In [1]:
# 1. What is a RESTful API?

REST (Representational State Transfer) is an architectural style for designing APIs.

A RESTful API uses HTTP methods (GET, POST, PUT, DELETE, etc.) to perform operations on resources identified by URLs.

Key principles:

    Stateless: Each request contains all the necessary information (no session stored on the server).

    Client-Server: Separation of frontend (client) and backend (server).

    Uniform Interface: Standard way to access resources (URLs + HTTP methods).

    Resource-based: Everything is treated as a resource (e.g., /users/1).

SyntaxError: invalid syntax. Perhaps you forgot a comma? (2038104250.py, line 3)

In [None]:
#2. Explain the concept of API specification?

An API specification defines how an API behaves and how clients should interact with it.

It acts like a contract between the server and the client.

It usually includes:

Endpoints (URLs)

HTTP methods (GET, POST, etc.)

Request parameters (query params, headers, body format)

Response format (JSON, status codes, error messages)

Popular specification formats:

OpenAPI/Swagger (most common)

RAML

API Blueprint

In [None]:
#3. What is Flask, and why is it popular for building APIs?

Flask is a lightweight, micro web framework for Python.

Popular for APIs because:

Very simple and minimal (no unnecessary boilerplate).

Easy to learn and quick to set up.

Flexible: lets you choose database, authentication, etc.

Large ecosystem (Flask-RESTful, Flask-JWT, Flask-SQLAlchemy).

Built-in development server and debugger.

In [None]:
#4. What is routing in Flask?

Routing is the process of mapping a URL path to a Python function.

In Flask, you define routes using the @app.route() decorator.

Example:

@app.route('/hello')
def hello():
    return "Hello, World!"

In [None]:
#5. How do you create a simple Flask application?

Steps:

1. Install Flask

pip install flask


2. Create app.py

from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


3. Run the app

python app.py


Open browser → http://127.0.0.1:5000/ → Shows Hello, Flask!

In [None]:
#6. What are HTTP methods used in RESTful APIs?

Common HTTP methods:

GET → Retrieve data (read-only).

POST → Create a new resource.

PUT → Update/replace an existing resource.

PATCH → Partially update an existing resource.

DELETE → Remove a resource.

OPTIONS/HEAD → Metadata or headers (less common).

In [None]:
#7. What is the purpose of the @app.route() decorator in Flask?

The @app.route() decorator maps a URL path to a Python function (called a view function).

Example:

@app.route('/hello')
def hello():
    return "Hello, Flask!"


Visiting /hello runs the hello() function.

In [None]:
#8. What is the difference between GET and POST HTTP methods?

GET

Used to retrieve data.

Parameters sent in URL query string (/search?q=flask).

Should not change server state (safe, idempotent).

POST

Used to send data to create/update resources.

Data sent in request body (e.g., JSON or form data).

Can modify server state.

In [None]:
#9. How do you handle errors in Flask APIs?

Use @app.errorhandler() to define custom error responses.

Example:

from flask import jsonify

@app.errorhandler(404)
def not_found(e):
    return jsonify({"error": "Resource not found"}), 404

@app.errorhandler(500)
def server_error(e):
    return jsonify({"error": "Internal server error"}), 500


For APIs, best practice is to return JSON error messages with correct status codes.

In [None]:
#10. How do you connect Flask to a SQL database?

You have multiple options:

Option A – Using SQLite (built-in)
import sqlite3
from flask import g, Flask

app = Flask(__name__)
DATABASE = "mydb.db"

def get_db():
    if "db" not in g:
        g.db = sqlite3.connect(DATABASE)
    return g.db

@app.teardown_appcontext
def close_db(error):
    if "db" in g:
        g.db.close()

Option B – Using Flask-SQLAlchemy (most common)
pip install flask-sqlalchemy

from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///mydb.db'
db = SQLAlchemy(app)

# Define a model
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(80))

# Create tables
with app.app_context():
    db.create_all()

SyntaxError: invalid character '–' (U+2013) (2408874487.py, line 5)

In [None]:
#11. What is the role of Flask-SQLAlchemy?

Flask-SQLAlchemy is an ORM (Object Relational Mapper) that integrates SQLAlchemy with Flask.

It allows developers to interact with databases using Python classes and objects instead of raw SQL.

Benefits: cleaner code, portability across databases, built-in query helpers.

In [None]:
#12. What are Flask blueprints, and how are they useful?

Blueprints are a way to organize a Flask application into smaller, modular components.

Useful for structuring large apps by grouping related routes, templates, and static files.

Example: auth blueprint for authentication, api blueprint for API routes.

They make applications scalable, reusable, and maintainable.

In [None]:
#13. What is the purpose of Flask's request object?

The request object gives access to incoming HTTP request data.

Examples:

request.args → query parameters (?q=flask)

request.form → form data (POST forms)

request.json → JSON request body

request.method → HTTP method (GET, POST, etc.)

It’s essential for handling client input.

In [None]:
#14. How do you create a RESTful API endpoint using Flask?

Example:

from flask import Flask, jsonify, request

app = Flask(__name__)

@app.route('/api/user', methods=['POST'])
def create_user():
    data = request.json
    return jsonify({"message": "User created", "user": data}), 201


Here, /api/user is a RESTful POST endpoint.

You can add GET, PUT, DELETE similarly.

In [None]:
# 15. What is the purpose of Flask's jsonify() function?

jsonify() converts Python dictionaries/lists into JSON responses.

It also sets the correct Content-Type (application/json) header automatically.

Example:

return jsonify({"status": "success", "data": users})

In [None]:
#16. Explain Flask’s url_for() function?

url_for() is used to generate URLs dynamically for routes instead of hardcoding them.

Benefits:

If you change a route later, you don’t need to update links everywhere.

Makes applications more maintainable.

Example:

from flask import Flask, url_for

app = Flask(__name__)

@app.route('/profile/<username>')
def profile(username):
    return f"Profile page of {username}"

@app.route('/')
def index():
    return f"Go to {url_for('profile', username='Adwait')}"

In [None]:
17. How does Flask handle static files (CSS, JavaScript, etc.)?

Flask automatically serves files from the static/ folder in your project.

You can access them via /static/<filename>.

Example project structure:

/project
  app.py
  /static
     style.css
     script.js


In HTML template:

<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
<script src="{{ url_for('static', filename='script.js') }}"></script>

In [None]:
#18. What is an API specification, and how does it help in building a Flask API?

An API specification defines the rules and structure of an API, including:

Endpoints (/api/users, /api/orders)

HTTP methods (GET, POST, PUT, DELETE)

Input/Output formats (JSON, XML)

Authentication rules

Error codes and responses

Example: OpenAPI (Swagger) specification.

Benefits:

Acts as a contract between frontend and backend.

Ensures consistency in API development.

Makes it easier for others to consume your API.

In [None]:
#19. What are HTTP status codes, and why are they important in a Flask API?

HTTP status codes are standardized codes returned with API responses.

They tell the client the result of the request.

Common ones:

200 OK → Success

201 Created → Resource created successfully

400 Bad Request → Invalid input

401 Unauthorized → Authentication required

404 Not Found → Resource doesn’t exist

500 Internal Server Error → Unexpected server issue

Importance: improves client-server communication by clarifying results.

In [None]:
#20. How do you handle POST requests in Flask?

You handle them by allowing methods=['POST'] in a route and using request to access data.

from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/api/add', methods=['POST'])
def add_data():
    data = request.json   # Get JSON payload
    return jsonify({"message": "Data received", "data": data}), 201

In [None]:
#21. How would you secure a Flask API?

Securing a Flask API involves multiple layers:

Authentication & Authorization

Use tokens (JWT, OAuth2) or API keys.

Example: JWT for user login and protected endpoints.

Input Validation & Sanitization

Validate request data (use libraries like Marshmallow).

Prevent SQL injection, XSS, CSRF attacks.

HTTPS

Always deploy Flask apps over HTTPS (TLS/SSL) to encrypt traffic.

Rate Limiting

Use Flask-Limiter or API gateway to prevent abuse (e.g., DDoS).

Error Handling

Don’t expose stack traces or sensitive server details.

CORS (Cross-Origin Resource Sharing)

Restrict which domains can access your API.

In [None]:
#22. What is the significance of the Flask-RESTful extension?

Flask-RESTful is an extension that makes it easier to build REST APIs in Flask.

Key Benefits:

Organized Code → Provides Resource classes for each API endpoint.

Automatic Request Parsing → Handles arguments easily.

Cleaner Routing → Adds routes via api.add_resource().

Built-in Error Handling → Better than plain Flask routes.

In [None]:
23. What is the role of Flask’s session object?

Flask’s session object is used to store data across requests for a user.

It is implemented using signed cookies (data is stored in the client browser but cryptographically signed to prevent tampering).

👉 Use Cases:

Tracking logged-in user information.

Storing temporary preferences (like theme, language).

Maintaining state in a stateless protocol (HTTP).