**THEORY QUESTION**

1.  What is a RESTful API?

Ans- A **RESTful API** (Representational State Transfer API) is a way for different software systems to **communicate over the internet** using standard web methods.

### In simple words:

1. **It lets apps talk to each other** — like how your phone app fetches weather or sends a message.

2. It uses **HTTP methods** like:

   * **GET** (to read data)
   * **POST** (to create data)
   * **PUT/PATCH** (to update data)
   * **DELETE** (to remove data)

3. Data is usually sent and received in **JSON** format.

4. It is **stateless**, meaning every request is independent and doesn't remember previous ones.

5. REST APIs are used in **websites, mobile apps, cloud services**, and more.
*italicized text*

### In short:

A **RESTful API** is like a **messenger** that lets different programs exchange data using simple web rules.


2. Explain the concept of API specification.

Ans-  **API Specification – Simple Explanation**

An **API specification** is like a **blueprint** or **instruction manual** that clearly defines **how a software or service communicates with others**.


###  What it does:

1. **Describes what an API can do** – like what data you can send or get.
2. **Defines the rules** – such as endpoints, methods (GET, POST, etc.), request formats, and response formats.
3. **Helps developers understand how to use the API** without needing to read its internal code.


###  What's included in an API specification:

* **Endpoints**: URLs you send requests to (e.g., `/users`, `/products/123`)
* **Methods**: Actions like GET, POST, PUT, DELETE
* **Parameters**: Extra details sent with requests (like filters, IDs)
* **Request format**: What kind of data to send (usually JSON)
* **Response format**: What kind of data you get back
* **Error codes**: What errors can happen and what they mean


###  Common Tools for Writing API Specs:

* **OpenAPI / Swagger** (most popular)
* **RAML**
* **API Blueprint**


### In short:

An **API specification** is a **clear guide that tells developers exactly how to connect with an API**, what to expect, and how to use it correctly.


3. What is Flask, and why is it popular for building APIs?

Ans-
**Flask** is a **lightweight web framework** in Python used to build **web applications and APIs**.


###  Why is Flask popular for building APIs?

1. **Simple and easy to learn**

   * Great for beginners and quick projects.

2. **Minimalist**

   * Gives you the essentials — you add only what you need.

3. **Flexible**

   * No strict rules — you can design your API your way.

4. **Fast for prototyping**

   * Ideal for quickly building and testing small to medium APIs.

5. **Built-in development server**

   * You don’t need extra tools to start testing your API.

6. **Large community and documentation**

   * Easy to find help, examples, and plugins.

7. **Works well with other tools**

   * Can easily integrate with databases, authentication systems, and frontend frameworks.


###  In short:

**Flask** is popular because it’s **simple, flexible, and efficient**, making it a top choice for building **RESTful APIs** in Python.


4. What is routing in Flask?

Ans- Routing in Flask is the process of defining how URLs are handled by the application. It maps specific URL patterns to functions, called view functions, which return the response to the client. Each route is associated with a particular endpoint, and when a user accesses that URL, Flask calls the corresponding function to generate the content. Routing helps organize the application and control what content is shown for different web addresses.


5. How do you create a simple Flask application?

Ans- To create a simple Flask application, you follow these basic steps:

1. **Install Flask** using a package manager like `pip`.
2. **Import Flask** into your Python file.
3. **Create a Flask app object** to initialize the application.
4. **Define routes** to specify what should happen when a user visits a specific URL.
5. **Run the application** using the app’s run method to start the development server.

This setup allows you to handle web requests and return responses through defined functions.


6. What are HTTP methods used in RESTful APIs?

Ans- The main HTTP methods used in RESTful APIs are:

1. **GET** – Retrieves data from the server.
2. **POST** – Sends new data to the server to create a resource.
3. **PUT** – Updates an existing resource with new data.
4. **DELETE** – Removes a resource from the server.
5. **PATCH** – Partially updates a resource with some data.
6. **OPTIONS** – Describes the communication options for the target resource.

Each method represents a specific action and helps maintain a clear structure in RESTful communication.


6. What is the purpose of the @app.route() decorator in Flask?

Ans- The `@app.route()` decorator in Flask is used to bind a specific URL path to a function. It tells Flask which function should be executed when a user visits that URL. This is how routing is handled in Flask, allowing you to define different responses for different web addresses in your application.


7.  What is the difference between GET and POST HTTP methods?

Ans- The main differences between **GET** and **POST** HTTP methods are:

1. **Purpose**:

   * **GET** is used to **retrieve data** from the server.
   * **POST** is used to **send data** to the server to **create or update** a resource.

2. **Data Visibility**:

   * **GET** sends data in the **URL**, making it **visible**.
   * **POST** sends data in the **request body**, making it **hidden** from the URL.

3. **Security**:

   * **GET** is **less secure** for sensitive data (e.g., passwords).
   * **POST** is **more secure** for sending sensitive data.

4. **Caching**:

   * **GET** requests can be **cached** by browsers.
   * **POST** requests are **not cached** by default.

5. **Use Cases**:

   * Use **GET** for reading data (e.g., search, view pages).
   * Use **POST** for submitting forms, uploading files, or making changes.


9.  How do you handle errors in Flask APIs?

Ans- Errors in Flask APIs are handled using:

1. **Error Handlers** – You can define custom functions for specific error codes using `@app.errorhandler()`.
2. **Try-Except Blocks** – Used to catch exceptions within functions and return meaningful responses.
3. **HTTP Status Codes** – Send appropriate status codes (like 404, 400, 500) in the response to indicate the type of error.
4. **JSON Error Responses** – Return structured error messages in JSON format to help the client understand the issue.
5. **Logging** – Log errors for debugging and monitoring purposes.

These practices help improve API reliability and user experience.


10.  How do you connect Flask to a SQL database?

Ans- To connect Flask to a SQL database, you typically follow these steps:

1. **Choose a database** like SQLite, MySQL, or PostgreSQL.
2. **Install a database connector** (e.g., `Flask-SQLAlchemy`).
3. **Configure the database URI** in your Flask app settings.
4. **Initialize the database extension** (like SQLAlchemy) with your Flask app.
5. **Define models** to represent database tables.
6. **Use methods** to create, read, update, and delete records from the database.

This integration allows Flask to store and manage data efficiently.


11. What is the role of Flask-SQLAlchemy?

Ans- **Flask-SQLAlchemy** is an extension that integrates SQLAlchemy with Flask to make database operations easier. Its main roles are:

1. **Simplifies database setup** and connection in Flask apps.
2. **Provides an Object Relational Mapper (ORM)** to interact with databases using Python classes instead of SQL.
3. **Handles database sessions** and queries efficiently.
4. **Supports multiple database types** like SQLite, MySQL, and PostgreSQL.
5. **Integrates well with Flask features** like app configuration and request handling.

It helps developers build and manage databases in a more Pythonic and organized way.


12. What are Flask blueprints, and how are they useful?

Ans- **Flask blueprints** are a way to organize a Flask application into smaller, reusable components.

### They are useful because:

1. **Modular Structure** – Help split the app into separate parts (e.g., auth, admin, blog).
2. **Code Reusability** – You can reuse the same blueprint in different apps.
3. **Better Organization** – Keep routes, templates, and static files organized.
4. **Easier Maintenance** – Makes large applications easier to manage and scale.
5. **Central Registration** – All blueprints are registered in the main app file, giving a clear overview.

Blueprints improve clarity and structure, especially in large Flask projects.


13. What is the purpose of Flask's request object?

Ans- The **Flask `request` object** is used to access data sent by the client to the server during an HTTP request.

### Its main purposes are:

1. **Retrieve form data** from POST requests.
2. **Access query parameters** from the URL.
3. **Get JSON data** sent in the request body.
4. **Check request method** (GET, POST, etc.).
5. **Access headers, cookies, and files** in the request.

It helps the server understand and process what the client is asking for.


14. How do you create a RESTful API endpoint using Flask?

Ans- To create a RESTful API endpoint using Flask, you follow these basic steps:

1. **Import Flask** and create an app instance.
2. **Define a route** using `@app.route()` with the desired URL and HTTP methods (e.g., GET, POST).
3. **Create a function** that handles the request and returns a response (often in JSON format).
4. **Use the `request` object** to handle input data if needed.
5. **Return appropriate status codes** along with responses.

This setup allows your Flask app to serve as a RESTful API that clients can interact with using HTTP.


15. What is the purpose of Flask's jsonify() function?

Ans- The purpose of Flask's `jsonify()` function is to:

1. **Convert Python data** (like dictionaries or lists) into a **JSON response**.
2. **Set the correct MIME type** (`application/json`) for the response.
3. **Make API responses easier and more reliable** for clients to understand.
4. **Automatically handle character encoding and escaping** to ensure safety.

It simplifies sending structured data from a Flask API to the client.


16.  Explain Flask’s url_for() function.

Ans- Flask’s `url_for()` function is used to **generate URLs dynamically** for a given function name (endpoint).

### Its main purposes are:

1. **Avoid hardcoding URLs** – Makes the app more flexible and maintainable.
2. **Build URLs using route names** instead of manually typing paths.
3. **Automatically updates URLs** if routes change.
4. **Supports query parameters** by passing them as arguments.

It helps manage routing efficiently and keeps the code clean and error-free.


17. How does Flask handle static files (CSS, JavaScript, etc.)?

Ans- Flask handles static files (like **CSS, JavaScript, and images**) using a special **`static` folder**.

### Here's how it works:

1. **Place static files** in a folder named `static` in your project directory.
2. Flask automatically serves these files at the URL path **`/static/`**.
3. Use **`url_for('static', filename='yourfile.css')`** in templates to link them.
4. No need to write separate routes for static files.

This setup allows easy and organized management of front-end assets.


18. What is an API specification, and how does it help in building a Flask API?

Ans- An **API specification** is a detailed document that describes how an API should work, including its endpoints, request/response formats, methods, data types, and status codes.

### It helps in building a Flask API by:

1. **Providing a clear blueprint** for development.
2. **Ensuring consistency** across all endpoints.
3. **Helping front-end and back-end teams collaborate** effectively.
4. **Improving documentation** for users and developers.
5. **Enabling automatic testing and validation** of API behavior.

It acts like a contract between the API and its consumers, making development faster and more reliable.


19. What are HTTP status codes, and why are they important in a Flask API?

Ans- **HTTP status codes** are standardized 3-digit numbers returned by a server to indicate the result of a client’s request.

### They are important in a Flask API because:

1. **Communicate request outcomes** (success, error, etc.) clearly to clients.
2. **Help in debugging** by showing what went wrong (e.g., 404 Not Found, 500 Internal Server Error).
3. **Guide client actions** (e.g., retry on 503, redirect on 302).
4. **Improve user experience** with meaningful responses.
5. **Enable proper handling** of responses in front-end or third-party apps.

They make APIs predictable, informative, and easier to work with.


20. How do you handle POST requests in Flask?

Ans- To handle **POST requests** in Flask, you follow these steps:

1. **Define a route** with the `methods=['POST']` argument.
2. **Use the `request` object** to access data sent by the client (form data, JSON, etc.).
3. **Process the data** (e.g., store it in a database or perform calculations).
4. **Return a response** with a message and status code.

This allows the server to receive and act on data sent from forms, APIs, or applications.


21.  How would you secure a Flask API?

Ans- To **secure a Flask API**, you can follow these key practices:

1. **Use Authentication** – Implement API keys, tokens (like JWT), or OAuth to verify users.
2. **Validate Input Data** – Check and sanitize all incoming data to prevent injection attacks.
3. **Use HTTPS** – Encrypt communication between client and server.
4. **Limit Request Rates** – Apply rate limiting to prevent abuse or DDoS attacks.
5. **Enable CORS Carefully** – Control which domains can access your API.
6. **Handle Errors Gracefully** – Avoid exposing sensitive server information.
7. **Keep Dependencies Updated** – Use secure and up-to-date packages.
8. **Use Flask Extensions** – Like `Flask-Login`, `Flask-JWT-Extended`, and `Flask-Limiter`.

These steps help protect your API from unauthorized access and malicious activity.


22. What is the significance of the Flask-RESTful extension?

Ans- The **Flask-RESTful** extension is significant because it simplifies the process of building **RESTful APIs** in Flask.

### Its main benefits are:

1. **Provides a structured way** to create API resources using classes.
2. **Simplifies routing** by mapping HTTP methods (GET, POST, etc.) to class methods.
3. **Includes helpful tools** like input parsing and request validation.
4. **Improves code organization** and readability for larger APIs.
5. **Makes API development faster** and more maintainable.

It enhances Flask by offering a cleaner and more efficient way to build scalable REST APIs.


23.  What is the role of Flask’s session object?

Ans- The **Flask `session` object** is used to **store data specific to a user across multiple requests**.

### Its main roles are:

1. **Maintain user state** (e.g., login status) between different pages.
2. **Store temporary data** like user preferences or shopping cart items.
3. **Securely save data** using cryptographic signing.
4. **Simplify user experience** by remembering information during a session.

It helps manage user interactions in a more personalized and continuous way.


**PRACTICAL QUESTION**

In [None]:
# 1. How do you create a basic Flask application?
from flask import Flask, render_template

app = Flask(__name__)

@app.route("/")
def home():
    return render_template("index.html")

if __name__ == "__main__":
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [None]:
# 2.  How do you serve static files like images or CSS in Flask?
from flask import Flask, render_template

app = Flask(__name__)

@app.route("/")
def home():
    return render_template("index.html")

if __name__ == "__main__":
    app.run(debug=True)



 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [None]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to my Flask App!"


In [None]:
Running on http://127.0.0.1:5000/


SyntaxError: invalid syntax (ipython-input-5-2431995857.py, line 1)

In [None]:
!pip install pyngrok


Collecting pyngrok
  Downloading pyngrok-7.2.12-py3-none-any.whl.metadata (9.4 kB)
Downloading pyngrok-7.2.12-py3-none-any.whl (26 kB)
Installing collected packages: pyngrok
Successfully installed pyngrok-7.2.12


In [None]:
from pyngrok import ngrok

# Add your ngrok authtoken
ngrok.set_auth_token("30HStDQoabj41hFW9HwMZ92YF8n_5jT838RGYaCwp6tsNh2mQ")

In [None]:
from flask import Flask, request
from pyngrok import ngrok

# Initialize Flask app
app = Flask(__name__)

# Route for GET
@app.route('/get', methods=['GET'])
def get_example():
    return "This is a GET request!"

# Route for POST
@app.route('/post', methods=['POST'])
def post_example():
    data = request.form.get('data')
    return f"You sent this data via POST: {data}"

# Route for GET and POST form
@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        username = request.form.get('username')
        return f"Welcome, {username}!"
    return '''
        <form method="POST">
            Username: <input type="text" name="username">
            <input type="submit">
        </form>
    '''

# Route for PUT
@app.route('/put', methods=['PUT'])
def put_example():
    return "This is a PUT request!"

# Route for DELETE
@app.route('/delete', methods=['DELETE'])
def delete_example():
    return "This is a DELETE request!"

# Open public URL using ngrok
public_url = ngrok.connect(5000)
print("🚀 Your Flask app is live at:", public_url)

# Run Flask app
app.run()


🚀 Your Flask app is live at: NgrokTunnel: "https://200a9e255348.ngrok-free.app" -> "http://localhost:5000"
 * Serving Flask app '__main__'
 * Debug mode: off


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug:127.0.0.1 - - [27/Jul/2025 13:29:56] "[33mGET / HTTP/1.1[0m" 404 -
INFO:werkzeug:127.0.0.1 - - [27/Jul/2025 13:29:59] "[33mGET /favicon.ico HTTP/1.1[0m" 404 -


In [None]:
from flask import Flask
from pyngrok import ngrok

# Create Flask app
app = Flask(_name_)

# Define a simple route
@app.route("/")
def home():
    return "Hello, Flask from Google Colab!"

# Open a tunnel on port 5000
public_url = ngrok.connect(5000)
print("Public URL:", public_url)

# Run the Flask app
app.run(port=5000)


NameError: name '_name_' is not defined