www-form-urlencoded).

Distinguish logic by request method (e.g., if request.method == 'POST': ...) for endpoints handling both GET and POST.

## 21.  How would you secure a Flask API?
-> By combining these measures, you create strong, layered defenses for your Flask API—protecting your data, your users, and your infrastructure.

## 22. What is the significance of the Flask-RESTful extension?
-> lask-RESTful offers a structured, class-based framework for building Flask APIs with cleaner routing, marshalling, and parsing. However, it's losing maintenance traction, and many now lean toward alternatives like Flask-RESTX or vanilla Flask, especially for long-term projects.

## 23. What is the role of Flask’s session object?
-> The session object in Flask gives you a secure, easy-to-use way to remember a user's state across multiple visits—while maintaining flexibility to scale or secure storage as needed.

# Restful API & Flask Practical

## 1.How do you create a basic Flask application?


In [None]:
from flask import Flask

app = Flask(__name__)

@app.route("/")
def hello_world():
    return "Hello, World!"

if __name__ == "__main__":
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


##2.  How do you serve static files like images or CSS in Flask?

In [None]:
from flask import Flask, render_template, send_from_directory, url_for

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('index.html')

@app.route('/my_image')
def serve_image():
    return app.send_static_file('images/logo.png')

if __name__ == '__main__':
    app.run(debug=True)


##3. How do you define different routes with different HTTP methods in Flask?


In [None]:
@app.route('/login', methods=['GET'])
def login_get():
    return show_login_form()

@app.route('/login', methods=['POST'])
def login_post():
    return do_login()


## 4.How do you render HTML templates in Flask?


In [None]:
@app.route('/')
def index():
    return render_template('index.html', name='Alice')


##5. How can you generate URLs for routes in Flask using url_for?


In [None]:
from flask import Flask, render_template, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

@app.route('/about')
def about():
    return render_template('about.html')

@app.route('/user/<username>')
def user_profile(username):
    return f"Hello, {username}!"

@app.route('/go-to-profile/<username>')
def go_to_profile(username):
    return redirect(url_for('user_profile', username=username))

if __name__ == '__main__':
    app.run(debug=True)


##6. How do you handle forms in Flask?


In [None]:
# app.py
from flask import Flask, render_template, request, redirect, url_for, flash
from flask_wtf import FlaskForm
from wtforms import StringField, TextAreaField, SubmitField
from wtforms.validators import DataRequired, Email, Length

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your-secret-key-here'

class ContactForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired(), Length(min=2, max=50)])
    email = StringField('Email', validators=[DataRequired(), Email()])
    message = TextAreaField('Message', validators=[DataRequired(), Length(min=10)])
    submit = SubmitField('Send')

@app.route('/contact', methods=['GET', 'POST'])
def contact():
    form = ContactForm()
    if form.validate_on_submit():
        name = form.name.data
        email = form.email.data
        message = form.message.data
        flash('Thank you for your message!', 'success')
        return redirect(url_for('contact'))
    return render_template('contact.html', form=form)

if __name__ == '__main__':
    app.run(debug=True)


##7.  How can you validate form data in Flask?


In [None]:
from flask import Flask, render_template, redirect, url_for, flash
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, SubmitField
from wtforms.validators import DataRequired, Email, Length, EqualTo, ValidationError
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)
app.config['SECRET_KEY'] = 'super-secret-key'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///users.db'
db = SQLAlchemy(app)

class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(80), unique=True, nullable=False)
    email = db.Column(db.String(120), unique=True, nullable=False)
    password = db.Column(db.String(128), nullable=False)

class RegistrationForm(FlaskForm):
    username = StringField('Username', validators=[DataRequired(), Length(min=3, max=20)])
    email = StringField('Email', validators=[DataRequired(), Email()])
    password = PasswordField('Password', validators=[DataRequired(), Length(min=8)])
    confirm_password = PasswordField('Confirm Password', validators=[DataRequired(), EqualTo('password')])
    submit = SubmitField('Register')

    def validate_username(self, username):
        if User.query.filter_by(username=username.data).first():
            raise ValidationError('Username already exists.')

    def validate_email(self, email):
        if User


##8. How do you manage sessions in Flask?


In [None]:
from flask import Flask, session
from flask_session import Session

app = Flask(__name__)
app.config.update({
    'SECRET_KEY': 'your-secret-key',
    'SESSION_TYPE': 'redis',
    'SESSION_USE_SIGNER': True,
    'SESSION_PERMANENT': False,
    'SESSION_REDIS': redis.from_url('redis://localhost:6379'),
})

Session(app)

@app.route('/')
def index():
    session['count'] = session.get('count', 0) + 1
    return f'Visit count: {session["count"]}'


##9. How do you redirect to a different route in Flask?

In [None]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('login_page'))

@app.route('/login', methods=['GET', 'POST'])
def login_page():
    if request.method == 'POST':
        # After a successful login, redirect to dashboard
        return redirect(url_for('dashboard'))
    return '''
        <form method="post">
            <input name="username" placeholder="Username">
            <button type="submit">Login</button>
        </form>
    '''

@app.route('/dashboard')
def dashboard():
    return 'Welcome to the dashboard!'

if __name__ == '__main__':
    app.run(debug=True)


##10. How do you handle errors in Flask (e.g., 404)?


In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(error):
    return render_template('404.html'), 404

@app.route('/')
def home():
    return "Home Page"

if __name__ == '__main__':
    app.run(debug=True)


##11. How do you structure a Flask app using Blueprints?


In [None]:
from flask import Flask
from .main import main_bp
from .auth import auth_bp

def create_app():
    app = Flask(__name__)
    app.config.from_object('config.Config')

    app.register_blueprint(main_bp)
    app.register_blueprint(auth_bp, url_prefix='/auth')

    return app

##12. How do you define a custom Jinja filter in Flask?


In [None]:
from flask import Flask, render_template
from filters import reverse_string

app = Flask(__name__)

app.add_template_filter(reverse_string, 'reverse')

@app.route('/')
def index():
    name = "Flask Developer"
    return render_template('index.html', name=name)

if __name__ == '__main__':
    app.run(debug=True)


## 13. How can you redirect with query parameters in Flask?


In [None]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('greet', name='Alice', age=30))

@app.route('/greet')
def greet():
    name = request.args.get('name')
    age = request.args.get('age')
    return f"Hello {name}, you are {age} years old."

if __name__ == '__main__':
    app.run(debug=True)


##14. How do you return JSON responses in Flask.


In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {"message": "Hello, world!"}
    return jsonify(data)

if __name__ == '__main__':
    app.run(debug=True)


## 15.How do you capture URL parameters in Flask?

In [None]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/search')
def search():
    query = request.args.get('query', default='', type=str)
    page = request.args.get('page', default=1, type=int)
    return f"Search results for '{query}' on page {page}"

if __name__ == '__main__':
    app.run(debug=True)
