#Restful API & Flask

Q1.  What is a RESTful API?
- A RESTful API (Representational State Transfer API) is a type of web API that follows the principles of REST architecture, allowing systems to communicate over HTTP in a stateless, scalable, and standardized way.

Q2. Explain the concept of API specification?
- An API specification is a detailed, formal description of how an API works — what it does, what inputs it expects, what outputs it provides, and how developers should interact with it.
- It acts as a contract between the API provider and API consumer, ensuring both sides understand how to communicate correctly.

Q3. What is Flask, and why is it popular for building APIs?
- Flask is a lightweight and flexible Python web framework used for building web applications and RESTful APIs. It’s part of the microframework category, meaning it comes with the bare minimum to get a web app up and running, but is highly extensible.

Q4. What is routing in Flask?
- Routing in Flask is the process of mapping URLs (web addresses) to functions (called view functions) that handle web requests and return responses.

Q5. How do you create a simple Flask application?
- Flask(__name__): Creates the Flask app.
- @app.route('/'): Sets up the route for the home page (root URL).
- home(): The function that runs when the route is visited.
- app.run(debug=True): Starts the development server with debug mode on.

Q6. What are HTTP methods used in RESTful APIs?
1. GET – Retrieve a user's data
2. POST – Create a new user
3. PUT – Update an entire user record
4. PATCH – Update part of the user record
5. DELETE – Remove a user

Q7. What is the purpose of the @app.route() decorator in Flask?
- The @app.route() decorator in Flask is used to bind a URL to a specific function — known as a view function. It defines the route (path) on which the application should respond, and what logic should be executed when that route is accessed.

Q8. What is the difference between GET and POST HTTP methods?
- The **GET** and **POST** HTTP methods are used to communicate with a server, but they serve different purposes and behave differently. The **GET** method is used to **retrieve data** from a server. It appends the data to the URL as query parameters, making it visible in the browser and easily shareable or cached. GET requests are **idempotent** and **safe**, meaning they do not alter the server's state. On the other hand, the **POST** method is used to **send data** to the server to create or update a resource. The data is included in the **body of the request**, making it more secure for sensitive information. Unlike GET, POST can **modify server state**, and its requests are **not cached or bookmarked** by default. In short, GET is for fetching data, while POST is for submitting data to be processed.

Q9. How do you handle errors in Flask APIs?
1. Using abort() for Simple Errors
2. Custom Error Handlers
3. Handling Validation Errors
4. Using Try-Except Blocks

Q10. How do you connect Flask to a SQL database?
- To connect Flask to a SQL database, the most common and powerful approach is using SQLAlchemy, a popular ORM (Object Relational Mapper) for Python. It allows you to work with databases using Python classes instead of raw SQL queries.

Q11. What is the role of Flask-SQLAlchemy?
- Flask-SQLAlchemy is an extension for Flask that integrates SQLAlchemy — a powerful Object Relational Mapper (ORM) — with Flask applications. It makes it much easier to interact with SQL databases (like SQLite, MySQL, or PostgreSQL) using Python objects instead of raw SQL queries.

Q12. What are Flask blueprints, and how are they useful?
- Flask Blueprints are a way to organize your Flask application into modular components. Think of them as mini-apps within your main app — each handling a specific feature or section of the application.
1. Modular code structure - Easier to manage and scale
2. Reusability - Can reuse components across projects
3. Better collaboration - Multiple devs can work on separate parts
4. Cleaner main app file - Keeps app.py minimal and organized

Q13. What is the purpose of Flask's request object?
- The request object in Flask is used to access data sent by the client (such as a web browser, mobile app, or API consumer) to the server during an HTTP request.
- It provides a simple and consistent interface to retrieve form data, query parameters, JSON payloads, headers, files, and more.

Q14. How do you create a RESTful API endpoint using Flask?
1. Install Flask
2. Basic Flask REST API Example


In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

# In-memory data store
users = [
    {"id": 1, "name": "Anshumaan"},
    {"id": 2, "name": "Khushi"}
]

# GET: Retrieve all users
@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

# GET: Retrieve a single user by ID
@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    user = next((u for u in users if u["id"] == user_id), None)
    if user:
        return jsonify(user)
    return jsonify({"error": "User not found"}), 404

# POST: Create a new user
@app.route('/users', methods=['POST'])
def create_user():
    data = request.get_json()
    new_user = {"id": len(users) + 1, "name": data["name"]}
    users.append(new_user)
    return jsonify(new_user), 201

# PUT: Update an existing user
@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    data = request.get_json()
    user = next((u for u in users if u["id"] == user_id), None)
    if user:
        user["name"] = data["name"]
        return jsonify(user)
    return jsonify({"error": "User not found"}), 404

# DELETE: Remove a user
@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    global users
    users = [u for u in users if u["id"] != user_id]
    return jsonify({"message": "User deleted"}), 200

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat
ERROR:root:Unexpected exception finding object shape
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/google/colab/_debugpy_repr.py", line 54, in get_shape
    shape = getattr(obj, 'shape', None)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/werkzeug/local.py", line 318, in __get__
    obj = instance._get_current_object()
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/werkzeug/local.py", line 519, in _get_current_object
    raise RuntimeError(unbound_message) from None
RuntimeError: Working outside of request context.

This typically means that you attempted to use functionality that needed
an active HTTP request. Consult the documentation on testing for
information about how to avoid this problem.
ERROR:root:Unexpected exception finding object shape
Tra

Q15. What is the purpose of Flask's jsonify() function?
- The jsonify() function in Flask is used to convert Python data structures (like dictionaries and lists) into JSON format and return them as a proper HTTP response with the correct MIME type (application/json).

Q16.  Explain Flask’s url_for() function?
- Flask’s url_for() function is used to build dynamic URLs for routes in your application based on the function names instead of hardcoding URLs.
- It ensures your URLs stay consistent and automatically adapt to any route changes, making your code cleaner, safer, and easier to maintain.

Q17. How does Flask handle static files (CSS, JavaScript, etc.)?
- Flask automatically serves static files like CSS, JavaScript, and images using a special static folder located at the root of your project. This allows your web pages to look styled and interactive.

Q18. What is an API specification, and how does it help in building a Flask API?
- An API specification is a detailed blueprint or contract that describes how an API behaves. It defines:

1. Available endpoints (URLs),
2. HTTP methods (GET, POST, etc.),
3. Request parameters (query strings, path variables, body),
4. Expected responses (status codes, response schema),
5. Authentication mechanisms, and
6. Data formats (usually JSON).

Q19. What are HTTP status codes, and why are they important in a Flask API?
- HTTP status codes are standardized 3-digit numbers returned by a server in response to a client's request. They indicate the result of the request — whether it was successful, caused an error, or requires further action.

Q20. How do you handle POST requests in Flask?
- In Flask, you handle POST requests by:
1. Defining a route that accepts POST method.
2. Extracting data from the request (form, JSON, etc.).
3. Processing the data (e.g., saving to a database).
4. Returning a response, often with a status code.


Q21. How would you secure a Flask API?
- Securing a Flask API is crucial to protect sensitive data, prevent unauthorized access, and ensure trust in your application. Flask offers several tools and practices to enhance API security.
1. Use Authentication
2. Use HTTPS (SSL/TLS)
3. Input Validation & Sanitization
4. Rate Limiting
5. CORS (Cross-Origin Resource Sharing)
6. Error Handling & Hiding Stack Traces
7. Environment Configuration
8. Database Security

Q22. What is the significance of the Flask-RESTful extension?
- Flask-RESTful is a powerful Flask extension that simplifies the development of RESTful APIs by providing a structured way to define routes, handle HTTP methods, manage responses, and validate inputs.

Q23. What is the role of Flask’s session object?
- The session object in Flask is used to store information about a user across multiple requests, allowing you to maintain state between HTTP requests, which are otherwise stateless by nature.


#PRACTICAL QUESTIONS

In [None]:
#1. How do you create a basic Flask application

from flask import Flask

# Create the Flask app
app = Flask(__name__)

# Define a route
@app.route('/')
def hello():
    return "Hello, World!"

# Run the app
if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat
ERROR:root:Unexpected exception finding object shape
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/google/colab/_debugpy_repr.py", line 54, in get_shape
    shape = getattr(obj, 'shape', None)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/werkzeug/local.py", line 318, in __get__
    obj = instance._get_current_object()
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/werkzeug/local.py", line 519, in _get_current_object
    raise RuntimeError(unbound_message) from None
RuntimeError: Working outside of request context.

This typically means that you attempted to use functionality that needed
an active HTTP request. Consult the documentation on testing for
information about how to avoid this problem.
ERROR:root:Unexpected exception finding object shape
Tra

In [None]:
#2. How do you serve static files like images or CSS in Flask

#Default Static File Structure
your_project/
│
├── app.py
├── static/
│   ├── style.css
│   ├── script.js
│   └── logo.png
└── templates/
    └── index.html

#Accessing Static Files in HTML
<!-- templates/index.html -->
<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
  <h1>Hello, Flask!</h1>
  <img src="{{ url_for('static', filename='logo.png') }}" alt="Logo">
</body>
</html>

#Example Flask App Using Static Files
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)

SyntaxError: invalid character '│' (U+2502) (<ipython-input-5-853664416>, line 5)

In [None]:
#3. How do you define different routes with different HTTP methods in Flask

#Basic Example: Handling GET and POST
mport Flask, request
app = Flask(__name__)
@app.route('/hello', methods=['GET', 'POST'])
def hello():
    if request.method == 'GET':
        return "Hello via GET!"
    elif request.method == 'POST':
        return "Hello via POST!"

#Using Separate Functions for Each Method (Optional)
@app.route('/get-example', methods=['GET'])
def get_example():
    return "This is a GET request."

@app.route('/post-example', methods=['POST'])
def post_example():
    return "This is a POST request."

#Handling More Methods (PUT, DELETE, etc.)
@app.route('/user', methods=['GET', 'POST', 'PUT', 'DELETE'])
def user_operations():
    if request.method == 'GET':
        return "Fetching user..."
    elif request.method == 'POST':
        return "Creating user..."
    elif request.method == 'PUT':
        return "Updating user..."
    elif request.method == 'DELETE':
        return "Deleting user..."

In [None]:
#4. How do you render HTML templates in Flask

#Create an HTML Template
<!DOCTYPE html>
<html>
<head>
  <title>Flask App</title>
</head>
<body>
  <h1>Hello, {{ name }}!</h1>
</body>
</html>

#Render the Template in Flask
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html', name='Anshumaan')

In [None]:
#5. How can you generate URLs for routes in Flask using url_for?
---

#Example: Basic Usage
#Define a route
@app.route('/hello')
def hello():
    return "Hello, World!"

#Generate the URL in Python
from flask import url_for
print(url_for('hello'))  # Output: '/hello'

#Example in HTML Template
<a href="{{ url_for('hello') }}">Go to Hello</a>

#With Dynamic Parameters
@app.route('/user/<username>')
def profile(username):
    return f"Profile page of {username}"

# Generates: /user/anshumaan
url_for('profile', username='anshumaan')

#With Query Strings
url_for('search', q='flask', page=2)
# Output: '/search?q=flask&page=2'

In [None]:
#6.  How do you handle forms in Flask?

<!DOCTYPE html>
<html>
<head>
    <title>Form Example</title>
</head>
<body>
    <h2>User Info Form</h2>
    <form method="POST" action="/submit">
        Name: <input type="text" name="name"><br><br>
        Age: <input type="number" name="age"><br><br>
        <input type="submit" value="Submit">
    </form>
</body>
</html>

#Flask App to Handle Form
from flask import Flask, request, render_template

app = Flask(__name__)

# Route to show the form
@app.route('/')
def form():
    return render_template('form.html')

# Route to handle form submission
@app.route('/submit', methods=['POST'])
def submit():
    name = request.form['name']
    age = request.form['age']
    return f"Received: Name = {name}, Age = {age}"
if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#7. How can you validate form data in Flask

from flask import Flask, request, render_template
app = Flask(__name__)
@app.route('/', methods=['GET', 'POST'])
def form():
    if request.method == 'POST':
        name = request.form['name']
        age = request.form['age']

        # Basic validation
        if not name or not age:
            return "All fields are required!", 400
        elif not age.isdigit():
            return "Age must be a number!", 400

        return f"Received: {name}, {age}"
    return render_template('form.html')

In [None]:
#8. How do you manage sessions in Flask

from flask import Flask, session, redirect, url_for, request
app = Flask(__name__)
app.secret_key = 'your_secret_key'  # Needed to encrypt session cookies
@app.route('/')
def index():
    if 'username' in session:
        return f"Logged in as {session['username']}"
    return "You are not logged in"
@app.route('/login', methods=['POST', 'GET'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']
        return redirect(url_for('index'))
    return '''
        <form method="post">
            <input type="text" name="username">
            <input type="submit" value="Login">
        </form>
    '''
@app.route('/logout')
def logout():
    session.pop('username', None)
    return redirect(url_for('index'))

In [None]:
#9.  How do you redirect to a different route in Flask

from flask import Flask, redirect, url_for
app = Flask(__name__)
@app.route('/')
def home():
    return redirect(url_for('dashboard'))
@app.route('/dashboard')
def dashboard():
    return "Welcome to the Dashboard!"

In [None]:
#10.  How do you handle errors in Flask (e.g., 404)

from flask import Flask, render_template
app = Flask(__name__)
@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html'), 404

In [None]:
#11.  How do you structure a Flask app using Blueprints

#1. Create a Blueprint (e.g., auth)
# /blueprints/auth/routes.py
from flask import Blueprint, render_template
auth_bp = Blueprint('auth', __name__, template_folder='templates', static_folder='static')
@auth_bp.route('/login')
def login():
    return render_template('login.html')

#2. Initialize the Blueprint
# /blueprints/auth/__init__.py
from .routes import auth_bp

#3. Register Blueprint in Main App
# app.py
from flask import Flask
from blueprints.auth import auth_bp
app = Flask(__name__)
app.register_blueprint(auth_bp, url_prefix='/auth')
if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#12. How do you define a custom Jinja filter in Flask

#1. Define the Custom Filter Function
def reverse_string(s):
    return s[::-1]

#2. Register the Filter with Flask
from flask import Flask
app = Flask(__name__)
@app.template_filter('reverse')
def reverse_string(s):
    return s[::-1]

#3. Use the Filter in a Jinja Template
<!-- templates/example.html -->
<p>{{ 'Flask' | reverse }}</p>

In [None]:
#13. How can you redirect with query parameters in Flask

from flask import Flask, redirect, url_for, request
app = Flask(__name__)
@app.route('/')
def home():
    # Redirect to /search?query=flask
    return redirect(url_for('search', query='flask'))
@app.route('/search')
def search():
    query = request.args.get('query')
    return f"Search Results for: {query}"

In [None]:
#14. How do you return JSON responses in Flask

from flask import Flask, jsonify
app = Flask(__name__)
@app.route('/api/data')
def get_data():
    return jsonify({
        'name': 'Flask',
        'version': '2.3',
        'status': 'success'
    })

#Returning JSON with Custom Status Code
@app.route('/api/error')
def get_error():
    return jsonify({'error': 'Something went wrong'}), 400  # HTTP 400 Bad Request

#Returning JSON from a List
@app.route('/api/users')
def get_users():
    users = [
        {'id': 1, 'name': 'Alice'},
        {'id': 2, 'name': 'Bob'}
    ]
    return jsonify(users)

In [None]:
#15.  How do you capture URL parameters in Flask

from flask import Flask
app = Flask(__name__)
@app.route('/user/<username>')
def show_user_profile(username):
    return f'User: {username}'