<a href="https://colab.research.google.com/github/ankit221814/PYTHON/blob/main/RestfulAPI%26Flask.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

1.What is a RESTful API?

A RESTful API is an application programming interface (API) that follows the principles of REST (Representational State Transfer). It's a way for a client (like a web browser or mobile app) to communicate with a server over the internet using standard HTTP methods to perform operations on resources, which are identified by unique URLs.

2.Explain the concept of API specification.

An API specification is a detailed, machine-readable document that describes what an API does. It defines the available endpoints, the HTTP methods they use, the data formats for requests and responses, and any authentication requirements. Tools like OpenAPI (formerly Swagger) are used to create these specifications, which serve as a contract between the API provider and the consumer.

3.What is Flask, and why is it popular for building APIs?

Flask is a micro-framework for Python. It's popular for building APIs because it's lightweight and flexible, providing only the essential tools needed for web development. This minimalist design gives developers full control over the components they use, making it an excellent choice for creating simple, fast, and custom APIs.



4.What is routing in Flask?

Routing in Flask is the process of linking a specific URL to a Python function. When a user requests a URL, Flask's routing system finds the corresponding function to execute and returns its output as the response.

5.How do you create a simple Flask application?

You can create a basic Flask application with just a few lines of code. You first import the Flask class, create an instance of the app, define a route using the @app.route() decorator, and then run the application.

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return 'Hello, World!'

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with watchdog (inotify)


6.What are HTTP methods used in RESTful APIs?

HTTP methods (also called verbs) define the action to be performed on a resource. The most common methods used in RESTful APIs are:

GET: Retrieves a resource.

POST: Creates a new resource.

PUT: Updates a resource entirely.

PATCH: Updates a resource partially.

DELETE: Deletes a resource.

7.What is the purpose of the @app.route() decorator in Flask?

The @app.route() decorator is used to bind a URL path to a specific Python function. It tells Flask which function to run when a user navigates to a particular URL.

8.What is the difference between GET and POST HTTP methods?

GET is used to retrieve data. It doesn't have a request body, and its parameters are sent in the URL's query string.

POST is used to submit data to create a new resource. The data is sent in the request body, which can contain sensitive information.

9.How do you handle errors in Flask APIs?

You can handle errors in Flask using the @app.errorhandler() decorator. This decorator allows you to register a function that will be executed when a specific HTTP error code occurs, such as 404 Not Found or 500 Internal Server Error.

10.How do you connect Flask to a SQL database?

You typically connect Flask to a SQL database using a Python library called an ORM (Object-Relational Mapper), such as SQLAlchemy. The ORM allows you to interact with the database using Python objects and methods instead of writing raw SQL queries.

11.What is the role of Flask-SQLAlchemy?

Flask-SQLAlchemy is a Flask extension that simplifies the use of SQLAlchemy within a Flask application. It handles the database session management, configuration, and other boilerplate code, making it easier to integrate a database with your Flask app.

12.What are Flask blueprints, and how are they useful?

Flask blueprints are a way to organize a Flask application into smaller, reusable components. They are useful for:

Modularizing large applications.

Creating a better project structure.

Making parts of your application reusable.

Managing separate URL prefixes, templates, and static files for different parts of your app.

13.What is the purpose of Flask's request object?

The request object is a global object that holds all the incoming data from the client's HTTP request. It provides access to request data such as form data (request.form), JSON data (request.json), URL parameters (request.args), and the HTTP method used (request.method).

14.How do you create a RESTful API endpoint using Flask?

You create a RESTful API endpoint using the @app.route() decorator and specifying the allowed HTTP methods with the methods parameter. For example, to create a resource endpoint that handles both GET and POST requests:

In [None]:
from flask import request

@app.route('/api/resource', methods=['GET', 'POST'])
def handle_resource():
    if request.method == 'POST':
        # logic to create a resource
        return "Resource created", 201
    else:
        # logic to retrieve resources
        return "List of resources"

15.What is the purpose of Flask's jsonify() function?

The jsonify() function is a helper that serializes a Python dictionary or other data structure into a JSON-formatted response. It also sets the Content-Type header to application/json, which is the standard format for API responses.



16.Explain Flask’s url_for() function.

The url_for() function is a utility for URL building. It generates a URL for a given function or endpoint name. Its primary purpose is to avoid hardcoding URLs in your application, making it more maintainable. If you change a route's URL, url_for() automatically updates all links that use it.

17.How does Flask handle static files (CSS, JavaScript, etc.)?

Flask handles static files by creating a static folder in your project directory.  You can then reference these files in your templates using the url_for() function with the 'static' endpoint and the file's name:

HTML

In [None]:
<link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}">

18.What is an API specification, and how does it help in building a Flask API4?

An API specification is a formal document (or set of rules) that defines how an API works. It describes the endpoints, request formats, response formats, authentication methods, and error handling of the API.

19.What are HTTP status codes, and why are they important in a Flask API?

HTTP status codes are three-digit numbers that indicate the result of an HTTP request. They are important in a Flask API because they provide a standardized way to communicate the outcome of an operation to the client. For example, a 200 means "OK," 201 means "Created," 404 means "Not Found," and 500 means "Internal Server Error."

20.How do you handle POST requests in Flask?

In Flask, you handle POST requests by defining a route with the methods=['POST'] argument.

You can then access form data (request.form) or JSON data (request.json).

✅ Example:

In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/add-user', methods=['POST'])
def add_user():
    data = request.json  # get JSON data
    name = data.get("name")
    email = data.get("email")
    return jsonify({"message": f"User {name} with email {email} added successfully!"})

if __name__ == '__main__':
    app.run(debug=True)


21.How would you secure a Flask API?

Securing a Flask API involves multiple layers:

Authentication & Authorization

Use API keys, JWT tokens, or OAuth2 for verifying users.

Input Validation & Sanitization

Validate incoming data to prevent SQL injection / XSS.

HTTPS

Always run the API over SSL/TLS.

Rate Limiting

Prevent brute force or DDoS attacks (e.g., Flask-Limiter).

CORS Control

Restrict which domains can call your API.

Error Handling

Don’t leak sensitive info in error messages.

22.What is the significance of the Flask-RESTful extension?

Flask-RESTful is an extension that helps you build REST APIs faster and more cleanly.

Benefits:

Provides a Resource class to organize endpoints as objects.

Makes request parsing easier with reqparse.

Supports automatic input validation.

Produces cleaner, more maintainable code compared to plain Flask routes.

In [None]:
from flask import Flask
from flask_restful import Resource, Api

app = Flask(__name__)
api = Api(app)

class Hello(Resource):
    def get(self):
        return {"message": "Hello, Flask-RESTful!"}

api.add_resource(Hello, '/')

if __name__ == '__main__':
    app.run(debug=True)


23.What is the role of Flask’s session object?

session in Flask is used to store data across requests for a specific user.

It works like a dictionary and stores data on the server-side, but sends a signed cookie to the client for verification.

Example use case: Keeping a user logged in after authentication.

In [None]:
from flask import Flask, session, redirect, url_for

app = Flask(__name__)
app.secret_key = "supersecretkey"  # required for session

@app.route('/login')
def login():
    session['user'] = 'Alice'
    return "User logged in!"

@app.route('/profile')
def profile():
    if 'user' in session:
        return f"Welcome {session['user']}!"
    return redirect(url_for('login'))

if __name__ == '__main__':
    app.run(debug=True)


1. How would you secure a Flask API?

Ways to secure a Flask API:

✅ Authentication/Authorization – Use JWT, OAuth2, or API keys.

✅ HTTPS – Always run with SSL/TLS.

✅ Input validation – Sanitize user input to prevent SQL injection/XSS.

✅ Rate limiting – Prevent brute force attacks (Flask-Limiter).

✅ CORS control – Restrict which domains can call your API.

✅ Error handling – Avoid exposing sensitive info in errors.

In [None]:
#2. What is the significance of the Flask-RESTful extension?

#Helps build REST APIs quickly & cleanly.

#Provides Resource classes to organize endpoints.

#Simplifies request parsing & validation with reqparse.

#Produces maintainable, structured code.

from flask import Flask
from flask_restful import Api, Resource

app = Flask(__name__)
api = Api(app)

class Hello(Resource):
    def get(self):
        return {"message": "Hello, Flask-RESTful!"}

api.add_resource(Hello, '/')
app.run(debug=True)


3. What is the role of Flask’s session object?

Stores data across requests for a user.

Data is stored on server, signed cookie sent to client.

Common use: keeping users logged in.

✅ Example:

In [None]:
from flask import Flask, session

app = Flask(__name__)
app.secret_key = "secret"

@app.route('/login')
def login():
    session['user'] = 'Alice'
    return "User logged in!"


In [None]:
#4. How do you create a basic Flask application?

from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#5. How do you serve static files like images or CSS in Flask?

<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
<img src="{{ url_for('static', filename='logo.png') }}">


In [None]:
#6. How do you define different routes with different HTTP methods in Flask?

@app.route('/users', methods=['GET', 'POST'])
def users():
    if request.method == 'GET':
        return "Fetching users"
    if request.method == 'POST':
        return "Creating user"



In [None]:
#7. How do you render HTML templates in Flask?

from flask import render_template

@app.route('/profile')
def profile():
    return render_template('profile.html', name="Alice")


In [None]:
#8. How can you generate URLs for routes in Flask using url_for?

from flask import url_for

@app.route('/about')
def about():
    return "About Page"

@app.route('/')
def home():
    return f"Go to {url_for('about')}"


In [None]:
#9. How do you handle forms in Flask?

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form['name']
    return f"Hello {name}"


In [None]:
#10. How can you validate form data in Flask?

if not request.form.get('email'):
    return "Email required"


In [None]:
#11. How do you manage sessions in Flask?

@app.route('/set')
def set_session():
    session['theme'] = 'dark'
    return "Session set!"


In [None]:
#12. How do you redirect to a different route in Flask?

from flask import redirect, url_for

@app.route('/go-home')
def go_home():
    return redirect(url_for('home'))


In [None]:
#13. How do you handle errors in Flask (e.g., 404)?

@app.errorhandler(404)
def not_found(e):
    return "Page not found!", 404


In [None]:
#14. How do you structure a Flask app using Blueprints?

from flask import Blueprint

users_bp = Blueprint('users', __name__)

@users_bp.route('/users')
def users():
    return "Users page"

app.register_blueprint(users_bp)


In [None]:
#15. How do you define a custom Jinja filter in Flask?

@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

# In template: {{ "hello" | reverse }}


In [None]:
#16. How can you redirect with query parameters in Flask?

return redirect(url_for('search', q="flask"))


In [None]:
#17. How do you return JSON responses in Flask?

from flask import jsonify

@app.route('/api')
def api():
    return jsonify({"status": "success", "data": [1, 2, 3]})


In [None]:
#18. How do you capture URL parameters in Flask?

@app.route('/user/<int:id>')
def user(id):
    return f"User ID is {id}"
