# Assignment Restful API & Flask
## Theory Questions

1.  What is a RESTful API?
> A RESTful API (Representational State Transfer API) is a way for different applications to communicate with each other over the internet using simple HTTP requests (like GET, POST, PUT, DELETE).

 It follows REST principles, meaning it:

 Uses URLs to access resources (e.g., example.com/users for user data).

 Sends data in formats like JSON or XML.

 Is stateless (each request is independent).

 Example: When you use a weather app, it requests data from a RESTful API to get the latest weather updates.

2. Explain the concept of API specification?
> An API specification is a detailed document that defines how different software systems can communicate with each other. It includes:

 Endpoints (URLs where requests are sent)

 Request Methods (GET, POST, PUT, DELETE, etc.)

 Request and Response Formats (JSON, XML, etc.)

 Authentication Requirements (API keys, tokens)

 Error Codes and Responses

3. What is Flask, and why is it popular for building APIs?

 Flask is a lightweight Python web framework used to build web applications and APIs. It is popular for API development because:

 Simplicity – Easy to set up and use.

 Flexibility – Lets developers choose tools and libraries freely.

 Lightweight – Minimal setup, making it fast and efficient.

 Extensibility – Supports plugins and additional features.

 Built-in Development Server – Helps test APIs easily.

 It's widely used for creating RESTful APIs due to its ease of use and quick development time.

4. What is routing in Flask?

 Routing in Flask is the process of mapping URLs to specific functions in a web application.

 It helps in defining different web pages or API endpoints.

 Flask uses the @app.route() decorator to define routes.

 When a user visits a URL, the associated function runs and returns a response.

        Example:

        from flask import Flask

        app = Flask(__name__)

        @app.route('/')
        def home():
        return "Welcome to Flask!"

        @app.route('/about')
        def about():
        return "This is the About Page"

        if __name__ == '__main__':
        app.run(debug=True)

 In this example:

 Visiting / shows "Welcome to Flask!"

 Visiting /about shows "This is the About Page"

5.  How do you create a simple Flask application?

 Steps:

 Install Flask (if not installed)

        pip install flask

 Create a Python file (app.py) and add the following code:


        from flask import Flask

        app = Flask(__name__)

        @app.route('/')
        def home():
        return "Hello, Flask!"

        if __name__ == '__main__':
        app.run(debug=True)

 Run the application in the terminal:


        python app.py

Access the app in your browser:


      http://127.0.0.1:5000/

This will display "Hello, Flask!" on the page.

6.  What are HTTP methods used in RESTful APIs?

 Here are the main HTTP methods used in RESTful APIs:

GET – Retrieves data from the server (e.g., fetching user details).

POST – Sends new data to the server (e.g., creating a new user).

PUT – Updates existing data (e.g., modifying user info).

PATCH – Partially updates data (e.g., changing only the email of a user).

DELETE – Removes data from the server (e.g., deleting a user).

OPTIONS – Returns the allowed HTTP methods for a resource.

HEAD – Similar to GET but only returns headers, not the actual content.

 7. What is the purpose of the @app.route() decorator in Flask?

 In Flask, the @app.route() decorator is used to define a URL route for your web application.

Simple Explanation:
It tells Flask which URL should trigger a specific function.

The function returns a response (like HTML or JSON) when the URL is accessed.

     Example:

     from flask import Flask

      app = Flask(__name__)

      @app.route('/')
      def home():
      return "Hello, Flask!"

      if __name__ == '__main__':
      app.run(debug=True)

Here, visiting '/' (the homepage) in a browser will display "Hello, Flask!".

 8. What is the difference between GET and POST HTTP methods?

  Purpose:

GET is used to request data from a server.

POST is used to send data to a server.

Data Visibility:

In GET, data is sent in the URL, so it is visible in the browser.

In POST, data is sent in the request body, making it hidden from the URL.

Security:

GET is less secure because the data can be stored in browser history or logged.

POST is more secure as the data is not exposed in the URL.

Usage:

GET is used for fetching data, like search queries.

POST is used for submitting data, like login forms.

Caching:

GET requests can be cached by browsers.

POST requests are not cached by default.

Data Size:

GET has a limit on data size because URLs have a length restriction.

POST allows sending large amounts of data.

Idempotency:

GET is idempotent, meaning multiple requests will return the same result.

POST is not idempotent, as it can modify data on the server.

 Example:

GET request: example.com/search?query=data (data is in the URL).

POST request: Used in forms like login, where credentials are sent securely in the body.

9. How do you handle errors in Flask APIs?

 Handling errors in Flask APIs is simple. Here’s how you can do it:

Use try-except Blocks

Catch errors inside your route functions.

      from flask import Flask, jsonify

      app = Flask(__name__)

      @app.route("/divide/<int:a>/<int:b>")
      def divide(a, b):
      try:
        result = a / b
        return jsonify({"result": result})
      except ZeroDivisionError:
        return jsonify({"error": "Cannot divide by zero"}), 400
     
 Use Flask’s errorhandler Decorator
    
 Create custom error handlers.

      @app.errorhandler(404)
      def not_found(error):
      return jsonify({"error": "Resource not found"}), 404

Handle Internal Server Errors (500)
Catch unexpected errors globally.

      @app.errorhandler(500)
      def server_error(error):
      return jsonify({"error": "Something went wrong"}), 500
      Use abort() for Custom Responses

Stop execution and return a specific error.

      from flask import abort

      @app.route("/check/<int:value>")
      def check(value):
      if value < 0:
        abort(400, description="Negative values not allowed")
      return jsonify({"value": value})

10.  How do you connect Flask to a SQL database?

 To connect Flask to a SQL database, follow these simple steps:

Install Flask-SQLAlchemy

      pip install flask-sqlalchemy
Set up your Flask app with SQLAlchemy

      from flask import Flask
      from flask_sqlalchemy import SQLAlchemy

      app = Flask(__name__)
      app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'  # Replace with your database URL
      db = SQLAlchemy(app)
Define a Model (Table Structure)

      class User(db.Model):
        id = db.Column(db.Integer, primary_key=True)
      name = db.Column(db.String(100), nullable=False)

Create the Database

      with app.app_context():
        db.create_all()
Adding Data

      new_user = User(name="John Doe")
      db.session.add(new_user)
      db.session.commit()
Querying Data

      users = User.query.all()  # Fetch all users

11. Flask-SQLAlchemy is an extension for Flask that makes working with databases easier. It integrates SQLAlchemy (a powerful database toolkit) with Flask, allowing you to interact with databases using Python instead of writing raw SQL queries.

Key Benefits:

Simplifies database operations – You can define database tables as Python classes.

Supports multiple databases – Works with SQLite, MySQL, PostgreSQL, etc.

Automatic data handling – Manages database connections and transactions.

Easy query execution – Use Python-based ORM (Object-Relational Mapping) instead of complex SQL queries.

12. What are Flask blueprints, and how are they useful?

 Flask Blueprints help you organize a Flask app into smaller, reusable modules. Instead of putting all routes and logic in one file, you can create separate blueprints for different parts of your app (e.g., auth, admin, user).

They are useful because they:

Keep the code modular and maintainable.

Allow easy reuse of components across multiple projects.

Help in large applications by grouping related routes together.

      Example:

      from flask import Blueprint

      auth = Blueprint('auth', __name__)

      @auth.route('/login')
      def login():
      return "Login Page"

      # In the main app
      from flask import Flask
      app = Flask(__name__)
      app.register_blueprint(auth, url_prefix='/auth')

Now, visiting /auth/login will trigger the login() function.

13.  What is the purpose of Flask's request object?

 Flask's request object is used to access data sent by the client (browser or app) to the server. It helps retrieve form inputs, query parameters, JSON data, file uploads, and headers in a Flask app.

      Example:

      from flask import Flask, request

      app = Flask(__name__)

      @app.route('/greet')
      def greet():
      name = request.args.get('name', 'Guest')  # Get query parameter
      return f'Hello, {name}!'

      if __name__ == '__main__':
      app.run()

Here, request.args.get('name') extracts the name parameter from the URL (/greet?name=John).


14.  How do you create a RESTful API endpoint using Flask?

 Steps:
Install Flask (if not already installed):

      pip install flask
Create a Python file (e.g., app.py) and add the following code:

      from flask import Flask, jsonify

      app = Flask(__name__)

      @app.route('/api/hello', methods=['GET'])
      def hello():
      return jsonify({'message': 'Hello, World!'})

      if __name__ == '__main__':
      app.run(debug=True)

Run the script:

      python app.py
Open a browser or use Postman/cURL to visit:

      http://127.0.0.1:5000/api/hello

It should return:

        {"message": "Hello, World!"}

15.  What is the purpose of Flask's jsonify() function?

 In Flask, jsonify() is used to convert Python data (like dictionaries or lists) into a JSON response. It ensures the data is properly formatted and sets the correct Content-Type (application/json) in the response.

Example:

      from flask import Flask, jsonify

      app = Flask(__name__)

      @app.route('/data')
      def get_data():
      return jsonify({"message": "Hello, Flask!", "status": "success"})

      if __name__ == '__main__':
      app.run(debug=True)

When you visit /data, Flask will return a JSON response:

      {
        "message": "Hello, Flask!",
          "status": "success"
        }

16.  Explain Flask’s url_for() function.

 In Flask, url_for() is a function that generates the URL for a given view function dynamically. Instead of hardcoding URLs, you can use url_for() to create links that automatically adjust if routes change.

Example:

      from flask import Flask, url_for

      app = Flask(__name__)

      @app.route('/home')
      def home():
      return "Welcome to Home Page!"

      with app.test_request_context():
      print(url_for('home'))  # Output: /home

Why use url_for()?
Dynamic URL generation (Handles route changes automatically).

Avoids hardcoding (More maintainable code).

Supports query parameters (e.g., url_for('home', user='John') → /home?user=John).

17.  How does Flask handle static files (CSS, JavaScript, etc.)?

 Flask handles static files (CSS, JavaScript, images) by placing them in a folder named static inside your project. You can access these files using the url_for() function in your HTML templates.

Example:
Project structure:

      my_flask_app/
      ├── app.py
      ├── static/
      │   ├── style.css
      │   ├── script.js
      ├── templates/
      │   ├── index.html

Using static files in HTML (index.html):

      <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
      <script src="{{ url_for('static', filename='script.js') }}"></script>

Flask Code (app.py):

      from flask import Flask, render_template

      app = Flask(__name__)

      @app.route('/')
      def home():
      return render_template('index.html')

      if __name__ == '__main__':
      app.run(debug=True)

How It Works:

Flask automatically serves files from the static/ folder.

url_for('static', filename='style.css') generates the correct URL.

No need to configure anything extra—Flask takes care of it!

18.  What is an API specification, and how does it help in building a Flask API?

 An API specification is a detailed document that defines how an API should work. It includes the endpoints, request/response formats, authentication methods, and error handling.

In Flask, an API specification helps by:

Providing a clear structure for API endpoints.

Ensuring consistency in request and response formats.

Making collaboration easier among developers.

Helping with documentation, so users know how to interact with the API.

Tools like Swagger (Flask-RESTX or Flask-Swagger) can generate interactive API documentation from specifications, making it easier to test and understand the API.

19.  What are HTTP status codes, and why are they important in a Flask API?

 HTTP status codes are three-digit numbers that indicate the result of an HTTP request in a Flask API. They help in understanding whether a request was successful or if there was an error.

Common HTTP Status Codes in Flask:

200 OK – The request was successful.

201 Created – A new resource was created successfully.

400 Bad Request – The request was invalid or cannot be processed.

401 Unauthorized – Authentication is required.

403 Forbidden – The client does not have permission.

404 Not Found – The requested resource does not exist.

500 Internal Server Error – A server-side error occurred.

Importance in Flask API:

Helps clients understand the result of their request.

Makes debugging easier by identifying errors.

Improves API communication by following standard responses.

Example in Flask:

      from flask import Flask, jsonify

      app = Flask(__name__)

      @app.route('/success')
      def success():
      return jsonify(message="Request was successful"), 200

      @app.route('/error')
      def error():
      return jsonify(error="Something went wrong"), 500

      if __name__ == '__main__':
      app.run(debug=True)

This Flask app returns appropriate HTTP status codes for different responses.

20.  How do you handle POST requests in Flask?

 In Flask, you handle POST requests using the request object from flask. Here's a simple example:

      
      from flask import Flask, request

      app = Flask(__name__)

      @app.route('/submit', methods=['POST'])
      def handle_post():
      data = request.json  # Get JSON data from the request
      return {"message": "Data received", "data": data}

      if __name__ == '__main__':
      app.run(debug=True)

How It Works:

Define a route (/submit) that accepts POST requests (methods=['POST']).

Use request.json to get JSON data sent in the request.

Return a response with the received data.

21.  How would you secure a Flask API?

 Securing a Flask API involves several key steps:

Use HTTPS – Encrypt data transmission using SSL/TLS.

Authentication & Authorization – Implement token-based authentication like JWT (JSON Web Token) or OAuth.

Input Validation & Sanitization – Prevent SQL injection and XSS attacks by validating user inputs.

Rate Limiting – Limit the number of requests per user using Flask-Limiter to prevent abuse.

CORS Management – Restrict cross-origin requests using Flask-CORS to allow only trusted domains.

Secure API Keys – Store sensitive information like database credentials in environment variables.

Error Handling – Avoid exposing sensitive error messages by handling exceptions properly.

Logging & Monitoring – Track API usage and detect anomalies using logging frameworks.

22.  What is the significance of the Flask-RESTful extension?

 Simplifies API Development – Makes building RESTful APIs easier with Flask.

Reduces Boilerplate Code – Provides built-in tools for routing, request handling, and responses.

Supports Resource Management – Uses a class-based approach for managing API resources.

Built-in Request Parsing – Helps handle query parameters and JSON data efficiently.

Error Handling – Provides structured error responses for better debugging.

Authentication Support – Allows integration of authentication mechanisms easily.

Lightweight and Fast – Keeps APIs minimal and efficient without unnecessary complexity.

23. What is the role of Flask’s session object?

 In Flask, the session object is used to store user-specific data across multiple requests. It helps maintain user sessions, like login states, without requiring a database.

It stores data on the client side (usually as a cookie).

It is secure since Flask signs the cookie to prevent tampering.

It can hold small amounts of data, like usernames or preferences.

Example:


      from flask import Flask, session

      app = Flask(__name__)
      app.secret_key = "your_secret_key"  # Required for session security

      @app.route("/")
      def index():
      session["username"] = "JohnDoe"  # Store data in session
      return "Session data set!"

      @app.route("/get")
      def get_session():
      return f"Hello, {session.get('username', 'Guest')}"

      if __name__ == "__main__":
      app.run(debug=True)

This way, session data persists even after navigating between pages.






























In [1]:
## Practical Questions.

In [2]:
#1.  How do you create a basic Flask application?
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [1]:
#2.  How do you serve static files like images or CSS in Flask?
from flask import Flask, send_from_directory

app = Flask(__name__)

@app.route('/static/<path:filename>')
def serve_static(filename):
    return send_from_directory('static', filename)


In [2]:
#3. How do you define different routes with different HTTP methods in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/get', methods=['GET'])
def get_data():
    return "This is a GET request"

@app.route('/post', methods=['POST'])
def post_data():
    return


In [3]:
#4.  How do you render HTML templates in Flask?
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

In [4]:
#5.  How can you generate URLs for routes in Flask using url_for?
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/about')
def about():
    return "About Page"


In [6]:
#6.  How do you handle forms in Flask?
from flask import Flask

In [7]:
#7.  How can you validate form data in Flask?
from flask import Flask

In [8]:
#8. How do you manage sessions in Flask?
from flask import Flask, session

app = Flask(__name__)
app.secret_key = "secret"  # Required for using sessions

@app.route("/")
def home():
    session["user"] = "John"  # Store data in session
    return "User stored in session! <a href='/get'>Get User</a>"

@app.route("/get")
def get_user():
    return f"Hello, {session.get('user', 'Guest')}!"

@app.route("/logout")
def logout():
    session.pop("user", None)  # Remove user from session
    return "Logged out!"

if __name__ == "__main__":
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [1]:
#9.  How do you redirect to a different route in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page!"

@app.route('/redirect-me')
def redirect_me():
    return redirect(url_for('home'))

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [1]:
#10.  How do you handle errors in Flask (e.g., 404)?
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def not_found(error):
    return jsonify(error="Not Found", status="error"), 404

In [2]:
#11.  How do you structure a Flask app using Blueprints?
from flask import Blueprint

home_bp = Blueprint("home", __name__)

@home_bp.route("/")
def home():
    return "Welcome to the Home Page!"


In [1]:
#12.  How do you define a custom Jinja filter in Flask?
from flask import Flask, render_template_string

app = Flask(__name__)

# Define and register a simple custom filter
@app.template_filter('uppercase')
def uppercase(text):
    return text.upper()

@app.route('/')
def home():
    return render_template_string("<p>Uppercase: {{ 'hello' | uppercase }}</p>")

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [1]:
#13.  How can you redirect with query parameters in Flask?
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the Home Page!'

@app.route('/redirect_with_params')
def redirect_with_params():
    return redirect(url_for('destination', name='John', age=25))

@app.route('/destination')
def destination():
    name = request.args.get('name')
    age = request.args.get('age')
    return f'Name: {name}, Age: {age}'

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


In [1]:
#14.  How do you return JSON responses in Flask?
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/json')
def json_response():
    data = {'message': 'Hello, Flask!'}
    return jsonify(data)

In [2]:
#15.  How do you capture URL parameters in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/user/<username>')
def user_profile(username):
    return f'Welcome, {username}!'