 1) What is a RESTful API?

 Ans:- A RESTful API (Representational State Transfer Application Programming Interface) is a type of web API that follows the principles of REST architecture, which is a set of guidelines for creating scalable and stateless web services.

Key Concepts of RESTful APIs:
Statelessness:
Each request from a client to a server must contain all the information needed to understand and process the request. The server doesn't store client context between requests.

Resources:
Everything in a RESTful API is treated as a resource (e.g., users, posts, products) and is accessed using a URI (Uniform Resource Identifier), like:


In [141]:
GET /users/123


NameError: name 'GET' is not defined

HTTP Methods:
RESTful APIs use standard HTTP methods to perform actions on resources:

GET – Retrieve data (e.g., GET /users)

POST – Create a new resource (e.g., POST /users)

PUT – Update an existing resource (e.g., PUT /users/123)

DELETE – Remove a resource (e.g., DELETE /users/123)

JSON (or XML) Format:
Data is typically exchanged in JSON (JavaScript Object Notation), although XML is also supported.

Stateless Communication:
Each API call is independent; the server does not retain client session data.

Uniform Interface:
REST enforces a consistent interface, making it easier to use and understand across different systems.

Example:
Suppose you're building an API for a book store.

GET /books – List all books

GET /books/1 – Get details of book with ID 1

POST /books – Add a new book

PUT /books/1 – Update book with ID 1

DELETE /books/1 – Delete book with ID 1


2) Explain the concept of API specification?

Ans:- An API specification is a formal, structured document that defines how an API behaves and how developers can interact with it. It serves as a blueprint for both the API’s implementation and its consumption by client applications.

🔍 Key Aspects of an API Specification:
Endpoints:
The URLs through which resources are accessed (e.g., /users, /orders/{id}).

HTTP Methods:
Defines which HTTP verbs are allowed for each endpoint (e.g., GET, POST, PUT, DELETE).

Request Structure:
Describes what input is expected from the client:

Headers

Query parameters

Request body (with data types and required fields)

Response Structure:
Describes what the server will return:

HTTP status codes (200, 404, 500, etc.)

Response body (with data types, structure, and possible examples)

Authentication/Authorization:
Specifies how clients should authenticate (e.g., API keys, OAuth tokens).

Data Formats:
Usually JSON or XML. The spec defines the schema of inputs/outputs.

Error Handling:
Defines how errors are communicated, with codes and message formats.

📘 Why API Specifications Matter:
Consistency: Ensures different teams understand and implement the API the same way.

Automation: Enables tools to generate client libraries, documentation, and server stubs automatically.

Documentation: Acts as a source of truth for developers using the API.

Validation: Helps validate requests and responses against the expected format.

🛠️ Popular API Specification Standards:
OpenAPI (formerly Swagger) – Most widely used for RESTful APIs.

RAML – RESTful API Modeling Language.

API Blueprint – Markdown-based API description language.

GraphQL SDL – Used to define GraphQL schemas.

🧠 Example (OpenAPI Snippet):


In [140]:
paths:
  /users/{id}:
    get:
      summary: Get user by ID
      parameters:
        - in: path
          name: id
          required: true
          schema:
            type: integer
      responses:
        200:
          description: A user object
        404:
          description: User not found
      summary: Get user by ID
      parameters:
        - in: path
          name: id
          required: true
          schema:
            type: integer
      responses:
        200:
          description: A user object
        404:
          description: User not found



SyntaxError: invalid syntax (<ipython-input-140-9d91899e6cc5>, line 1)

 3) What is Flask, and why is it popular for building APIs?

 Ans:- Flask is a lightweight, open-source web framework for Python that's especially popular for building web applications and RESTful APIs.

🔧 What is Flask?
Framework: A micro web framework for Python, meaning it provides the essentials without enforcing a particular project layout or including many built-in tools.

WSGI-compliant: It works with Python’s WSGI standard for serving web apps.

🚀 Why Flask is Popular for Building APIs:
Lightweight and Minimal:
Flask doesn't come with too many built-in features, which gives developers full control and flexibility. You only add what you need.

Easy to Learn and Use:
Its syntax and structure are clean and beginner-friendly, which makes it ideal for rapid development.

RESTful Routing:
Flask makes it simple to define API endpoints using Python functions and decorators.



In [2]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/hello', methods=['GET'])
def hello():
    return jsonify({'message': 'Hello, world!'})


Extensible:
You can easily integrate third-party libraries for:

Authentication

Database access (like SQLAlchemy)

Input validation (like Marshmallow)

API documentation (like Swagger via Flask-RESTX or Flask-RESTPlus)

Great for Prototyping:
Because it’s so quick to set up, Flask is commonly used in startups and hackathons to build MVPs (Minimum Viable Products).

Vast Community and Resources:
It has extensive documentation, tutorials, and a large developer community for support.

Compatible with OpenAPI Tools:
With extensions like Flask-RESTX, you can auto-generate OpenAPI-compliant specs and interactive documentation (Swagger UI).

🧠 When to Use Flask for APIs:
When you want full control over how things are structured.

When you're building a small to medium-sized API.

When you want to build something quickly and simply.

When you don’t need a full-stack framework like Django.



5) How do you create a simple Flask application?

Ans:- Creating a simple Flask application is straightforward. Here's a step-by-step guide to help you build your first basic Flask app.

✅ Step 1: Install Flask
Make sure you have Python installed. Then install Flask using pip:



In [4]:
pip install Flask




✅ Step 2: Create a Simple Flask App
Create a Python file, e.g., app.py, with the following code:


In [5]:
from flask import Flask

app = Flask(__name__)  # Create the Flask app

@app.route('/')  # Define the route for the home page
def hello_world():
    return 'Hello, World!'  # Response returned to the browser

# Run the app
if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


✅ Step 3: Run the App
In your terminal, run:

In [6]:
!python app.py

python3: can't open file '/content/app.py': [Errno 2] No such file or directory


By default, the app will start on http://127.0.0.1:5000/

✅ Step 4: Test It
Open your browser and go to http://127.0.0.1:5000/

You should see:

In [7]:
print("Hello, World!")

Hello, World!


🚀 Want to Add an API Endpoint?
Add a route that returns JSON data:

In [8]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Flask API!'

@app.route('/api/data', methods=['GET'])
def get_data():
    data = {
        'name': 'Alice',
        'age': 30,
        'location': 'Earth'
    }
    return jsonify(data)

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


Now if you go to http://127.0.0.1:5000/api/data, you’ll get:

In [139]:
{
  "name": "Alice",
  "age": 30,
  "location": "Earth"
}


{'name': 'Alice', 'age': 30, 'location': 'Earth'}

7)  What are HTTP methods used in RESTful APIs?

Ans:- In RESTful APIs, HTTP methods are used to perform actions on resources. Each method represents a specific kind of operation. Here's a breakdown of the most commonly used ones:

🔑 Common HTTP Methods in RESTful APIs:
Method	Purpose	Typical Use Case
GET	Read / Retrieve data	Fetch a resource or a list of resources
POST	Create a new resource	Add a new user, product, post, etc.
PUT	Update an existing resource	Replace an existing resource entirely
PATCH	Partially update a resource	Modify only certain fields of a resource
DELETE	Delete a resource	Remove a specific resource from the server
OPTIONS	Describe allowed operations	Used by browsers for CORS preflight requests
HEAD	Like GET, but without body	Check if a resource exists, get headers only

📘 Example: Managing Users
Let's say you have a resource called users.

Action	HTTP Method	Endpoint
Get all users	GET	/users
Get a specific user	GET	/users/123
Create a new user	POST	/users
Update user with ID 123	PUT	/users/123
Partially update user 123	PATCH	/users/123
Delete user 123	DELETE	/users/123

🔒 Notes on Usage
GET, HEAD, and OPTIONS are safe methods (they don’t change data).

PUT and POST are not idempotent (except PUT, if designed properly).

Always return appropriate status codes (200 OK, 201 Created, 404 Not Found, 400 Bad Request, etc.).



 7) What is the purpose of the @app.route() decorator in Flask?

 Ans:- The @app.route() decorator in Flask is used to map a URL path to a specific Python function, which is known as a view function.

🎯 Purpose of @app.route()
It registers a route with the Flask application.

It tells Flask: “When someone visits this URL, run this function and return the response.”

🧠 How It Works:


In [138]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the homepage!'


@app.route('/'):
Binds the / URL (root path) to the home() function.

When a user visits http://localhost:5000/, Flask runs home() and returns its result to the browser.

🔁 You Can Map Multiple Routes:

In [137]:
@app.route('/hello')
@app.route('/hi')
def greet():
    return 'Hello there!'


This maps both /hello and /hi to the same function.

⚙️ Add HTTP Method Restrictions:
By default, a route only accepts GET requests. To allow other methods like POST:

In [136]:
@app.route('/submit', methods=['POST'])
def submit():
    return 'Form submitted!'



 8) What is the difference between GET and POST HTTP methods?

 ANS:- The GET and POST HTTP methods are both used to communicate between a client (usually a web browser or app) and a server, but they serve different purposes and behave differently.

🔍 Key Differences Between GET and POST
Feature	GET	POST
Purpose	Retrieve data (read-only)	Send data to the server (create/update)
Data Location	Appended in the URL (query string)	Sent in the request body
Visibility	Visible in browser address bar	Hidden from the URL
Length Limit	Limited (URL length restrictions)	No real size limit (depends on server)
Caching	Can be cached by browsers	Usually not cached
Bookmarkable	Yes	No
Idempotent	Yes (safe to repeat)	Not necessarily (may cause side effects)
Use Case	Fetching data, pages, or search results	Submitting forms, uploading files, login

🧠 Examples
✅ GET Example

In [15]:
The provided input is not a Python syntax error. It's a `curl` command for making an HTTP request. I cannot fix this as a Python syntax error.

SyntaxError: unterminated string literal (detected at line 1) (<ipython-input-15-006098463888>, line 1)

Use this to search for something. The query is part of the URL.

✅ POST Example

In [16]:
Syntax Error: The provided code is not Python code. It appears to be an HTTP request.
{
  "username": "alice",
  "password": "secret123"
}


SyntaxError: invalid syntax (<ipython-input-16-6327fccffae5>, line 1)

9)  How do you handle errors in Flask APIs?

Ans:- Handling errors properly in a Flask API is crucial for providing clear feedback to clients and ensuring your application behaves predictably.

Flask allows you to handle errors in a few different ways:

✅ 1. Using abort() to Raise HTTP Errors
You can use Flask’s built-in abort() function to return specific HTTP status codes.


In [135]:
from flask import Flask, abort

app = Flask(__name__)

@app.route('/item/<int:item_id>')
def get_item(item_id):
    if item_id != 1:
        abort(404)  # Returns a 404 Not Found error
    return {'item': 'Item found'}


✅ 2. Custom Error Handlers
You can define custom responses for specific HTTP error codes using the @app.errorhandler() decorator.


In [134]:
from flask import jsonify

@app.errorhandler(404)
def not_found(error):
    return jsonify({'error': 'Resource not found'}), 404

@app.errorhandler(400)
def bad_request(error):
    return jsonify({'error': 'Bad request'}), 400

@app.errorhandler(500)
def internal_error(error):
    return jsonify({'error': 'Internal server error'}), 500



✅ 3. Handling Exceptions Gracefully
You can handle exceptions like ValueError, KeyError, etc., in routes or globally:

In [133]:
@app.route('/divide')
def divide():
    try:
        x = int(request.args.get('x', 0))
        y = int(request.args.get('y', 1))
        result = x / y
        return jsonify({'result': result})
    except ZeroDivisionError:
        return jsonify({'error': 'Cannot divide by zero'}), 400
    except Exception as e:
        return jsonify({'error': str(e)}), 500


✅ 4. Using make_response() for Custom Headers
You can use make_response() if you need more control over the response (e.g. custom headers):

In [132]:
from flask import make_response

@app.route('/unauthorized')
def unauthorized():
    response = make_response(jsonify({'error': 'Unauthorized'}), 401)
    response.headers['X-Custom-Header'] = 'Value'
    return response


🔐 Bonus: Custom Exception Classes
You can create and raise your own exceptions for a more organized error-handling structure:

In [131]:
class InvalidUsage(Exception):
    status_code = 400
    def __init__(self, message):
        self.message = message

@app.errorhandler(InvalidUsage)
def handle_invalid_usage(error):
    response = jsonify({'error': error.message})
    return response, error.status_code


10) How do you connect Flask to a SQL database?

Ans:- To connect Flask to a SQL database, the most common and recommended approach is using SQLAlchemy, an ORM (Object-Relational Mapper) that integrates smoothly with Flask via the Flask-SQLAlchemy extension.

✅ Steps to Connect Flask to a SQL Database
📦 1. Install Required Packages

In [130]:
pip install Flask Flask-SQLAlchemy




You’ll also need a database driver depending on your DB:

SQLite: Built-in with Python

PostgreSQL: pip install psycopg2

MySQL: pip install pymysql

🛠️ 2. Set Up Your Flask App

In [129]:
from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)

# Example: Using SQLite (for local/testing)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///mydatabase.db'

# Optional: to suppress warning
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

# Initialize SQLAlchemy with the app
db = SQLAlchemy(app)


📇 3. Define Models (Tables)


In [127]:
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(80), unique=True, nullable=False)
    email = db.Column(db.String(120), unique=True, nullable=False)

    def __repr__(self):
        return f'<User {self.username}>'


  super().__init__(name, bases, d, **kwargs)


InvalidRequestError: Table 'user' is already defined for this MetaData instance.  Specify 'extend_existing=True' to redefine options and columns on an existing Table object.


🧱 4. Create the Database and Tables
You can use the Python shell or a setup script

In [128]:
with app.app_context():
    db.create_all()  # Creates the tables based on the models


🔄 5. CRUD Operations
➕ Add a User:


In [27]:
new_user = User(username='alice', email='alice@example.com')
db.session.add(new_user)
db.session.commit()


RuntimeError: Working outside of application context.

This typically means that you attempted to use functionality that needed
the current application. To solve this, set up an application context
with app.app_context(). See the documentation for more information.

🔍 Query Users:


In [28]:
users = User.query.all()
user = User.query.filter_by(username='alice').first()


RuntimeError: Working outside of application context.

This typically means that you attempted to use functionality that needed
the current application. To solve this, set up an application context
with app.app_context(). See the documentation for more information.

✏️ Update:


In [29]:
user.email = 'newalice@example.com'
db.session.commit()


NameError: name 'user' is not defined

❌ Delete:


In [126]:
db.session.delete(user)
db.session.commit()


NameError: name 'user' is not defined

🔗 Other Database Options
If you don’t want an ORM:

Use sqlite3 (built-in)

Use psycopg2 for PostgreSQL manually

Use PyMySQL for raw MySQL access

But SQLAlchemy is highly recommended for most use cases.


11) What is the role of Flask-SQLAlchemy?

Ans:- Flask-SQLAlchemy is an extension for Flask that integrates SQLAlchemy (a powerful SQL toolkit and Object-Relational Mapper) into your Flask application in a simple and Pythonic way.

🎯 Role of Flask-SQLAlchemy
Flask-SQLAlchemy acts as a bridge between Flask and SQLAlchemy, making it easier to:

Connect Flask to relational databases (like SQLite, PostgreSQL, MySQL).

Define models (tables) using Python classes.

Perform CRUD operations using object-oriented syntax instead of raw SQL.

Manage database sessions and connections efficiently.

Create and manage the database schema via Python code.

🔧 Key Features
Feature	Description
ORM Integration	Use Python classes to interact with tables.
Connection Management	Handles opening/closing DB connections.
Declarative Syntax	Define models easily using class-based syntax.
Simplified Configuration	Works seamlessly with Flask config.
Context-Aware Sessions	Automatically manages sessions within Flask app context.

🧱 Example Role in a Flask App


In [125]:
from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///example.db'

# Flask-SQLAlchemy instance
db = SQLAlchemy(app)

# Model (represents a table)
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(80), nullable=False)


With Flask-SQLAlchemy:

User class automatically maps to a table.

You can query using User.query.filter_by(name='Alice').

No manual connection or SQL handling needed.

12) What are Flask blueprints, and how are they useful?

Ans:- Flask Blueprints are a way to organize and modularize a Flask application by grouping related routes, templates, static files, and other code into reusable components.

🎯 What are Flask Blueprints?
Think of blueprints as mini Flask apps or modules inside your main Flask app.

They allow you to split your application into smaller, manageable parts.

Each blueprint can have its own:

Routes (endpoints)

Templates

Static files

Error handlers

Later, you register these blueprints on the main Flask app.

🛠️ Why Are They Useful?
Organization
Helps keep your project structure clean, especially when your app grows big.

Reusability
Blueprints can be reused across different projects or apps.

Collaboration
Multiple developers can work on different blueprints independently.

Separation of Concerns
You can logically separate features, e.g., one blueprint for user management, another for blog posts.

🔥 Example Usage
Create a blueprint (users.py):


In [124]:
from flask import Blueprint

users_bp = Blueprint('users', __name__)

@users_bp.route('/users')
def list_users():
    return "List of users"



Register blueprint in the main app (app.py):


In [123]:
from flask import Flask
from users import users_bp  # Import the blueprint

app = Flask(__name__)
app.register_blueprint(users_bp)  # Register blueprint

if __name__ == '__main__':
    app.run(debug=True)


ModuleNotFoundError: No module named 'users'

🚀 Advanced
Blueprints can have URL prefixes

In [122]:
app.register_blueprint(users_bp, url_prefix='/api')


NameError: name 'users_bp' is not defined

13) What is the purpose of Flask's request object?

Ans:- The Flask request object represents the incoming HTTP request sent by a client to your Flask application. It provides all the data and information about that request in an easy-to-access, Pythonic way.

🎯 Purpose of Flask's request object:
To access data sent by the client (browser, API client, etc.)

To retrieve HTTP method, headers, form data, JSON payload, cookies, query parameters, and more

To help you handle and process the details of the client’s request within your route functions

🔍 What You Can Access via request:
Attribute/Method	Description
request.method	HTTP method (GET, POST, PUT, etc.)
request.args	URL query parameters (for GET requests)
request.form	Form data submitted via POST
request.json	Parsed JSON payload
request.headers	HTTP headers dictionary
request.cookies	Cookies sent by the client
request.data	Raw request data as bytes
request.files	Uploaded files
request.path	The URL path
request.url	Full URL of the request

🧠 Example Usage

In [121]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')      # Get form field 'name'
    data = request.json                  # Get JSON payload (if any)
    user_agent = request.headers.get('User-Agent')
    return f"Hello, {name}! Your user agent is {user_agent}."


14) How do you create a RESTful API endpoint using Flask?

Ans:- Creating a RESTful API endpoint in Flask is straightforward! You define a route that responds to HTTP methods (GET, POST, etc.) and returns data, usually in JSON format.

Step-by-step to create a simple RESTful API endpoint in Flask
1. Set up Flask


In [120]:
from flask import Flask, jsonify, request

app = Flask(__name__)


2. Create an API endpoint
Example: A simple endpoint to manage a list of users.

In [119]:
users = [
    {'id': 1, 'name': 'Alice'},
    {'id': 2, 'name': 'Bob'}
]

@app.route('/api/users', methods=['GET'])
def get_users():
    return jsonify(users)


AssertionError: View function mapping is overwriting an existing endpoint function: get_users

@app.route('/api/users', methods=['GET']): defines the endpoint /api/users for GET requests.

jsonify(users): sends the Python list as a JSON response.

3. Add POST to create a new user

In [118]:
@app.route('/api/users', methods=['POST'])
def create_user():
    new_user = request.get_json()  # Get JSON data from request body
    users.append(new_user)         # Add the new user to the list
    return jsonify(new_user), 201  # Return the new user with HTTP 201 Created


AssertionError: View function mapping is overwriting an existing endpoint function: create_user

4. Run the app

In [117]:
if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


Full example:

In [116]:
from flask import Flask, jsonify, request

app = Flask(__name__)

users = [
    {'id': 1, 'name': 'Alice'},
    {'id': 2, 'name': 'Bob'}
]

@app.route('/api/users', methods=['GET'])
def get_users():
    return jsonify(users)

@app.route('/api/users', methods=['POST'])
def create_user():
    new_user = request.get_json()
    users.append(new_user)
    return jsonify(new_user), 201

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


Testing the API
GET /api/users — fetch all users.

POST /api/users — add a new user by sending JSON like:

In [115]:
{
  "id": 3,
  "name": "Charlie"
}


{'id': 3, 'name': 'Charlie'}

15) What is the purpose of Flask's jsonify() function?

Ans:- The jsonify() function in Flask is used to convert Python data structures into JSON format and return them as a proper HTTP response with the correct content type.

🎯 Purpose of jsonify():
Serializes Python data (like dicts or lists) into a JSON response.

Automatically sets the Content-Type header to application/json.

Ensures the response is well-formed and standards-compliant for REST APIs.

✅ Example

In [114]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {'name': 'Alice', 'age': 30}
    return jsonify(data)


What it does:

Converts the data dictionary to JSON.

Returns it with a 200 OK status and Content-Type: application/json.

📌 Why not just return json.dumps()?

In [113]:
# Not recommended (manual)
import json
return json.dumps(data), 200, {'Content-Type': 'application/json'}


SyntaxError: 'return' outside function (<ipython-input-113-ccb1b282cd3e>, line 3)

You can do this, but it's more error-prone.

jsonify() handles edge cases and headers for you.

🧠 Also Supports Multiple Args:

In [112]:
return jsonify(name='Alice', age=30)


SyntaxError: 'return' outside function (<ipython-input-112-fcaff30c892e>, line 1)

16) Explain Flask’s url_for() function?

Ans:- The url_for() function in Flask is used to dynamically generate URLs for your application’s routes based on the function name of the view, rather than hardcoding the URL paths.

🎯 Why url_for() is Important:
Avoids hardcoding URLs, making your app more maintainable.

Automatically handles changes in route paths.

Supports URL building with arguments for dynamic routes.

Works seamlessly with templates and redirects.

✅ Basic Example

In [111]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/about')
def about():
    return 'About Page'

@app.route('/')
def home():
    # Generates: '/about'
    return f'The about page is at {url_for("about")}'


🧩 Example with Dynamic Routes


In [110]:
@app.route('/user/<username>')
def profile(username):
    return f'User: {username}'

@app.route('/')
def index():
    # Generates: '/user/john'
    return url_for('profile', username='john')


🧪 Common Use Cases
Use Case	Example
Generate internal URL	url_for('home')
Redirects	redirect(url_for('dashboard'))
HTML templates	<a href="{{ url_for('login') }}">
With query strings	url_for('search', q='flask') → /search?q=flask


17) How does Flask handle static files (CSS, JavaScript, etc.)?

Ans:- Flask handles static files (like CSS, JavaScript, images, fonts, etc.) through a built-in mechanism that automatically serves them from a default static/ folder in your project directory.

📁 Default Folder Structure


In [109]:
your_project/
├── app.py
├── static/
│   ├── style.css
│   └── script.js
└── templates/
    └── index.html


SyntaxError: invalid character '├' (U+251C) (<ipython-input-109-57b65df16928>, line 2)

static/ – for CSS, JS, images, etc.

templates/ – for HTML templates

⚙️ How Flask Serves Static Files
By default, Flask maps the /static URL path to the static/ folder.

🔗 Example:
A file placed at:

In [108]:
static/style.css


NameError: name 'static' is not defined

✅ Using url_for() to Link Static Files in Templates
Flask provides the url_for() function to correctly reference static files in your HTML templates.

Example in a template (templates/index.html):

In [107]:
<!doctype html>
<html>
<head>
  <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
  <script src="{{ url_for('static', filename='script.js') }}"></script>
</body>
</html>


SyntaxError: invalid syntax (<ipython-input-107-22b1591a1beb>, line 1)

🚫 Important Notes
Don’t serve static files with Flask in production—use a web server like Nginx or Apache instead.

You can change the default static folder when creating the app:

In [106]:
app = Flask(__name__, static_folder='assets')


 18) What is an API specification, and how does it help in building a Flask API?

 Ans:- An API specification is a detailed, structured description of how an API behaves—what endpoints it exposes, what data it expects, what it returns, and how it handles errors.

📘 What Is an API Specification?
An API specification defines:

Element	Description
Endpoints	Available URLs (e.g. /users, /login)
Methods	HTTP verbs used (GET, POST, PUT, DELETE, etc.)
Request Structure	Expected parameters, headers, body format
Responses	Possible status codes, response body schemas
Error Handling	Standard error messages or formats
Authentication	If/how users are authenticated (e.g. JWT, API keys)

🔧 Examples of API Specification Formats
OpenAPI (formerly Swagger) – most popular, used to generate docs, client code, and validate input/output.

RAML – RESTful API Modeling Language.

API Blueprint – Markdown-style API description.

Postman Collections – machine-readable request/response setup for testing.

🚀 Why It’s Useful in Flask API Development
Benefit	Description
✅ Clear Design Blueprint	Helps you and your team understand what to build.
✅ Consistency	Ensures all endpoints follow the same conventions.
✅ Auto-generated Docs	Tools like Swagger UI create live docs from the spec.
✅ Mocking and Testing	Lets frontend teams test against mock APIs.
✅ Client Code Generation	Auto-generate client SDKs in Python, JS, etc.
✅ Validation Support	Validate requests/responses against the spec.

🛠️ Flask + OpenAPI Example (Using flask-restx)


In [105]:
pip install flask-restx


Collecting flask-restx
  Downloading flask_restx-1.3.0-py2.py3-none-any.whl.metadata (9.3 kB)
Downloading flask_restx-1.3.0-py2.py3-none-any.whl (2.8 MB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m2.8/2.8 MB[0m [31m23.3 MB/s[0m eta [36m0:00:00[0m
[?25hInstalling collected packages: flask-restx
Successfully installed flask-restx-1.3.0


In [104]:
from flask import Flask
from flask_restx import Api, Resource

app = Flask(__name__)
api = Api(app)

@api.route('/hello')
class HelloResource(Resource):
    def get(self):
        """Returns a greeting"""
        return {"message": "Hello, world!"}


ModuleNotFoundError: No module named 'flask_restx'

19)  What are HTTP status codes, and why are they important in a Flask API?

Ans:- HTTP status codes are 3-digit numbers returned by a server in response to an HTTP request. They indicate whether a specific request was successful, failed, or requires further action.

🎯 Why Are HTTP Status Codes Important in a Flask API?
In a Flask API, status codes:

✅ Help clients understand the outcome of their request.

✅ Enable error handling and appropriate response behavior.

✅ Improve debugging and interoperability between client and server.

✅ Make your API RESTful and standard-compliant.

📘 Common HTTP Status Codes (with Flask usage)
Code	Meaning	When to Use
200 OK	Request succeeded	GET request returns data
201 Created	Resource successfully created	After a successful POST
204 No Content	Success, no content returned	Successful DELETE or update without body
400 Bad Request	Client sent invalid data	Missing fields, wrong format
401 Unauthorized	Auth required or failed	User not logged in or token invalid
403 Forbidden	Authenticated but not allowed	User lacks permission
404 Not Found	Resource doesn't exist	Invalid URL or missing item
409 Conflict	Resource conflict	Duplicate username, email, etc.
500 Internal Server Error	Server crash/bug	Unexpected errors in code

✅ Using Status Codes in Flask
You can return status codes like this:



In [103]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/item/<int:id>')
def get_item(id):
    if id != 1:
        return jsonify({'error': 'Item not found'}), 404
    return jsonify({'id': 1, 'name': 'Item One'}), 200


In [102]:
from flask import make_response, jsonify

response = make_response(jsonify({'error': 'Bad input'}), 400)


RuntimeError: Working outside of application context.

This typically means that you attempted to use functionality that needed
the current application. To solve this, set up an application context
with app.app_context(). See the documentation for more information.

20)  How do you handle POST requests in Flask?

Ans:- To handle POST requests in Flask, you define a route that accepts the POST method and use Flask's request object to access the data sent by the client—such as form data or JSON.

✅ Step-by-Step: Handling a POST Request
1. Import Required Modules

In [101]:
from flask import Flask, request, jsonify


2. Create a Flask App and Define a Route


In [100]:
app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit_data():
    data = request.get_json()  # Get JSON from the request body
    name = data.get('name')
    return jsonify({'message': f'Hello, {name}!'}), 201


🔁 Sending POST Data Types
Data Type	How to Access in Flask	Example Client
JSON	request.get_json()	REST clients, JavaScript
Form data	request.form.get('field')	HTML forms
Query strings	request.args.get('field')	In URL like /submit?name=Alice

🔢 Example: Handling Form Data

In [99]:
@app.route('/form', methods=['POST'])
def handle_form():
    username = request.form.get('username')
    return jsonify({'username': username}), 200


To test this, you could submit a form with application/x-www-form-urlencoded data.

🛡️ Validating POST Data

In [98]:
@app.route('/api/user', methods=['POST'])
def create_user():
    data = request.get_json()
    if not data or 'username' not in data:
        return jsonify({'error': 'Missing username'}), 400
    return jsonify({'user': data['username']}), 201


🧪 Testing with curl


In [97]:
curl -X POST http://localhost:5000/submit -H "Content-Type: application/json" -d '{"name": "Alice"}'


SyntaxError: invalid syntax (<ipython-input-97-85b09fe5742b>, line 1)

21)  How would you secure a Flask API?

Ans:- Securing a Flask API involves implementing authentication, authorization, input validation, and other best practices to protect your app and its data from malicious use or accidental misuse.

Here’s a practical breakdown of how to secure a Flask API:

🔐 1. Use Authentication
To verify who is making the request.

✅ Common methods:
API keys – Simple token in headers

JWT (JSON Web Tokens) – Popular for stateless authentication

OAuth2 – For third-party integrations

Example: Simple token check

In [96]:
from flask import request, abort

@app.before_request
def check_auth():
    token = request.headers.get('Authorization')
    if token != 'Bearer mysecrettoken':
        abort(401)  # Unauthorized


🚫 2. Use Authorization
To control what an authenticated user is allowed to do.

Restrict access based on roles (admin, user, etc.)

Check permissions before sensitive actions

🧼 3. Validate Input Data
Never trust incoming data.

Use:
request.get_json() with checks

Libraries like Marshmallow, Pydantic, or Cerberus

In [95]:
data = request.get_json()
if 'email' not in data or '@' not in data['email']:
    return jsonify({'error': 'Invalid email'}), 400


RuntimeError: Working outside of request context.

This typically means that you attempted to use functionality that needed
an active HTTP request. Consult the documentation on testing for
information about how to avoid this problem.

🧱 4. Use HTTPS in Production
Always deploy with HTTPS (not HTTP) using a WSGI server like Gunicorn behind Nginx, and use an SSL certificate (e.g., via Let's Encrypt).

🚫 5. Protect Against Common Web Vulnerabilities
Threat	Mitigation
SQL Injection	Use an ORM like SQLAlchemy (never raw SQL)
Cross-Site Scripting	Sanitize inputs and use escape() in templates
Cross-Site Request Forgery (CSRF)	Use CSRF tokens for form-based endpoints
Rate Limiting	Use Flask extensions like Flask-Limiter

🧰 6. Use Flask Security Tools
Tool/Extension	Purpose
Flask-JWT-Extended	JWT authentication
Flask-Login	Session-based login handling
Flask-Limiter	Rate limiting per IP or user
Flask-Talisman	Set secure headers like Content Security Policy

🧪 7. Test and Monitor
Write unit and security tests

Log requests, especially failed or suspicious ones

Use tools like Postman, OWASP ZAP, or Burp Suite to scan your API

🧾 Summary
Strategy	What It Protects Against
Authentication	Unauthorized access
Authorization	Privilege misuse
Input validation	Injection attacks, crashes
HTTPS	Man-in-the-middle attacks
Rate limiting	Abuse and brute force attempts
Secure headers	Various web-based attacks

22)  What is the significance of the Flask-RESTful extension?

Ans:- The Flask-RESTful extension simplifies the process of building RESTful APIs with Flask by providing tools and structure for handling resources, routing, and request parsing.

🎯 Significance of Flask-RESTful
Benefit	Description
✅ Resource-Based Design	Encourages you to build APIs around "resources" (classes), not just functions
✅ Cleaner Code	Keeps routes and logic organized with class-based views
✅ Request Parsing	Built-in tools to validate and parse incoming request data (reqparse)
✅ Automatic Routing	Uses add_resource() to register routes, reducing manual routing
✅ Error Handling Support	Easily customize HTTP error responses

🧱 Basic Example Using Flask-RESTful


In [94]:
pip install flask-restful


Collecting flask-restful
  Downloading Flask_RESTful-0.3.10-py2.py3-none-any.whl.metadata (1.0 kB)
Collecting aniso8601>=0.82 (from flask-restful)
  Downloading aniso8601-10.0.1-py2.py3-none-any.whl.metadata (23 kB)
Downloading Flask_RESTful-0.3.10-py2.py3-none-any.whl (26 kB)
Downloading aniso8601-10.0.1-py2.py3-none-any.whl (52 kB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m52.8/52.8 kB[0m [31m3.9 MB/s[0m eta [36m0:00:00[0m
[?25hInstalling collected packages: aniso8601, flask-restful
Successfully installed aniso8601-10.0.1 flask-restful-0.3.10


In [93]:
from flask import Flask
from flask_restful import Api, Resource

app = Flask(__name__)
api = Api(app)

class Hello(Resource):
    def get(self):
        return {"message": "Hello, world!"}

api.add_resource(Hello, '/hello')

if __name__ == '__main__':
    app.run(debug=True)


ModuleNotFoundError: No module named 'flask_restful'

/hello now returns a JSON response: {"message": "Hello, world!"}

The class Hello is treated as a REST resource

🔍 Using reqparse for Input Validation

In [92]:
from flask_restful import reqparse

parser = reqparse.RequestParser()
parser.add_argument('name', type=str, required=True, help='Name cannot be blank')

class Greet(Resource):
    def post(self):
        args = parser.parse_args()
        return {"message": f"Hello, {args['name']}!"}


ModuleNotFoundError: No module named 'flask_restful'

23)  What is the role of Flask’s session object?

Ans:- The Flask session object is used to store data across requests for a specific client—like user login state, preferences, or temporary data. It behaves like a Python dictionary but is stored securely on the client side using cryptographic signing.

🎯 Purpose of Flask's session Object
Role	Description
✅ Persist user data	Keeps data like user ID, role, or theme between requests
✅ Maintain login state	Used for simple authentication systems
✅ Secure client-side storage	Data is stored in the browser via cookies, but signed to prevent tampering

🔐 How It Works
Flask stores session data in a cookie on the client.

Data is signed with a secret key to prevent modification.

It is not encrypted, so don't store sensitive info like passwords.

🧱 Example Usage

In [90]:
from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'supersecretkey'  # Required to use sessions

@app.route('/login', methods=['POST'])
def login():
    session['username'] = request.form['username']
    return redirect(url_for('profile'))

@app.route('/profile')
def profile():
    username = session.get('username')
    return f'Welcome, {username}' if username else 'You are not logged in.'


📦 Common session Operations
Operation	Example
Set session data	session['key'] = value
Get session data	session.get('key')
Remove a key	session.pop('key', None)
Clear entire session	session.clear()

🛡️ Security Tips
Always set a strong secret_key in production.

Use HTTPS to protect cookies during transmission.

Avoid storing sensitive or large data in sessions.

1) How do you create a basic Flask application?

Ans:- Creating a basic Flask application is simple and only takes a few lines of code. Here's a step-by-step guide:

✅ Step 1: Install Flask
First, install Flask using pip (if it's not already installed):

In [89]:
pip install flask




✅ Step 2: Create the Application File
Create a Python file, e.g., app.py.

In [88]:
from flask import Flask

app = Flask(__name__)  # Create the Flask app

@app.route('/')         # Define a route for the home page
def home():
    return "Hello, Flask!"  # Return a response

if __name__ == '__main__':
    app.run(debug=True)  # Start the server in debug mode


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


✅ Step 3: Run the App
In the terminal, run:

In [87]:
python app.py


SyntaxError: invalid syntax (<ipython-input-87-b851947b46d7>, line 1)

You’ll see output like:


In [86]:
 * Running on http://127.0.0.1:5000/


SyntaxError: invalid syntax (<ipython-input-86-4f39b3c8f40e>, line 1)

Open your browser and go to http://127.0.0.1:5000/ — you’ll see "Hello, Flask!".

🧠 What Each Part Does
Code	Purpose
Flask(__name__)	Creates the app instance
@app.route('/')	Binds the '/' URL to the home() view
app.run(debug=True)	Runs the app with debug mode enabled


2) How do you serve static files like images or CSS in Flask?

Ans:- In Flask, static files like images, CSS, JavaScript, and fonts are served from a special folder named static by default. Flask automatically makes files in this folder accessible via the /static URL path.

How to Serve Static Files in Flask
1. Create a static folder
In your project directory, create a folder named static. Place your CSS, images, JS files, etc., inside this folder.

In [85]:
your_project/
├── app.py
├── static/
│   ├── style.css
│   ├── logo.png
│   └── script.js
└── templates/
    └── index.html


SyntaxError: invalid character '├' (U+251C) (<ipython-input-85-62173f0d2785>, line 2)

2. Access static files via /static/filename
For example, if you have static/style.css, it can be accessed at

In [84]:
http://localhost:5000/static/style.css


SyntaxError: invalid syntax (<ipython-input-84-4600cabcbc20>, line 1)

3. Link static files in templates using url_for
Use Flask's url_for function inside templates to generate URLs to static files:

In [83]:
<!-- templates/index.html -->
<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
  <img src="{{ url_for('static', filename='logo.png') }}" alt="Logo">
  <script src="{{ url_for('static', filename='script.js') }}"></script>
</body>
</html>


SyntaxError: invalid syntax (<ipython-input-83-d60792b90315>, line 1)

Example Flask app to serve static files


In [81]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')  # index.html references static files

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


3)  How do you define different routes with different HTTP methods in Flask?

Ans:- In Flask, you can define routes that respond to different HTTP methods (like GET, POST, PUT, DELETE) by specifying the methods argument in the @app.route() decorator.

How to Define Routes with Specific HTTP Methods

In [80]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/example', methods=['GET'])
def get_example():
    return "This handles GET requests"

@app.route('/example', methods=['POST'])
def post_example():
    data = request.get_json()
    return {"you sent": data}, 201

# Or combine methods in one route handler
@app.route('/multi', methods=['GET', 'POST'])
def multi_method():
    if request.method == 'POST':
        data = request.get_json()
        return {"message": "Received POST", "data": data}
    else:
        return "This is a GET request"


Key Points
By default, @app.route() only handles GET requests.

Use methods=[...] to specify which HTTP methods a route accepts.

You can have separate route functions for the same URL but different methods, or handle multiple methods in one function by checking request.method.

3)  How do you render HTML templates in Flask?

Ans:- ChatGPT said:
In Flask, you render HTML templates using the Jinja2 template engine, which is integrated by default. Templates allow you to separate your Python code from HTML and dynamically generate HTML pages.

How to Render HTML Templates in Flask
1. Create a templates folder
In your project directory, create a folder called templates. Flask looks here by default for template files.

Example structure:

In [79]:
your_project/
├── app.py
└── templates/
    └── index.html


SyntaxError: invalid character '├' (U+251C) (<ipython-input-79-6689eb7996ae>, line 2)

2. Create an HTML file
templates/index.html:

In [78]:
<!DOCTYPE html>
<html>
<head>
  <title>My Flask App</title>
</head>
<body>
  <h1>Hello, {{ name }}!</h1>
</body>
</html>


SyntaxError: invalid syntax (<ipython-input-78-355ca96528c9>, line 1)

3. Use render_template in your Flask app

In [77]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html', name="Alice")

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


The name="Alice" part passes the variable name into the template.

Inside index.html, {{ name }} is replaced with "Alice".

5) How can you generate URLs for routes in Flask using url_for?

Ans:- In Flask, you use the url_for() function to dynamically generate URLs for your routes based on their function names. This is much better than hardcoding URLs, especially when routes change or have variable parts.

How url_for() Works
Takes the endpoint name (usually the view function name).

Accepts arguments for variable parts in the URL.

Returns the absolute URL path for that route.


basic example ❎


In [76]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return 'Home Page'

@app.route('/user/<username>')
def profile(username):
    return f"User: {username}"

with app.test_request_context():
    print(url_for('home'))                 # Output: '/'
    print(url_for('profile', username='bob'))  # Output: '/user/bob'


/
/user/bob


Typical Usage in Templates
In your HTML templates, you generate URLs like this:


In [75]:
<a href="{{ url_for('profile', username='alice') }}">Alice's Profile</a>


SyntaxError: unterminated string literal (detected at line 1) (<ipython-input-75-f4393fd17f0f>, line 1)

Why Use url_for()?
Benefit	Explanation
Avoid hardcoding URLs	Safer when routes change
Automatically handles URL building	Including query strings and parameters
Supports URL generation for static files	Use url_for('static', filename='style.css')

Example with Static Files

In [74]:
url_for('static', filename='style.css')  # -> '/static/style.css'


RuntimeError: Working outside of application context.

This typically means that you attempted to use functionality that needed
the current application. To solve this, set up an application context
with app.app_context(). See the documentation for more information.

6)  How do you handle forms in Flask?

Ans:- ChatGPT said:
Handling forms in Flask involves receiving data submitted by users (usually via POST requests), processing it, validating it, and then responding accordingly.

Here’s a basic guide on how to handle forms in Flask:

1. Create an HTML form
Put your form inside a template (templates/form.html)

In [73]:
<!DOCTYPE html>
<html>
<head><title>Sample Form</title></head>
<body>
  <form method="POST" action="/submit">
    <label for="username">Username:</label>
    <input type="text" name="username" id="username" required>

    <input type="submit" value="Submit">
  </form>
</body>
</html>


SyntaxError: invalid syntax (<ipython-input-73-e4747b49b6a7>, line 1)

2. Define routes in Flask to display and handle the form


In [72]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/form')
def form():
    return render_template('form.html')

@app.route('/submit', methods=['POST'])
def submit():
    username = request.form.get('username')  # Get form field data
    return f"Hello, {username}!"


3. How it works
The user visits /form and sees the HTML form.

On submitting, the form sends a POST request to /submit.

Flask gets the form data via request.form.

The server processes the data and responds.

Optional: Using Flask-WTF for form handling and validation
For more complex forms and validation, you can use Flask-WTF, which integrates WTForms with Flask.

In [71]:
pip install flask-wtf


[31mERROR: Operation cancelled by user[0m[31m
[0m

Example:


In [70]:
from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired

class NameForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired()])
    submit = SubmitField('Submit')


7)  How can you validate form data in Flask?

Ans:- Validating form data in Flask can be done in a few ways, depending on how complex your forms are and how strict you want validation to be.

1. Manual Validation
You can manually check the data from request.form in your route handler:

In [69]:
from flask import Flask, request, render_template, flash, redirect, url_for

app = Flask(__name__)
app.secret_key = 'secretkey'  # Needed for flashing messages

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        username = request.form.get('username', '').strip()
        if not username:
            flash('Username is required!', 'error')
            return redirect(url_for('submit'))
        if len(username) < 3:
            flash('Username must be at least 3 characters long.', 'error')
            return redirect(url_for('submit'))
        return f"Hello, {username}!"
    return render_template('form.html')


Pros: Simple for small forms
Cons: Gets tedious for complex validation logic

2. Using Flask-WTF and WTForms
For more robust validation, Flask-WTF (built on WTForms) is the go-to solution. It provides built-in validators and integrates nicely with Flask.

Install Flask-WTF

In [68]:
pip install flask-wtf


Collecting flask-wtf
  Downloading flask_wtf-1.2.2-py3-none-any.whl.metadata (3.4 kB)
Collecting wtforms (from flask-wtf)
  Downloading wtforms-3.2.1-py3-none-any.whl.metadata (5.3 kB)
Downloading flask_wtf-1.2.2-py3-none-any.whl (12 kB)
Downloading wtforms-3.2.1-py3-none-any.whl (152 kB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m152.5/152.5 kB[0m [31m3.5 MB/s[0m eta [36m0:00:00[0m
[?25hInstalling collected packages: wtforms, flask-wtf
Successfully installed flask-wtf-1.2.2 wtforms-3.2.1


Example with validation:

In [67]:
from flask import Flask, render_template, redirect, url_for
from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired, Length

app = Flask(__name__)
app.secret_key = 'secretkey'

class UserForm(FlaskForm):
    username = StringField('Username', validators=[DataRequired(), Length(min=3)])
    submit = SubmitField('Submit')

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    form = UserForm()
    if form.validate_on_submit():
        username = form.username.data
        return f"Hello, {username}!"
    return render_template('form.html', form=form)


ModuleNotFoundError: No module named 'flask_wtf'

In your templates/form.html:

In [66]:
<form method="POST" action="">
  {{ form.hidden_tag() }}
  {{ form.username.label }} {{ form.username(size=20) }}
  {% for error in form.username.errors %}
    <span style="color: red;">{{ error }}</span>
  {% endfor %}
  {{ form.submit() }}
</form>


SyntaxError: invalid syntax (<ipython-input-66-0e762d46a6ad>, line 1)

Why use Flask-WTF?
Benefit	Description
Built-in validators	DataRequired, Length, Email, etc.
CSRF protection	Automatically handled
Cleaner and reusable forms	Define forms as Python classes
Easy error handling	Errors available in templates



8) How do you manage sessions in Flask?

Ans:- In Flask, you manage sessions using the built-in session object, which allows you to store data across multiple requests for the same user. It's commonly used for things like login state, shopping carts, or user preferences.

🔑 How Flask Sessions Work
Flask stores session data client-side in a securely signed cookie.

The session behaves like a Python dictionary.

Flask uses a secret_key to sign the session data and prevent tampering.

✅ Step-by-Step: Managing Sessions in Flask
1. Set the secret_key
This key is required to encrypt and sign session cookies.

In [65]:
from flask import Flask, session

app = Flask(__name__)
app.secret_key = 'your-secret-key'  # Keep this secure in production


2. Storing Data in the Session

In [64]:
@app.route('/login')
def login():
    session['username'] = 'alice'
    return 'Logged in as alice'


3. Accessing Session Data


In [63]:
@app.route('/profile')
def profile():
    username = session.get('username')
    return f'Hello, {username}' if username else 'You are not logged in'


4. Removing Data from the Session


In [62]:
@app.route('/logout')
def logout():
    session.pop('username', None)  # Remove username if it exists
    return 'Logged out'


5. Clearing the Entire Session


In [61]:
@app.route('/clear')
def clear():
    session.clear()
    return 'Session cleared'


🛡️ Best Practices
Tip	Why It Matters
Set a strong secret_key	Prevents tampering with session data
Avoid storing sensitive info	Data is stored client-side
Use HTTPS in production	Encrypts the cookie in transit

9) How do you redirect to a different route in Flask?

Ans:- In Flask, you redirect to a different route using the redirect() function, often combined with url_for() to dynamically generate the target URL.

✅ Basic Redirect Example

In [60]:
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return 'Home Page'

@app.route('/go-to-home')
def go_home():
    return redirect(url_for('home'))  # Redirect to the 'home' route


Visiting /go-to-home will redirect the user to /.

url_for('home') returns '/' because it's the endpoint name.

🔁 Redirect with Query Parameters
You can pass arguments to url_for():

In [59]:
@app.route('/user/<username>')
def user_profile(username):
    return f"User: {username}"

@app.route('/redirect-user')
def redirect_user():
    return redirect(url_for('user_profile', username='alice'))


This would redirect to /user/alice.

🔄 Redirect to an External URL

In [58]:
@app.route('/external')
def external():
    return redirect('https://example.com')


🔐 Use with Login or Forms
Redirects are commonly used after:

Successful login

Form submissions

Access denial or authentication

In [57]:
@app.route('/login', methods=['POST'])
def login():
    # (validate login here)
    return redirect(url_for('dashboard'))


10) How do you handle errors in Flask (e.g., 404)

Ans:- In Flask, you handle errors like 404 (Not Found) or 500 (Internal Server Error) using custom error handlers with the @app.errorhandler() decorator.

This allows you to show friendly messages, custom pages, or structured JSON responses when something goes wrong.

✅ Basic Example: Handle 404 Error

In [56]:
from flask import Flask, render_template

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(error):
    return render_template('404.html'), 404


When a route is not found, Flask will return the custom 404.html page.

The second value (404) sets the HTTP status code of the response.

✅ Handle Other Common Errors

In [55]:
@app.errorhandler(500)
def internal_error(error):
    return "An internal server error occurred.", 500

@app.errorhandler(403)
def forbidden(error):
    return "Access forbidden.", 403


🧪 Returning JSON for APIs
For APIs, return structured JSON instead of HTML

In [54]:
from flask import jsonify

@app.errorhandler(404)
def api_not_found(error):
    return jsonify({'error': 'Not found'}), 404


🔄 Raising Errors Manually
You can raise errors with the abort() function:

In [53]:
from flask import abort

@app.route('/secret')
def secret():
    abort(403)  # Triggers the 403 error handler


11) How do you structure a Flask app using Blueprints?

Ans:- Structuring a Flask app using Blueprints is a way to organize your application into modular, reusable components—especially helpful in larger apps with many routes, views, or API endpoints.

🧱 What Is a Blueprint in Flask?
A Blueprint is like a mini-application within your main Flask app. You define routes and logic inside it, then register it to your main app.

✅ Why Use Blueprints?
Benefit	Description
✅ Modular structure	Split app into smaller, focused files
✅ Reusable code	Blueprints can be reused across projects
✅ Cleaner project layout	Separates logic by feature or function

📦 Project Structure Example

In [52]:
your_project/
├── app/
│   ├── __init__.py
│   ├── routes/
│   │   ├── __init__.py
│   │   └── user.py
│   └── templates/
│       └── user.html
├── run.py


SyntaxError: invalid character '├' (U+251C) (<ipython-input-52-90477b9b2a9e>, line 2)

🧱 1. Create a Blueprint (e.g., user.py)

In [51]:
# app/routes/user.py
from flask import Blueprint, render_template

user_bp = Blueprint('user', __name__, url_prefix='/user')

@user_bp.route('/')
def user_home():
    return render_template('user.html')


🧩 2. Register the Blueprint in __init__.py


In [50]:
# app/__init__.py
from flask import Flask
from app.routes.user import user_bp

def create_app():
    app = Flask(__name__)
    app.register_blueprint(user_bp)
    return app


ModuleNotFoundError: No module named 'app'

🚀 3. Run the App


In [49]:
# run.py
from app import create_app

app = create_app()

if __name__ == '__main__':
    app.run(debug=True)


ModuleNotFoundError: No module named 'app'

🌐 Access the Route
Go to http://localhost:5000/user/ to see the response from the user_home() view.

🔁 Multiple Blueprints
You can define multiple blueprints for different parts of your app:

In [48]:
# app/routes/admin.py
admin_bp = Blueprint('admin', __name__, url_prefix='/admin')

@admin_bp.route('/')
def admin_home():
    return "Admin Dashboard"


NameError: name 'Blueprint' is not defined

Then register in __init__.py:



In [47]:
from app.routes.admin import admin_bp
app.register_blueprint(admin_bp)


ModuleNotFoundError: No module named 'app'

12) How do you define a custom Jinja filter in Flask?

Ans:- In Flask, you can define a custom Jinja filter to transform data inside your templates. Jinja filters are functions that you apply to variables using the pipe | syntax in templates (e.g., {{ name|uppercase }}).

✅ Steps to Define a Custom Jinja Filter
1. Create the Filter Function

In [46]:
def reverse_string(s):
    return s[::-1]


2. Register the Filter with Flask
You can register it globally using app.template_filter():

In [45]:
from flask import Flask

app = Flask(__name__)

@app.template_filter('reverse')
def reverse_string(s):
    return s[::-1]


Or register manually like this:


In [44]:
app.add_template_filter(reverse_string, name='reverse')


NameError: name 'reverse_string' is not defined

3. Use the Filter in a Template
In your Jinja template (e.g., templates/hello.html):

In [43]:
<p>Original: {{ name }}</p>
<p>Reversed: {{ name|reverse }}</p>


SyntaxError: invalid syntax (<ipython-input-43-e51f812943b2>, line 1)

If name = 'Flask', this will output:

In [42]:
Original: Flask
Reversed: ksalF


NameError: name 'ksalF' is not defined

13) How can you redirect with query parameters in Flask?

Ans:- In Flask, you can redirect with query parameters by using redirect() in combination with url_for() and passing keyword arguments to represent query strings.

✅ Basic Example: Redirect with Query Parameters


In [41]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Search results for: {query}"

@app.route('/go-to-search')
def go_to_search():
    return redirect(url_for('search', q='flask blueprints'))


url_for('search', q='flask blueprints') generates: /search?q=flask+blueprints

Then redirect(...) sends the browser there.

🔍 How It Works
Part	Purpose
url_for('search')	Gets the URL for the search() route
q='flask blueprints'	Adds query parameter ?q=flask+blueprints
redirect(...)	Sends the user to the new URL

🧪 Accessing Query Parameters
In the target view function:

In [40]:
@app.route('/search')
def search():
    query = request.args.get('q')  # Extracts 'q' from the query string
    return f"You searched for: {query}"


📌 Example Output
Visiting /go-to-search will redirect the user to:

In [39]:
/search?q=flask+blueprints


SyntaxError: invalid syntax (<ipython-input-39-56e0115e9132>, line 1)

14)  How do you return JSON responses in Flask?

Ans:- In Flask, returning JSON responses is simple and commonly used when building APIs. You typically use the built-in jsonify() function to generate a proper application/json response.

✅ Basic Example: Returning JSON

In [38]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {"name": "Alice", "age": 30}
    return jsonify(data)


jsonify() converts dictionaries or lists into a JSON-formatted HTTP response.

It automatically sets the Content-Type to application/json.

🔁 Returning a List


In [37]:
@app.route('/api/users')
def get_users():
    users = [{"id": 1, "name": "Alice"}, {"id": 2, "name": "Bob"}]
    return jsonify(users)


⚠️ Avoid Manual json.dumps() (usually)
While you can use json.dumps() and return it manually:



In [36]:
import json

@app.route('/manual')
def manual_json():
    data = {"message": "ok"}
    return json.dumps(data), 200, {'Content-Type': 'application/json'}


It’s better to use jsonify() because:

It handles Unicode and special characters properly.

It ensures the correct content type and formatting.

It’s more secure against JSON-related attacks.



15)  How do you capture URL parameters in Flask?

Ans:- In Flask, you can capture URL parameters (also called path parameters) directly from the route by using angle brackets <> in the route definition. These parameters are passed to your view function as arguments.

✅ Basic Example: Capturing a Single URL Parameter

In [35]:
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user(username):
    return f"Hello, {username}!"


Visiting /user/alice will return: Hello, alice!

The <username> part captures whatever comes in that position of the URL.

🔢 Capturing Typed Parameters
You can also enforce data types:

In [34]:
@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f"Post ID: {post_id}"


Common Type Converters:
Converter	Description
string	Default, matches text
int	Only matches integers
float	Matches floating-point numbers
path	Like string but allows slashes /
uuid	Matches UUID strings

Example:

In [33]:
@app.route('/file/<path:filepath>')
def get_file(filepath):
    return f"Requested file: {filepath}"


Accessing /file/images/logo.png returns:



In [32]:
Requested file: images/logo.png


SyntaxError: invalid syntax (<ipython-input-32-2f072f3a4d55>, line 1)