#### Q 1.  What is a RESTful API?

 - A RESTful API (Representational State Transfer API) is a type of web service that follows the principles of REST — a software architectural style used for designing networked applications.
 
 
- **Resource-Based**
- Everything is treated as a resource (e.g., users, posts, products), and each resource is identified by a unique URL (Uniform Resource Locator).

**Uses Standard HTTP Methods**
- RESTful APIs use HTTP methods to perform actions on resources:

- GET – Retrieve data
- POST – Create a new resource
- PUT – Update an existing resource
- DELETE – Delete a resource

- **Stateless**
- Every request from the client to the server must contain all the information the server needs to understand and process the request. The server does not store any state about the client session.

- **Structured Data (usually JSON)**
- RESTful APIs commonly use JSON (JavaScript Object Notation) to structure the request and response data.


**Client-Server Separation**
- The client (e.g., web browser or mobile app) and the server are independent. The client only needs to know the API and doesn’t care how the server is implemented.

**Uniform Interface**
- REST defines a uniform way of interacting with resources — consistent use of URLs, HTTP verbs, and response formats.

#### Q.2  Explain the concept of API specification.

- An API specification is a blueprint that describes exactly how an API works — what clients can do, what they should send, and what they'll get back. It reduces confusion, enables tooling, and promotes faster, safer development.

- **Endpoints**
- The URL paths where the API can be accessed (e.g., /users, /posts/<id>).
- HTTP Methods
- Specifies allowed operations like:
- GET – retrieve data
- POST – create data
- PUT/PATCH – update data
- DELETE – remove data
- Request Format
- Defines the structure of data that must be sent in requests, such as headers, query parameters, path variables, and body (usually JSON or XML).
- Response Format
- Describes what the API returns: status codes, response headers, and the structure of the response body.

#### Q.3  What is Flask, and why is it popular for building APIs

- **Flask** is a lightweight, flexible web framework written in Python, commonly used to build web applications and RESTful APIs.

**Simplicity & Minimalism**
Flask has a small learning curve. You can go from “Hello World” to a working API in minutes.
**Highly Flexible**
You can structure the app any way you like — it doesn’t force patterns on you. This makes it great for small projects or rapid prototyping



In [None]:
#Example 
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/greet')
def greet():
    return jsonify({'message': 'Hello, World!'})

if __name__ == '__main__':
    app.run(debug=True)


#### Q.4  What is routing in Flask?

- Routing in Flask refers to the mechanism that maps URLs (web addresses) to functions in your Python code. These functions are called view functions, and they return responses (like HTML, JSON, etc.) to the client (browser, mobile app, etc.)


In [None]:
## In Flask, you define routes using the @app.route() decorator.

from flask import Flask

app = Flask(__name__)

@app.route('/')  ---------- '''/ is the root route.'''

def home():
    return 'Welcome to the homepage!'

@app.route('/about')------------- '''/about is another route.'''
def about():
    return 'This is the about page.'



#### Q.5 How do you create a simple Flask application?

- Flask App Basics:
- Install Flask
- Create Flask app using Flask(__name__)
- Use @app.route() to map URLs to functions
- Run with app.run(debug=True)



![Q1](Q1.png)

![Q1O](Q1O.png)


#### Q.6 What are HTTP methods used in RESTful APIs?

- n RESTful APIs, HTTP methods (also known as HTTP verbs) define the actions that can be performed on resources (like users, posts, or products). Each method has a specific purpose and is used to interact with resources in a standard way.

- **GET**
- Purpose: Retrieve data from the server
- Safe: It doesn't change data
- Idempotent: Repeating the request gives the same result
- **Example:**
- GET /users/1 → Returns user with ID 1

- **POST**
- Purpose: Create a new resource

- Not idempotent: Repeating the request can create duplicates

- **Example:**
- POST /users with body:

- **PUT**
- Purpose: Replace an existing resource completely
- Idempotent: Repeating the request has the same effect
- **Example:**
PUT /users/1 with body:

In [15]:
# Example POST
{
  "name": "Fahim",
  "email": "fahim@example.com"
}


{'name': 'Fahim', 'email': 'fahim@example.com'}

#### Q.7 What is the purpose of the @app.route() decorator in Flask?

- The @app.route() decorator in Flask is used to define a route — that is, it connects a URL path to a Python function (called a view function). When someone visits that URL in their browser or makes an API request, Flask runs the associated function and returns the response.
- **Maps a specific URL to a function**
- **Tells Flask** "When someone accesses this path, run this function and return its result"




In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the homepage!'


#### Q.8 What is the difference between GET and POST HTTP methods?

- The GET and POST HTTP methods are both used to communicate with a server, but they serve different purposes and behave differently.

- **GET:**
- Used to retrieve data from the server (read-only).
- Sends data as query parameters in the URL.
- Data is visible in the URL (not secure for passwords or sensitive info)


- **POST:**
- Used to send data to the server to create or update a resource.
- ends data in the body of the HTTP request.
- Example (form submission or JSON payload):
- Data is not visible in the URL (more secure for sensitive info).





#### Q.9 How do you handle errors in Flask APIs?

- In Flask APIs, handling errors properly ensures users get clear, meaningful responses when something goes wrong — like invalid input, missing data, or internal issues
- **Using @app.errorhandler() Decorator**


In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def not_found(error):
    return jsonify({'error': 'Not found'}), 404

@app.errorhandler(500)
def server_error(error):
    return jsonify({'error': 'Internal Server Error'}), 500


- Using abort() for Simple Errors Flask's abort() function lets you quickly return standard error responses.

In [None]:
from flask import abort

@app.route('/secret')
def secret():
    abort(403)  # Forbidden


#### Q.10 How do you connect Flask to a SQL database?

- To connect Flask to a SQL database, you typically use an ORM (Object-Relational Mapper) like SQLAlchemy or Flask-SQLAlchemy, which simplifies working with databases using Python classes
- STEPs
- Steps 1: Install Flask-SQLAlchemy




In [None]:
##- Step 2: Set Up Flask App and Database Configuration

from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)

# SQLite example (you can change it for MySQL, PostgreSQL, etc.)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///users.db'  # or 'postgresql://user:pass@localhost/dbname'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

db = SQLAlchemy(app)


In [None]:
## Step 3: Define a Model (Table)
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100), nullable=False)
    email = db.Column(db.String(120), unique=True, nullable=False)

    def __repr__(self):
        return f'<User {self.name}>'



In [None]:
# Step 4: Create the Database Tables
with app.app_context():
    db.create_all()



In [None]:
# Use the Database in Routes
@app.route('/add_user')
def add_user():
    new_user = User(name='Fahim', email='fahim@example.com')
    db.session.add(new_user)
    db.session.commit()
    return 'User added!'


#### Q.11 What is the role of Flask-SQLAlchemy?

- Flask-SQLAlchemy is an extension for Flask that integrates the SQLAlchemy ORM (Object-Relational Mapper) with your Flask application, making it easier to work with relational databases using Python objects instead of raw SQL queries.

- Flask-SQLAlchemy = SQLAlchemy + Flask integration, designed to:
- Simplify setup
- Provide ORM capabilities
- Handle database sessions
- Fit into the Flask ecosystem smoothly



#### Q.12 What are Flask blueprints, and how are they useful?

- Flask Blueprints are a way to organize a Flask application into smaller, modular components. Think of them as "mini apps" within your main Flask app.A Blueprint is a reusable set of routes, templates, static files, and other code that can be registered on your main Flask app.




In [None]:
# Create a blueprint 
from flask import Blueprint

user_bp = Blueprint('user', __name__)

@user_bp.route('/profile')
def profile():
    return "This is the user profile page"


In [None]:
# Registered the Blueprint in Main App (app.oy)
from flask import Flask
from user import user_bp

app = Flask(__name__)
app.register_blueprint(user_bp, url_prefix='/user')

if __name__ == '__main__':
    app.run()

'''Visiting http://localhost:5000/user/profile will trigger the blueprint route.'''


#### Q.13 What is the purpose of Flask's request object?

- The purpose of Flask's request object is to provide access to all the data sent by the client (typically a web browser or API consumer) in an incoming HTTP request.

#### Q 14. How do you create a RESTful API endpoint using Flask?

- To create a RESTful API endpoint using Flask, you define a route using the @app.route() decorator and implement logic that responds to specific HTTP methods like GET, POST, PUT, or DELETE.

- @app.route('/users', methods=['GET']): A route for retrieving data
- @app.route('/users', methods=['POST']): Accepts JSON to create a resource
- request.get_json(): Parses JSON from the client
- jsonify(): Converts Python dict/list to a JSON response
- Dynamic URL segments: /users/<int:user_id> let you target specific items



In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

# In-memory data store (for demonstration)
users = []

# GET - Retrieve all users
@app.route('/users', methods=['GET'])
def get_users():
    return jsonify(users)

# POST - Create a new user
@app.route('/users', methods=['POST'])
def create_user():
    data = request.get_json()
    users.append(data)
    return jsonify({'message': 'User created', 'user': data}), 201

# GET - Retrieve a single user by ID
@app.route('/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    if user_id < len(users):
        return jsonify(users[user_id])
    return jsonify({'error': 'User not found'}), 404

# PUT - Update a user by ID
@app.route('/users/<int:user_id>', methods=['PUT'])
def update_user(user_id):
    if user_id < len(users):
        data = request.get_json()
        users[user_id] = data
        return jsonify({'message': 'User updated', 'user': data})
    return jsonify({'error': 'User not found'}), 404

# DELETE - Delete a user by ID
@app.route('/users/<int:user_id>', methods=['DELETE'])
def delete_user(user_id):
    if user_id < len(users):
        users.pop(user_id)
        return jsonify({'message': 'User deleted'})
    return jsonify({'error': 'User not found'}), 404

if __name__ == '__main__':
    app.run(debug=True)


#### 15.Q What is the purpose of Flask's jsonify() function?

- The purpose of Flask's jsonify() function is to convert Python data structures (like dictionaries or lists) into a valid JSON response, and automatically set the correct HTTP response headers

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {'name': 'Fahim', 'role': 'Data Analyst'}
    return jsonify(data)


#### Q. 16Explain Flask’s url_for() function

- The url_for() function in Flask is used to dynamically build URLs for your routes using the name of the view function, rather than hardcoding the URL path.



In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/home')
def home():
    return "Welcome to Home!"

@app.route('/about')
def about():
    return "About Page"

@app.route('/link')
def link():
    return f"Go to the home page: {url_for('home')}"


#### Q.17 How does Flask handle static files (CSS, JavaScript, etc.)

- Flask handles static files like CSS, JavaScript, and images using a special folder named static. Flask automatically serves files placed inside this folder at the /static/ URL path.
- Place all your static files (CSS, JS, images) inside the static/ folder.
- Use url_for('static', filename='yourfile.ext') to link them in HTML.
- Flask serves them automatically via the /static/ route.



#### Q.18 What is an API specification, and how does it help in building a Flask API4?

- An API specification is a formal description of how an API works — it defines the structure, endpoints, request/response formats, parameters, and error messages of the API.
- It acts like a contract between the backend (API developer) and the frontend or external consumers (users of the API).


#### Q.19 What are HTTP status codes, and why are they important in a Flask API

- HTTP status codes are 3-digit numbers returned by a server in response to a client’s request. They indicate the result of the request — whether it was successful, redirected, invalid, unauthorized, or failed due to a server error.



In [None]:
from flask import Flask, jsonify, request

app = Flask(__name__)

@app.route('/user/<int:user_id>')
def get_user(user_id):
    if user_id == 1:
        return jsonify({"name": "Fahim"}), 200
    else:
        return jsonify({"error": "User not found"}), 404


#### Q.20  How do you handle POST requests in Flask?

- To handle POST requests in Flask, you define a route with the methods=['POST'] argument in the @app.route() decorator. Then, inside the route function, you use request (from flask) to access the submitted data — typically as JSON, form data, or raw data.

#### Q.21 How would you secure a Flask API?

- Securing a Flask API involves implementing several layers of protection to ensure that only authorized users can access your endpoints and that the data is safe from tampering or misuse

- Controls what authenticated users are allowed to do.
- Define user roles (e.g., admin, user)
- Restrict access to certain endpoints or actions

- Always run the API over HTTPS to encrypt data in transit.
- Use a reverse proxy like Nginx or Gunicorn with SSL.
- Don’t allow plain HTTP access in production.
- Use libraries like marshmallow, pydantic, or manual checks


#### Q.22 What is the significance of the Flask-RESTful extension

- The Flask-RESTful extension is a powerful tool that simplifies building RESTful APIs with Flask by adding convenient abstractions and tools. It helps structure APIs in a clean, resource-based way, making your code easier to read, maintain, and scale
- Flask-RESTful is great for building well-structured, RESTful APIs without adding much complexity. 




#### Q.23 What is the role of Flask’s session object?

- The session object in Flask is used to store user-specific data across multiple requests. It acts like a temporary dictionary that keeps track of information (e.g., login state, user preferences) between different pages or API calls during a user’s session.



- The session data is stored on the client-side (in a browser cookie).
- Flask signs the data using secret_key to ensure it hasn't been tampered with.
- The data is not encrypted, so avoid storing sensitive information like passwords directly.



In [16]:
from flask import Flask, session, redirect, url_for, request

app = Flask(__name__)
app.secret_key = 'super-secret-key'  # Needed to sign session cookies

@app.route('/login', methods=['POST'])
def login():
    username = request.form['username']
    session['username'] = username  # Store in session
    return f"Logged in as {username}"

@app.route('/profile')
def profile():
    if 'username' in session:
        return f"Welcome back, {session['username']}!"
    else:
        return "You are not logged in."

@app.route('/logout')
def logout():
    session.pop('username', None)  # Remove from session
    return "You have been logged out."


# Practical

#### Q.1 How do you create a basic Flask application?


- To create a basic Flask application, you just need a Python file (e.g. app.py) with a few simple lines of code.

![Q1](Q1.png)

![Q1O](Q1O.png)


#### Q.2 How do you serve static files like images or CSS in Flask

![Q2O](Q2O.png)


![QA](QA.png)


![QAO](QAO.png)


#### Q.3 How do you define different routes with different HTTP methods in Flask?

- In Flask, you can define different routes that respond to different HTTP methods (like GET, POST, etc.) using the methods parameter in the @app.route() decorator.



![Q3](Q3.png)


#### Q.4 How do you render HTML templates in Flask?

- In Flask, you render HTML templates using the render_template() function, which loads an HTML file from the templates/ directory and sends it to the browser.



![Q4e](Q4e.png)

![Q4eO](Q4eO.png)


#### Q.5 How can you generate URLs for routes in Flask using url_for?

- In Flask, you can generate URLs for routes using the url_for() function. This is the recommended way to create URLs because:
- It automatically handles URL building.
- It avoids hardcoding paths (so they're easier to maintain).
- It works correctly if the app is deployed under a subdirectory.



![Q5](Q5.png)


### OUTPUT

![Q5O](Q5O.png)


#### Q.6 How do you handle forms in Flask4

### Q6 - Original
![Q6](Q6.PNG)

### Q6 - Modified
![Q6M](Q6M.PNG)

### Q6 - Output
![Q6O](Q6O.PNG)


#### Q.7 How can you validate form data in Flask?

![7](7.png)
![7o](7o.png)

![7m](7m.png)

#### Q.8 How do you manage sessions in Flask?

- In Flask, you manage sessions using the built-in session object, which lets you store data for a user across multiple requests (like login status, user preferences, etc.). Flask stores session data in a cookie that's signed with a secret key for security.




![Q8](8.png)

![Q8m](8m.png)
![Q8e](8e.png)



#### Q.9 How do you redirect to a different route in Flask?

![9](9.png)
![9m](9m.png)


#### Q.10 How do you handle errors in Flask (e.g., 404)?

- In Flask, you handle errors like 404 Not Found, 500 Internal Server Error, etc., by creating custom error handler functions using the @app.errorhandler decorator.



![Q10](Q10.png)

![10](10.png)


#### Q.11 How do you structure a Flask app using Blueprints?


![11](11.png)

![11o](11o.png)


#### Q.12  How do you define a custom Jinja filter in Flask?


![Q11](Q11.png)

![Q11O](Q11O.PNG)




#### Q.13 How can you redirect with query parameters in Flask?

![13](13.png)

![13o](13o.png)


#### Q.14 How do you return JSON responses in Flask?

- To return JSON responses in Flask, you use the jsonify function provided by Flask. This automatically converts Python dictionaries (or other serializable objects) into a proper JSON response with the correct Content-Type header (application/json).

![Q14](Q14.png)
![Q14O](Q14O.png)



#### Q.15  How do you capture URL parameters in Flask?


- In Flask, you can capture URL parameters (also called dynamic segments or path variables) using angle brackets (< >) in your route definition.



![Q15](Q15.png)
![Q15O](Q15O.png)

