# Restful API & Flask Assignment

#Theory Question

1. What is a RESTful API?
   - A RESTful API (Representational State Transfer Application Programming Interface) is a web service that follows REST architecture principles to allow communication between client and server over HTTP.

2. Explain the concept of API specification.
   - An API specification is a formal document that defines how an API works and how it should be used. It acts as a contract between the API provider and the users (developers), detailing the structure, functionality, and behavior of the API. It outlines the structure, available endpoints, request and response formats, methods (like GET, POST), data types, and authentication rules.
   A good API specification includes the following key elements:

    Endpoints – The URI paths to access specific resources.

    HTTP Methods – Operations like GET, POST, PUT, DELETE.

    Request Parameters – Includes path, query, headers, and body data.

    Response Format – Structure and format of returned data (e.g., JSON) and status codes.

    Authentication – Methods for secure access (e.g., API key, OAuth).

    The importance of an API specification lies in ensuring consistency, reliability, and clear communication between teams. It helps developers understand how to integrate with the API effectively and enables tools to automate documentation, testing, and validation.



3. What is Flask, and why is it popular for building APIs?
  -Flask is a lightweight and flexible web framework written in Python, used for developing web applications and APIs. It is based on the Werkzeug WSGI toolkit and Jinja2 templating engine.
  It is popular because -
  
  Ideal for small to medium-sized projects or prototypes.
  
  Easy to learn python developers
  
  popular for building RESTful APIs, microservices or simple web apps.Flask makes it easy to define routes and handle HTTP methods like GET, POST, PUT, and DELETE, which are essential for RESTful APIs

4. What is routing in Flask?
   -  Routing in Flask is the process of associating URLs with specific functions in a Flask application. These functions are called view functions, and they define what response should be returned when a particular URL is accessed.In Flask, you use the @app.route() decorator to define routes. Each route corresponds to a specific URL and HTTP method (GET, POST, etc.)

5. How do you create a simple Flask application?
   - To create a simple Flask app:

     Install Flask using pip.

     Write Python code to define the app and route.

     Run the app and test it in a web browser.

In [1]:
!pip install Flask




In [2]:
from flask import Flask

app = Flask(__name__)  # Create a Flask app instance

@app.route('/')  # Define a route for the homepage
def home():
    return "Hello, World!"  # Response for the home route

if __name__ == '__main__':
    app.run(debug=True)  # Run the app in debug mode


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


6. What are HTTP methods used in RESTful API?
   - GET: Retrieve data from the server.
     
     POST: Send data to the server to create a new resource.

     PUT: Update an existing resource completely.

     PATCH: Partially update an existing resource.

      DELETE: Delete a resource from the server.

     OPTIONS: Describes the communication options for the target resource.



7. What is the purpose of the @app.route() decorator in Flask?
  - It is a route decorator.
    It tells Flask: when someone goes to the root URL/,call the home() fuction.Routes are URL paths that maps the python function called view function.
    

8. What is the difference between GET and POST HTTP methods?
   - GET Method:  The GET method is used to request data from a specified resource. Data is sent through the URL as query parameters and is visible to everyone. GET requests are idempotent, meaning multiple identical requests will have the same effect. Responses from GET requests can be cached by browsers. Typically used for retrieving or reading data without making changes on the server.

    POST Method: The POST method is used to send data to the server to create or update a resource. Data is sent inside the request body, making it more secure than GET. POST requests are not necessarily idempotent; repeated requests may result in multiple resource changes. Responses to POST requests are usually not cached.



9. How do you handle errors in Flask APIs?
   - In Flask APIs, errors can be handled using error handlers that catch specific HTTP errors or exceptions and return appropriate responses. You can define custom functions to handle specific error codes (like 404, 500) using the @app.errorhandler() decorator.

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def not_found(error):
    return jsonify({'error': 'Resource not found'}), 404

@app.errorhandler(500)
def server_error(error):
    return jsonify({'error': 'Internal server error'}), 500


10. How do you connect Flask to a SQL database?
    - To connect Flask to a SQL database, you typically use an ORM (Object-Relational Mapping) library like SQLAlchemy, or use a database driver directly.
      Use Flask-SQLAlchemy extension for easy integration.

      Set the database connection URI via app.config.

      Define data models as Python classes.

      Use db.create_all() to create tables.

      Use session methods to add, query, and modify data.

11. What is the role of Flask-SQLAlchemy?
   - Flask-SQLAlchemy is an extension for the Flask framework that integrates the powerful SQLAlchemy ORM (Object Relational Mapper) with Flask applications. Its main role is to simplify database operations by allowing developers to work with databases using Python classes and objects instead of writing complex SQL queries. Flask-SQLAlchemy manages database connections and sessions automatically, making it easier to perform common tasks such as creating, reading, updating, and deleting records. It supports multiple SQL databases like SQLite, MySQL, and PostgreSQL through a unified API, and it works seamlessly within Flask’s application context. Overall, Flask-SQLAlchemy provides a convenient and efficient way to interact with relational databases in Flask applications, improving code readability and maintainability.

12. What are Flask blueprints, and how are they useful?
   - Flask Blueprints are a powerful feature in the Flask framework that allows developers to organize their application into smaller, modular components. Each blueprint can represent a part of the application, such as authentication, admin panel, or user management, and can include its own routes, templates, static files, and error handlers. Blueprints make it easier to manage large applications by dividing them into manageable sections, promoting cleaner and more maintainable code. They also help in reusing code across different projects and simplify collaboration in team environments. By registering blueprints to the main application object, Flask combines all the components into a single, functional web application.

13. What is the purpose of Flask's request object?
    - The purpose of Flask's request object is to provide access to all the data sent by the client in an HTTP request. It allows developers to retrieve form data, JSON data, URL parameters, cookies, headers, and file uploads. The request object is essential for handling input from users, such as form submissions or API calls, enabling dynamic and interactive web applications.

14.  How do you create a RESTful API endpoint using Flask?
    - To create a RESTful API endpoint using Flask, you first import the Flask module and create a Flask application instance. Then, you define a route using the @app.route() decorator, specifying the URL path and the HTTP methods (such as GET or POST) it should handle. Inside the route function, you write the logic to process the request and return a response, usually in JSON format using jsonify(). This setup allows the endpoint to be accessed by clients through HTTP requests, enabling interaction with the API in a RESTful manner

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/hello', methods=['GET'])
def hello():
    return jsonify({'message': 'Hello, world!'})


15. What is the purpose of Flask's jsonify() function?
   - The purpose of Flask's jsonify() function is to convert Python data structures, such as dictionaries or lists, into a JSON-formatted HTTP response. It automatically sets the correct Content-Type header to application/json, making it easier and more reliable to return JSON data from your API endpoints. This function is commonly used in RESTful APIs to send structured data back to the client in a format that is widely supported and easy to parse.

16. Explain Flask’s url_for() function.
    -  The url_for() function in Flask is used to dynamically generate URLs for a given function name that is associated with a specific route. Instead of hardcoding URLs in templates or Python code, url_for() ensures that the correct path is generated even if the route changes later. This helps in maintaining the application and avoiding broken links.

    It is especially useful when linking to other routes, redirecting users, or generating URLs in HTML templates.

     syntax : url_for('function_name', **parameters)


17. How does Flask handle static files (CSS, JavaScript, etc.)?
    - Flask handles static files like CSS, JavaScript, and images using a special folder named static in the project directory. By default, Flask serves files from this static folder and makes them accessible using the URL path /static/filename.

     To use static files in your HTML templates, you should reference them using Flask's url_for() function. This ensures that the correct path is generated even if the application is moved or rename.


     project/
     │
     ├── app.py
     ├── static/
     │   └── style.css
     ├── templates/
         └── index.html


18. What is an API specification, and how does it help in building a Flask API?
    - An API specification is a detailed document that defines how an API works. It outlines the structure, available endpoints, HTTP methods (like GET, POST, PUT, DELETE), request and response formats, authentication methods, and error codes. Popular formats for API specifications include OpenAPI (Swagger) and RAML.

      In the context of building a Flask API, an API specification acts as a blueprint that helps developers clearly understand what the API should do and how it should behave. It ensures consistency, allows for easier collaboration among team members, and simplifies the process of testing and maintaining the API. It also helps in generating documentation and client SDKs automatically.

19. What are HTTP status codes, and why are they important in a Flask API?
    - HTTP status codes are standardized three-digit numbers returned by a server in response to a client's request. They indicate the outcome of the request, such as success, client error, or server error. Each code belongs to a specific category:

     2xx for success (e.g., 200 OK)

     4xx for client errors (e.g., 404 Not Found)

     5xx for server errors (e.g., 500 Internal Server Error)

       In a Flask API, these codes are important because they help clients understand the result of their request. For example, returning 200 OK confirms a successful operation, while 400 Bad Request tells the client that the input was invalid. Clear and correct use of status codes improves communication, debugging, and error handling between the client and server, leading to a more robust and user-friendly API.

20. How do you handle POST requests in Flask?
   - In Flask, POST requests are handled by defining a route with the methods=['POST'] parameter and using the request object to access the data sent by the client. POST requests are typically used to submit form data or JSON data to the server for processing, such as creating a new record.

21. How would you secure a Flask API?
    -  One common method is using authentication and authorization, such as API keys, JWT (JSON Web Tokens), or OAuth, to ensure only authorized users can access the API. Another important step is to use HTTPS instead of HTTP to encrypt data during transmission. Input validation and sanitization are also essential to prevent injection attacks like SQL injection or cross-site scripting (XSS). Additionally, enabling rate limiting helps protect the API from abuse or denial-of-service attacks by limiting the number of requests a user can make in a certain time frame.

22. What is the significance of the Flask-RESTful extension?
    - Flask-RESTful is an extension for Flask that simplifies the process of building RESTful APIs by providing useful tools and abstractions. It helps structure API endpoints using resource classes, making the code more organized and easier to maintain. Flask-RESTful automatically handles common tasks such as parsing request data, formatting responses, and managing HTTP methods (GET, POST, PUT, DELETE) through class-based views.This extension also supports built-in error handling, input validation, and integrates smoothly with Flask’s routing system. By reducing boilerplate code, Flask-RESTful allows developers to focus more on the application logic and less on repetitive tasks, speeding up API development and improving code clarity.

23. What is the role of Flask’s session object?
    - Flask’s session object is used to store information specific to a user’s session between requests. It allows web applications to remember data about a user, such as login status, preferences, or shopping cart contents, across multiple requests without requiring the user to send the data each time.

     The session data is stored securely on the client side in a cookie that is signed to prevent tampering, ensuring data integrity. Flask’s session object provides a simple way to manage user-specific data in a stateless HTTP environment, making it essential for implementing features like user authentication and personalized experiences in Flask application

#Practical Questions

1. How do you create a basic Flask application?

In [2]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, World!"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


2. How do you serve static files like images or CSS in Flask?
   - Flask automatically serves static files from a folder named static in your project directory. To use static files like images or CSS:

    Create a folder named static in your Flask project directory.

    Put your static files (CSS, images, JS) inside the static folder.

    Reference these files in your HTML templates using url_for('static', filename='path/to/file')

     
     project/
     │
     ├── app.py
     ├── static/
     │   ├── style.css
     │   └── logo.png
     └── templates/
          └── index.html


In [None]:
<!DOCTYPE html>
<html>
<head>
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
    <h1>Welcome to Flask</h1>
    <img src="{{ url_for('static', filename='logo.png') }}" alt="Logo">
</body>
</html>


In [None]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


3. How do you define different routes with different HTTP methods in Flask?

In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

# Route that handles GET method
@app.route('/get-example', methods=['GET'])
def get_example():
    return jsonify({"message": "GET request received"})

# Route that handles POST method
@app.route('/post-example', methods=['POST'])
def post_example():
    data = request.get_json()
    return jsonify({"message": "POST request received", "data": data})

# Route that handles both GET and POST
@app.route('/both-example', methods=['GET', 'POST'])
def both_example():
    if request.method == 'GET':
        return jsonify({"message": "GET on /both-example"})
    elif request.method == 'POST':
        data = request.get_json()
        return jsonify({"message": "POST on /both-example", "data": data})

if __name__ == '__main__':
    app.run(debug=True)


4. How do you render HTML templates in Flask?
    - Create a folder named templates.

      Add your HTML file inside the templates folder.

      Use render_template('filename.html') in your Flask route.

In [None]:
#app.py file
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#index.html file
<!DOCTYPE html>
<html>
<head>
    <title>Flask Template</title>
</head>
<body>
    <h1>Hello from Flask Template!</h1>
</body>
</html>


5. How can you generate URLs for routes in Flask using url_for?
   - In Flask, the url_for() function is used to dynamically build URLs for specific routes by referencing the function name instead of hardcoding the URL. This makes your application more maintainable and flexible, especially when the route paths change.

In [None]:
from flask import Flask, url_for, redirect

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page!'

@app.route('/about')
def about():
    return 'This is the About Page'

@app.route('/go-to-about')
def go_to_about():
    # Redirects to the 'about' route using url_for
    return redirect(url_for('about'))

if __name__ == '__main__':
    app.run(debug=True)


6.  How do you handle forms in Flask?
     - Create an HTML form in a template with method="POST".

     Define a Flask route that accepts both GET and POST methods.

     Use request.form to access submitted form data.

In [None]:
#app.py file
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/form', methods=['GET', 'POST'])
def handle_form():
    if request.method == 'POST':
        name = request.form['username']
        return f"Hello, {name}!"
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#templates/form.html
<!DOCTYPE html>
<html>
<head>
    <title>Flask Form</title>
</head>
<body>
    <form method="POST">
        <label for="username">Name:</label>
        <input type="text" name="username" required>
        <input type="submit" value="Submit">
    </form>
</body>
</html>


7. How can you validate form data in Flask?
   - In Flask, form data can be validated manually using Python conditions or automatically using extensions like Flask-WTF (WTForms).

In [None]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/form', methods=['GET', 'POST'])
def validate_form():
    error = None
    if request.method == 'POST':
        name = request.form['username']
        if not name:
            error = "Name is required."
        elif len(name) < 3:
            error = "Name must be at least 3 characters."
        else:
            return f"Hello, {name}!"
    return render_template('form.html', error=error)

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#form.html
<form method="POST">
    <input type="text" name="username" placeholder="Enter your name">
    <input type="submit" value="Submit">
    {% if error %}
        <p style="color:red;">{{ error }}</p>
    {% endif %}
</form>


8.  How do you manage sessions in Flask?
    - Import the session object from flask.

     Set a secret key in the app for security.

     Store or retrieve session data using session['key'].

In [None]:
from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'mysecretkey'  # Required for session security

@app.route('/')
def index():
    if 'username' in session:
        return f"Logged in as {session['username']}"
    return 'You are not logged in'

@app.route('/login', methods=['POST', 'GET'])
def login():
    if request.method == 'POST':
        session['username'] = request.form['username']
        return redirect(url_for('index'))
    return '''
        <form method="post">
            <input type="text" name="username" placeholder="Enter username">
            <input type="submit" value="Login">
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None)  # Remove session data
    return redirect(url_for('index'))

if __name__ == '__main__':
    app.run(debug=True)


9. How do you redirect to a different route in Flask?
   - In Flask, you can redirect the user from one route to another using the redirect() and url_for() functions. This is commonly used after actions like form submission or login to navigate to a new page. redirect(): Sends a response to the browser to redirect to a new URL. url_for(): Dynamically generates the URL for a given route function name.

In [None]:
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page'

@app.route('/login')
def login():
    return redirect(url_for('dashboard'))

@app.route('/dashboard')
def dashboard():
    return 'This is the Dashboard Page'

if __name__ == '__main__':
    app.run(debug=True)


10. How do you handle errors in Flask (e.g., 404)?

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page'

@app.errorhandler(404)
def page_not_found(error):
    return jsonify({'error': 'Page not found'}), 404

if __name__ == '__main__':
    app.run(debug=True)


11. How do you structure a Flask app using Blueprints?
     -  In Flask, Blueprints provide a way to organize your application into reusable and modular components. This is especially useful for larger applications, where keeping all routes and logic in a single file would be difficult to manage.

     purpose: Organize routes, views, and templates by functionality.Promote modular and maintainable code. Allow code reuse across different projects.


     myapp/
     │
     ├── app.py
     ├── home/
     │   ├── __init__.py
     │   └── routes.py
     └── templates/
         └── home.html


In [None]:
#routes.py file
from flask import Blueprint, render_template

home = Blueprint('home', __name__)

@home.route('/')
def index():
    return render_template('home.html')


In [None]:
#init.py file
from .routes import home


In [None]:
#main.py(main Flask app)
from flask import Flask
from home import home

app = Flask(__name__)
app.register_blueprint(home)

if __name__ == '__main__':
    app.run(debug=True)


12. How do you define a custom Jinja filter in Flask?
   

In [None]:
from flask import Flask, render_template

app = Flask(__name__)

# Step 1 & 2: Define and register custom filter
@app.template_filter('reverse')
def reverse_string(s):
    return s[::-1]

@app.route('/')
def home():
    return render_template('index.html', name="Flask")

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
<!DOCTYPE html>
<html>
<head>
    <title>Custom Filter Example</title>
</head>
<body>
    Original: {{ name }} <br>
    Reversed: {{ name | reverse }}
</body>
</html>


13.  How can you redirect with query parameters in Flask?

In [None]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return 'Home Page'

@app.route('/search')
def search():
    query = request.args.get('q')
    return f'Search results for: {query}'

@app.route('/redirect-to-search')
def redirect_to_search():
    # Redirect to /search with query parameter q='flask'
    return redirect(url_for('search', q='flask'))

if __name__ == '__main__':
    app.run(debug=True)


14.  How do you return JSON responses in Flask?
     -  import jsonify from flask.

       Create a Python dictionary or list with the data you want to send.

       Use jsonify(data) to convert it into a JSON response.

        Return the jsonify object from your route function.

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {
        'name': 'Flask API',
        'version': '1.0',
        'features': ['Routing', 'Templates', 'JSON Responses']
    }
    return jsonify(data)

if __name__ == '__main__':
    app.run(debug=True)


15. How do you capture URL parameters in Flask?

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user_profile(username):
    return f'Hello, {username}! Welcome to your profile.'

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
My Output: Hello, aparna! Welcome to your profile.
