#Questions & Answers[THEORY]

**Q1-What is a RESTful API?**

> A RESTful API (Representational State Transfer) is an architectural style for designing networked applications, enabling communication between systems over the internet. It uses standard HTTP methods (GET, POST, PUT, DELETE, etc.) to perform operations on resources, which are identified by unique URLs.


**Q2-Explain the concept of API specification.**

>An API specification is a formal document or standard that defines the structure, functionality, and behavior of an API (Application Programming Interface), serving as a blueprint for developers to understand how to interact with it. For RESTful APIs, it outlines how requests and responses should be formatted, the endpoints available, and the operations supported, ensuring consistency and clarity for both API providers and consumers.

**Q3-What is Flask, and why is it popular for building APIs?**

> Flask is a lightweight Python web framework designed for simplicity and flexibility, making it ideal for building web applications and RESTful APIs. It’s a microframework, meaning it provides only essential tools like routing and request handling, built on Werkzeug for HTTP processing and Jinja2 for templating, though templating is less relevant for APIs. Its minimalistic design lets developers customize their setup without rigid constraints.Flask’s popularity for APIs comes from its ease of use, allowing developers to create endpoints with minimal code, and its flexibility, which supports tailored solutions for small to medium projects or microservices. It seamlessly handles RESTful principles, like HTTP methods and JSON responses, and integrates with Python libraries for tasks like database management or authentication. The framework’s low overhead ensures fast performance, and its active community provides extensive resources. Flask excels in rapid prototyping and lightweight applications, though it requires more manual setup for complex systems compared to heavier frameworks like Django.

**Q4-What is routing in Flask?**

> Routing in Flask refers to the process of mapping URLs (or endpoints) to specific Python functions, called view functions, that handle HTTP requests and return responses. It determines how Flask directs incoming web requests to the appropriate code based on the URL and HTTP method (e.g., GET, POST). Routing is a core feature of Flask, enabling developers to define the structure and behavior of a web application or API.

**Q5-How do you create a simple Flask application?**

>To create a simple Flask application, you write a Python script that initializes a Flask app, defines routes to handle HTTP requests, and runs a web server. Below is a concise guide with example code for a basic Flask app with a RESTful API endpoint.First, ensure Python (3.6 or higher) is installed, then install Flask using pip install flask. Create a file named app.py. In it, import the Flask class, create an app instance, and define routes using the @app.route() decorator to map URLs to functions that return responses, such as JSON for APIs. Finally, run the app with a development server.

**Q6-What are HTTP methods used in RESTful APIs?**

> HTTP methods are standardized verbs used in RESTful APIs to define the type of operation a client wants to perform on a resource. They align with the principles of REST (Representational State Transfer) to enable consistent and predictable interactions with resources identified by URLs.

**Q7-What is the purpose of the @app.route() decorator in Flask?**

> The @app.route() decorator in Flask maps a URL path to a Python function that handles HTTP requests for that path. It defines the endpoint (e.g., / or /api/users) and specifies which HTTP methods (e.g., GET, POST) the function responds to. When a client sends a request to the URL, Flask triggers the associated function, which processes the request and returns a response, such as JSON for APIs. This enables routing in Flask, allowing developers to create web pages or RESTful API endpoints by linking URLs to specific logic.

**Q8-What is the difference between GET and POST HTTP methods?**

> The GET and POST HTTP methods serve different purposes in RESTful APIs and web interactions. GET retrieves data from a server without modifying it, using query parameters in the URL (e.g., `/api/users?id=123`), making it safe, idempotent, and cacheable but less secure for sensitive data due to URL visibility. POST sends data in the request body (e.g., JSON like `{"name": "Alice"}`) to create a resource or trigger an action, altering server state, so it’s not safe, not idempotent, and not typically cached, but better for sensitive or large data. In Flask, GET might fetch a user with `@app.route('/api/users/<id>', methods=['GET'])`, while POST creates a user with `@app.route('/api/users', methods=['POST'])` and `request.get_json()`.

**Q9-How do you handle errors in Flask APIs?**

> In Flask APIs, error handling ensures the application gracefully manages issues like invalid requests or server failures, returning clear, REST-compliant JSON responses with appropriate HTTP status codes. You primarily use the @app.errorhandler decorator to define custom handlers for specific HTTP status codes or exceptions. For example, to handle 404 Not Found errors, you can define a function that returns a JSON error message with a 404 status:

**Q10-How do you connect Flask to a SQL database?**

> Connecting a Flask application to a SQL database allows you to store and manage data for your RESTful API, enabling dynamic operations like creating, reading, updating, and deleting records. The process involves selecting a database, installing necessary Python libraries, configuring the connection, and integrating it with Flask routes to handle database operations. Below is a concise explanation with an example using SQLite and SQLAlchemy, a popular ORM (Object-Relational Mapping) tool for Flask.


**Q11-What is the role of Flask-SQLAlchemy?**

> Flask-SQLAlchemy is an extension for Flask that simplifies integration with SQL databases by providing an Object-Relational Mapping (ORM) layer, built on top of SQLAlchemy, a powerful Python SQL toolkit. Its role in a Flask application is to streamline database operations, making it easier to connect to a database, define models, and perform CRUD (Create, Read, Update, Delete) operations while maintaining a Pythonic interface. Below is a concise explanation of its role, tailored to the context of building RESTful APIs with Flask, as discussed previously.

**Q12-What are Flask blueprints, and how are they useful?**

> Flask Blueprints are a feature of the Flask web framework that allow developers to organize and modularize their application by grouping related routes, templates, and static files into reusable components. They are particularly useful for building large or complex Flask applications, including RESTful APIs, by enabling better code organization, reusability, and scalability. Below is a concise explanation of Flask Blueprints and their utility, tailored to the context of Flask and RESTful APIs discussed previously.

**Q13-What is the purpose of Flask's request object?**

> Flask's request object is a global object provided by the Flask framework to access and handle incoming HTTP request data within a view function. Its purpose is to give developers a convenient way to retrieve details about the client’s request, such as URL parameters, form data, JSON payloads, headers, and other request metadata, enabling dynamic processing in web applications and RESTful APIs. Below is a concise explanation of its role, tailored to the context of Flask and RESTful APIs discussed previously.

**Q14-How do you create a RESTful API endpoint using Flask?**

> Flask’s routing, the request object for handling incoming data, and often Flask-SQLAlchemy for database interactions, as discussed in your previous questions. Below is a concise guide to creating a RESTful API endpoint, with an example that integrates these concepts without using a pointwise format.To start, ensure you have Flask and Flask-SQLAlchemy installed (pip install flask flask-sqlalchemy). Create a Python file, e.g., app.py, and set up a Flask application. Configure Flask-SQLAlchemy to connect to a database (e.g., SQLite) for persistent data storage. Define a model to represent the resource (e.g., a User) and create the database. Then, use the @app.route() decorator to define an endpoint that handles specific HTTP methods, processes input via the request object, and returns JSON responses with appropriate HTTP status codes. Optionally, organize the endpoint in a Blueprint for modularity and handle errors for robustness.

**Q15-What is the purpose of Flask's jsonify() function?**

> Flask’s `jsonify()` function is used to create a proper JSON response from Python data. It automatically converts Python dictionaries or lists into JSON, sets the correct content type (`application/json`), and ensures the response is correctly formatted for clients like browsers or APIs

**Q16-M Explain Flask’s url_for() function?**

> Flask’s `url_for()` function is used to build dynamic URLs for your application. Instead of hardcoding links, you can pass the name of the view function and any required arguments, and `url_for()` will generate the correct URL for you. This makes your code more flexible and maintainable, especially if you later change route patterns. For example, if you have a route defined as `@app.route('/user/<username>')`, you can generate its URL in code or templates using `url_for('profile', username='Alice')`, which will return `/user/Alice`. This ensures that links stay consistent with the routes defined in your app.

**Q17- How does Flask handle static files (CSS, JavaScript, etc.)?**

>Flask handles static files by serving them from a special folder named **`static`** inside your project directory. When you create this folder and place files like CSS, JavaScript, or images in it, Flask makes them accessible through the `/static/` URL path. For example, if you have a file called `style.css` inside the `static` folder, you can access it at `http://localhost:5000/static/style.css`. In templates, you usually use `url_for('static', filename='style.css')` to link to these files, which ensures the correct path is generated. This setup allows Flask to serve front-end assets easily without requiring additional configuration

**Q18-What is an API specification, and how does it help in building a Flask API?**

> An API specification is a detailed description of how an API should work. It defines the available endpoints, the request methods they support, the required inputs such as parameters or body data, and the structure of the responses. It may also include information about authentication, error handling, and data formats like JSON.

When building a Flask API, the specification acts as a blueprint that guides development. It ensures both backend developers and frontend or client developers understand exactly how the API should behave, reducing confusion and mistakes. It also makes it easier to test and document the API, since the rules for communication are clearly defined in advance. In collaborative projects, having an API specification allows teams to work in parallel—clients can start building against the documented API before the backend is fully implemented.

**Q19-What are HTTP status codes, and why are they important in a Flask API?**

> HTTP status codes are standardized three-digit numbers sent by a server in response to a client’s request to indicate the outcome of that request. They communicate whether the request was successful, if there was an error, or if some further action is needed. In a Flask API, these codes are important because they provide clear feedback to the client about what happened. For example, a `200` code means the request was successful, `404` means the requested resource was not found, and `500` signals a server error. By using the right status codes, a Flask API becomes easier to understand, debug, and integrate with, since clients can reliably determine how to handle different responses

**Q20-How do you handle POST requests in Flask?**

> In Flask, you handle POST requests by defining a route that accepts the `POST` method and then accessing the data sent in the request. For example, if a client submits form data or JSON, you can retrieve it inside the route function using `request.form` for form fields or `request.json` for JSON data. A typical setup involves importing `request` from Flask, creating a route with `methods=['POST']`, and then processing the incoming data. After handling the request, you return a response, often in JSON format using `jsonify()`. This allows your API to accept and process data sent from clients, such as login details, form submissions, or data to be stored in a database.

**Q21-How would you secure a Flask API?**

> Securing a Flask API involves protecting it from unauthorized access, data leaks, and malicious activity. You typically do this by requiring authentication so that only trusted clients can use the API, for example through tokens, API keys, or OAuth. You also implement authorization to make sure users can only access the resources they’re allowed to. Using HTTPS is essential so that data traveling between the client and server is encrypted. Input validation and sanitization help prevent attacks like SQL injection or cross-site scripting, while rate limiting can stop abuse by restricting how many requests a client can make in a given time. It’s also important to handle errors carefully without exposing sensitive details, keep dependencies updated, and follow the principle of least privilege when accessing databases or external services. Altogether, these practices ensure the API remains safe, reliable, and trustworthy.

**Q22-What is the significance of the Flask-RESTful extension?**

> The Flask-RESTful extension simplifies the process of building REST APIs with Flask by providing tools and abstractions that reduce boilerplate code. Instead of manually handling routes and request parsing, it allows you to structure your API around resources, each represented as a class with methods corresponding to HTTP verbs like GET, POST, PUT, and DELETE. It also includes built-in support for input validation, request parsing, and standardized error handling, which makes your code cleaner and more consistent. By organizing an API this way, Flask-RESTful makes it easier to develop, scale, and maintain RESTful services while following common design patterns

**Q23-What is the role of Flask’s session object?**

> Flask’s session object is used to store information about a user across multiple requests. Since HTTP is stateless, the server doesn’t remember anything between requests, but the session object provides a way to persist data temporarily for each user. It stores data on the server side but keeps a session identifier in the client’s browser using a secure cookie. This allows you to track things like login status, user preferences, or items in a shopping cart as the user navigates through the app. The data is signed with the app’s secret key to prevent tampering, making sessions both convenient and secure for maintaining state in a Flask application.

#Questions & Answers[PRACTICAL]

**Q1-How do you create a basic Flask application?**

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


**Q2-How do you serve static files like images or CSS in Flask?**

In [None]:
from flask import Flask, render_template, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


**Q3- How do you define different routes with different HTTP methods in Flask?**

In [None]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/hello', methods=['GET'])
def hello():
    return "This is a GET request"

@app.route('/hello', methods=['POST'])
def hello_post():
    data = request.form.get('name')
    return f"Hello, {data}! (POST request)"

if __name__ == '__main__':
    app.run(debug=True)


**Q4- How do you render HTML templates in Flask?**

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html', title="Flask App", message="Hello from Flask!")

if __name__ == '__main__':
    app.run(debug=True)


**Q5-How can you generate URLs for routes in Flask using url_for?**

In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "This is the home page"

@app.route('/user/<username>')
def profile(username):
    return f"Hello, {username}!"

@app.route('/links')
def links():
    # Generate URLs dynamically
    home_url = url_for('home')
    profile_url = url_for('profile', username='Alice')
    return f"Home: {home_url} | Profile: {profile_url}"

if __name__ == '__main__':
    app.run(debug=True)


**Q6-How do you handle forms in Flask?**

In [None]:
from flask import Flask, render_template, request

app = Flask(__name__)

@app.route('/form')
def form():
    return render_template('form.html')

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')   # Access form data
    email = request.form.get('email')
    return render_template('result.html', name=name, email=email)

if __name__ == '__main__':
    app.run(debug=True)


**Q7-How can you validate form data in Flask?**

In [None]:
from flask import Flask, render_template, request

app = Flask(__name__)

@app.route('/form')
def form():
    return render_template('form.html')

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')
    email = request.form.get('email')

    errors = []
    if not name or name.strip() == "":
        errors.append("Name is required.")
    if not email or "@" not in email:
        errors.append("Valid email is required.")

    if errors:
        return render_template('form.html', errors=errors)

    return f"Form submitted successfully! Name: {name}, Email: {email}"

if __name__ == '__main__':
    app.run(debug=True)


**Q8-How do you manage sessions in Flask?**

In [None]:
from flask import Flask, session, redirect, url_for, request, render_template

app = Flask(__name__)
app.secret_key = "supersecretkey"  # Required to sign session cookies

@app.route('/')
def home():
    # Check if user is logged in
    if 'username' in session:
        return f"Welcome back, {session['username']}!"
    return "You are not logged in. <a href='/login'>Login here</a>"

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']  # Store data in session
        return redirect(url_for('home'))
    return '''
        <form method="POST">
            <p><input type="text" name="username" placeholder="Enter your name">
            <p><button type="submit">Login</button>
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None)  # Remove username from session
    return redirect(url_for('home'))

if __name__ == '__main__':
    app.run(debug=True)


**Q9-How do you redirect to a different route in Flask?

In [None]:
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "This is the Home Page"

@app.route('/login')
def login():
    # After login, redirect to the dashboard
    return redirect(url_for('dashboard'))

@app.route('/dashboard')
def dashboard():
    return "Welcome to your Dashboard!"

if __name__ == '__main__':
    app.run(debug=True)


**Q10- How do you handle errors in Flask (e.g., 404)?

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page!"

# Handle 404 Not Found
@app.errorhandler(404)
def page_not_found(error):
    return render_template('404.html'), 404

# Handle 500 Internal Server Error
@app.errorhandler(500)
def internal_error(error):
    return render_template('500.html'), 500

if __name__ == '__main__':
    app.run(debug=True)


**Q11- How do you structure a Flask app using Blueprints?**

In [None]:
from flask import Flask
from auth.routes import auth_bp
from blog.routes import blog_bp

app = Flask(__name__)

# Register Blueprints
app.register_blueprint(auth_bp, url_prefix="/auth")
app.register_blueprint(blog_bp, url_prefix="/blog")

@app.route('/')
def home():
    return "Welcome to the Main Home Page!"

if __name__ == '__main__':
    app.run(debug=True)


**Q12-How do you define a custom Jinja filter in Flask?**

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

# Define a custom filter to reverse a string
@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

@app.route('/')
def home():
    return render_template('index.html', name="Flask")

if __name__ == '__main__':
    app.run(debug=True)


**Q13- How can you redirect with query parameters in Flask?**

In [None]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page!"

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Search results for: {query}"

@app.route('/go')
def go():
    # Redirect to /search with query parameter ?q=flask
    return redirect(url_for('search', q='flask'))

if __name__ == '__main__':
    app.run(debug=True)


**Q14-How do you return JSON responses in Flask?**

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/user')
def user():
    data = {
        "name": "Alice",
        "age": 25,
        "is_admin": False
    }
    return jsonify(data)   # Converts dict → JSON

if __name__ == '__main__':
    app.run(debug=True)


**Q15-How do you capture URL parameters in Flask?**

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user(username):
    return f"Hello, {username}!"

@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f"Viewing post with ID: {post_id}"

if __name__ == '__main__':
    app.run(debug=True)
