1. What is a RESTful API?

Ans. A RESTful API is a web service that lets different systems communicate over HTTP by following REST principles. It uses standard HTTP methods like:

GET (read data)

POST (create data)

PUT/PATCH (update data)

DELETE (remove data)

Data is usually sent in JSON format, and each resource (like a user or product) is accessed via a unique URL.

Example:
GET /users/123 → Get data for user with ID 123.

It’s stateless, easy to use, and widely used in web and mobile apps.

2. Explain the concept of API specification?

Ans. An API specification is a detailed description of how an API works. It defines the rules, structure, and behavior of the API so that developers know how to use it and what to expect in return.

🔹 Key Parts of an API Specification:
Endpoints
The URLs used to access resources.
Example: GET /users/{id}

HTTP Methods

What actions can be performed: GET, POST, PUT, DELETE, etc.

Request Parameters
Inputs the API accepts — like path variables, query parameters, or JSON in the body.

Response Format

The structure of the data returned, usually in JSON.

Status Codes

HTTP codes that show the result (e.g., 200 OK, 404 Not Found).

Authentication

How users are authorized (e.g., API keys, tokens, OAuth).

🔹 Why API Specifications Matter:
Consistency – Everyone follows the same rules.

Documentation – Makes APIs easier to understand and use.

Automation – Tools like Swagger/OpenAPI can generate docs, tests, and client code from specs.

🔹 Example (OpenAPI/Swagger Format)

    paths:
      /users/{id}:
    get:
      summary: Get a user by ID
      parameters:
        - name: id
          in: path
          required: true
          type: integer
      responses:
        200:
          description: User found


3. What is Flask, and why is it popular for building APIs?

Ans. Flask is a lightweight Python web framework used to build web applications and APIs. It's popular because:

🔹 Why Flask is Popular for APIs:
Simple and Minimal
Easy to learn and use — great for small projects or quick prototypes.

Flexible
No strict rules — you can structure your app how you like.

Built-in Tools
Comes with tools for routing, request handling, and JSON support out of the box.

Large Ecosystem
Supports many extensions (e.g., Flask-RESTful, Flask-JWT) for authentication, databases, etc.

Good for REST APIs
Flask makes it easy to define RESTful endpoints with just a few lines of code.

🔹 Example (Simple Flask API)

    from flask import Flask, jsonify

    app = Flask(__name__)

    @app.route('/hello')
    def hello():
      return jsonify(message="Hello, API!")

    if __name__ == '__main__':
      app.run()

4. What is routing in Flask?

Ans. Routing in Flask maps URLs to Python functions. When a user visits a specific URL, Flask runs the matching function.

🔹 Example:

    @app.route('/hello')
    def hello():
      return 'Hello, World!'
Visiting /hello runs the hello() function.

5. How do you create a simple Flask application.

Ans.

1. Install Flask

pip install flask

2. Create app.py


    from flask import Flask
    app = Flask(__name__)

    @app.route('/')
    def home():
      return 'Hello, Flask!'

    if __name__ == '__main__':
      app.run()

3. Run it

python app.py

Go to http://127.0.0.1:5000/ in browser.

6.  What are HTTP methods used in RESTful APIs.

Ans. 🔹 Common HTTP Methods in RESTful APIs:

GET – Retrieve data
Example: GET /users → get all users

POST – Create new data
Example: POST /users → add a new user

PUT – Update existing data (replace)
Example: PUT /users/1 → update user with ID 1

PATCH – Partially update data
Example: PATCH /users/1 → update part of user 1’s info

DELETE – Remove data
Example: DELETE /users/1 → delete user 1

7. What is the purpose of the @app.route() decorator in Flask.

Ans. It tells Flask:
"When someone visits this URL, run this function."

🔹 Example:

    @app.route('/hello')
    def say_hello():
      return 'Hello, World!'
Visiting /hello runs say_hello().



8. What is the difference between GET and POST HTTP methods.

Ans. --> GET Method

Purpose: The GET method is used to request data from a specified resource. It’s designed for retrieving information without causing any side effects on the server.

Characteristics:

Data is sent as query parameters in the URL (e.g., /search?q=flask).

Because data is part of the URL, it is visible and limited in size.

GET requests are idempotent and safe, meaning multiple identical requests produce the same result without changing the server’s state.

Commonly used for fetching or reading data.

--> POST Method

Purpose: The POST method is used to submit data to a server to create or modify resources. It typically results in a change in server state or side effects.

Characteristics:

Data is sent in the request body, not in the URL, allowing larger amounts of data and keeping it hidden from the URL.

POST requests are not idempotent — sending the same request multiple times can create multiple resources or trigger multiple actions.

Commonly used for form submissions, uploading files, or sending complex data.



9. How do you handle errors in Flask APIs.

Ans.

Use abort() to return HTTP errors, e.g., abort(404).

Define custom error handlers with @app.errorhandler().

Use try-except blocks to catch exceptions and return error messages.

Example:

    from flask import abort, jsonify

    @app.route('/item/<int:id>')
    def get_item(id):
      if not item_exists(id):
        abort(404, "Item not found")

    @app.errorhandler(404)
    def not_found(e):
      return jsonify(error=str(e)), 404

10.  How do you connect Flask to a SQL database.

Ans. Install:

pip install flask_sqlalchemy

Setup:

    from flask import Flask
    from flask_sqlalchemy import SQLAlchemy

    app = Flask(__name__)
    app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db'

    db = SQLAlchemy(app)

    class User(db.Model):
      id = db.Column(db.Integer, primary_key=True)
      name = db.Column(db.String(50))

    with app.app_context():
      db.create_all()

11. What is the role of Flask-SQLAlchemy.

Ans.Flask-SQLAlchemy is an extension that simplifies using SQL databases with Flask by integrating the powerful SQLAlchemy ORM.

Role of Flask-SQLAlchemy:

Provides an easy way to connect Flask apps to databases.

Lets you define Python classes (models) that represent database tables.

Handles SQL queries behind the scenes, so you work with Python objects instead of raw SQL.

Manages database sessions and connections automatically.

Supports multiple database backends (SQLite, MySQL, PostgreSQL, etc.).

12. What are Flask blueprints, and how are they useful.

Ans. Flask Blueprints are a way to organize and structure a Flask application by grouping related routes, templates, and static files into reusable modules.

Why Use Blueprints?
Modularity: Break a large app into smaller, manageable pieces (e.g., auth, blog, API).

Reusability: Easily reuse or share parts of your app.

Better organization: Keeps code clean and easier to maintain.

Allows registering routes, error handlers, and static files separately from the main app.

How It Works (Basic Example):

    from flask import Blueprint

    auth = Blueprint('auth', __name__)

    @auth.route('/login')
    def login():
      return "Login Page"

Then in your main app:

    from flask import Flask
    from auth import auth

    app = Flask(__name__)
    app.register_blueprint(auth, url_prefix='/auth')

Visiting /auth/login will run the login route.

13. What is the purpose of Flask's request object.

Ans. Flask’s request object represents the incoming HTTP request from a client.

Purpose of the request object:

Access data sent by the client (like form data, JSON, query parameters).

Get information about the request (method, headers, cookies, URL).

Handle file uploads.

Inspect request metadata (IP address, content type).

Example:

    from flask import request

    @app.route('/submit', methods=['POST'])
    def submit():
      name = request.form.get('name')        # form data
      age = request.args.get('age')           # query params
      data = request.json                      # JSON body
    return f"Name: {name}, Age: {age}"

14.  How do you create a RESTful API endpoint using Flask.

Ans.

Import Flask and create app:

    from flask import Flask, jsonify, request

    app = Flask(__name__)

Define an endpoint with HTTP methods:

    @app.route('/users/<int:id>', methods=['GET', 'PUT'])
    def user(id):
      if request.method == 'GET':
        # Return user data (example)
        return jsonify({"id": id, "name": "User"+str(id)})
    elif request.method == 'PUT':
        data = request.json
        # Update user logic here
        return jsonify({"id": id, "updated_data": data})
Run the app:

    if __name__ == '__main__':
      app.run()


15. What is the purpose of Flask's jsonify() function.

Ans. Flask’s jsonify() function converts Python data (like dictionaries or lists) into a JSON-formatted HTTP response.

Purpose:

Automatically formats your data as JSON.

Sets the correct Content-Type header (application/json).

Makes it easy to return JSON from API endpoints.

Example:

    from flask import jsonify

    @app.route('/data')
    def data():
      return jsonify({"name": "Alice", "age": 30})

16. Explain Flask’s url_for() function.

Ans. Flask’s url_for() function is used to build URLs dynamically for your routes by using the function name instead of hardcoding URLs.

Why use url_for()?

Generates correct URLs even if routes change.

Handles URL building with parameters easily.

Helps avoid mistakes from hardcoding URLs.

Example:

    from flask import url_for

    @app.route('/user/<int:id>')
    def profile(id):
      return f"User {id}"

    @app.route('/')
    def index():
      # Build URL for profile with id=5
      user_url = url_for('profile', id=5)
      return f"Profile URL: {user_url}"

Visiting / will show:
Profile URL: /user/5



17. How does Flask handle static files (CSS, JavaScript, etc.)

Ans.Flask serves static files (like CSS, JavaScript, images) from a special folder named static by default.

How it works:
Place your static files in the static/ folder inside your project.

Access them in templates or browser via /static/filename.

Example:
If you have static/style.css, it’s accessible at:

http://yourdomain.com/static/style.css

Using in HTML templates:

    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
    <script src="{{ url_for('static', filename='app.js') }}"></script>

18. What is an API specification, and how does it help in building a Flask API.

Ans.

An API specification is a formal document or blueprint that defines how an API works — detailing its endpoints, request/response formats, parameters, authentication, and error handling.

How it helps in building a Flask API:
Clear contract: Sets expectations for what your API does and how clients should interact with it.

Consistent design: Ensures your endpoints, inputs, and outputs follow a structured format.

Better collaboration: Makes it easier for frontend, backend, and third-party developers to work together.

Automation: Enables tools (like Swagger/OpenAPI) to generate docs, tests, and client code.

Easier maintenance: Changes are planned and communicated clearly through the spec.



19. What are HTTP status codes, and why are they important in a Flask API.

Ans. HTTP status codes are standardized numeric codes sent by a server in response to a client’s HTTP request, indicating the result of that request.

Why they are important in a Flask API:
Communicate outcome: Tell the client if the request was successful (200), created (201), had errors (400, 404), or server issues (500).

Help clients handle responses: Clients can react differently based on status codes (e.g., retry, show error message).

Improve API clarity: Makes your API’s behavior clear and predictable.

Follow standards: Align your API with HTTP protocol conventions.

Common examples:
200 OK — Success

201 Created — New resource created

400 Bad Request — Client sent invalid data

404 Not Found — Resource doesn’t exist

500 Internal Server Error — Server problem

20. How do you handle POST requests in Flask.

Ans. Define route with methods=['POST']:

    from flask import Flask, request, jsonify

    app = Flask(__name__)

    @app.route('/submit', methods=['POST'])
    def submit():
      data = request.json  # Get JSON data from request body
      # Process data here
      return jsonify({"message": "Data received", "data": data})
Run the app and send POST requests with JSON or form data.



21. How would you secure a Flask API.

Ans. Use authentication (e.g., JWT tokens).

Serve over HTTPS.

Validate and sanitize all inputs.

Implement rate limiting to prevent abuse.

Handle errors without exposing sensitive info.

Keep secrets (keys/passwords) in environment variables.

Add security headers (CSP, X-Frame-Options).

22. What is the significance of the Flask-RESTful extension.

Ans. Flask-RESTful is an extension that simplifies building RESTful APIs with Flask.

Significance of Flask-RESTful:
Provides easy-to-use classes like Resource to organize API endpoints.

Automatically handles HTTP methods (GET, POST, etc.) inside resource classes.

Simplifies request parsing and input validation with built-in tools.

Helps format responses consistently (e.g., JSON).

Supports easy routing and error handling for APIs.

23. What is the role of Flask’s session object?

Ans. Flask’s session object stores data specific to a user across multiple requests (like a temporary user state).

Role of session:
Keeps user info between requests (e.g., login status, preferences).

Data is stored securely on the client as a signed cookie.

Helps implement features like user sessions without a database.

Example:

    from flask import session

    @app.route('/login')
    def login():
      session['user_id'] = 42  # Save user ID in session
      return 'Logged in!'

    @app.route('/profile')
    def profile():
      user_id = session.get('user_id')
      return f'User ID: {user_id}'

**PRACTICAL**

1.  How do you create a basic Flask application.

In [1]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run()

 * Serving Flask app '__main__'
 * Debug mode: off


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m


2. How do you define different routes with different HTTP methods in Flask.

In [None]:
@app.route('/item', methods=['GET', 'POST'])
def item():
    if request.method == 'GET':
        return "Get item"
    elif request.method == 'POST':
        return "Create item"

3. How do you render HTML templates in Flask.

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

4. How can you generate URLs for routes in Flask using url_for.

In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/user/<int:id>')
def profile(id):
    return f"User {id}"

@app.route('/')
def index():
    # Generate URL for profile with id=42
    user_url = url_for('profile', id=42)
    return f"Profile URL: {user_url}"

5. How do you handle forms in Flask.

    <form method="POST" action="/submit">
    <input type="text" name="username">
    <input type="submit" value="Send">
    </form>

In [None]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit():
    username = request.form.get('username')
    return f"Hello, {username}!"

6. How can you validate form data in Flask

In [None]:
from flask import request, jsonify

@app.route('/submit', methods=['POST'])
def submit():
    username = request.form.get('username')
    if not username or len(username) < 3:
        return jsonify({"error": "Username must be at least 3 characters"}), 400
    return jsonify({"message": "Valid data"})

7.  How do you manage sessions in Flask.

How to use sessions in Flask:
Set a secret key (needed for signing session cookies):


    app.secret_key = 'your-secret-key'

Store data in session:

    from flask import session

    @app.route('/login')
    def login():
      session['user_id'] = 123
      return "Logged in!"

Retrieve data from session:

    @app.route('/profile')
    def profile():
      user_id = session.get('user_id')
      return f"User ID: {user_id}"

Clear session data:

    @app.route('/logout')
    def logout():
      session.clear()
      return "Logged out!"


8.  How do you redirect to a different route in Flask.

In [None]:
from flask import redirect, url_for

@app.route('/old')
def old():
    return redirect(url_for('new'))

@app.route('/new')
def new():
    return "This is the new page."

9. How do you handle errors in Flask (e.g., 404)

In [None]:
@app.errorhandler(404)
def not_found(error):
    return "Page not found!", 404

10. How do you structure a Flask app using Blueprints

In [None]:
from flask import Blueprint

auth = Blueprint('auth', __name__)

@auth.route('/login')
def login():
    return "Login Page"

In [None]:
from flask import Flask
from auth import auth

app = Flask(__name__)
app.register_blueprint(auth, url_prefix='/auth')

if __name__ == '__main__':
    app.run()

11. How can you redirect with query parameters in Flask.

In [None]:
from flask import redirect, url_for

@app.route('/search')
def search():
    # Redirect to /results?q=flask&page=2
    return redirect(url_for('results', q='flask', page=2))

@app.route('/results')
def results():
    # Access query params via request.args if needed
    return "Search results page"

12. How do you return JSON responses in Flask.

In [None]:
from flask import jsonify

@app.route('/data')
def data():
    return jsonify({"name": "Alice", "age": 30})

13. How do you capture URL parameters in Flask?

In [None]:
@app.route('/user/<int:id>')
def user_profile(id):
    return f"User ID: {id}"