# **RESTful API and Flask**

## **Theoritical Question.**

**Question. No. 1. What is a RESTful API?**

**Answer.** A RESTful API (Representational State Transfer) is a web service that follows REST principles. It uses standard HTTP methods like GET, POST, PUT, and DELETE to access and modify resources, which are typically represented in JSON or XML format. RESTful APIs are stateless, meaning each request contains all the information needed to process it, making them scalable and easy to integrate with different systems.

**Question. No. 2. Explain the concept of API specification.**

**Answer.** An API specification is a formal document that defines how an API works. It outlines available endpoints, request and response formats, authentication methods, and error messages. It acts as a contract between the API provider and client, helping developers understand how to use the API correctly. Tools like OpenAPI or Swagger are often used to create and visualize API specifications, promoting consistency and reducing integration issues.

**Question. No. 3. What is Flask, and why is it popular for building APIs?**

**Answer.** Flask is a lightweight Python web framework used to build web applications and APIs. It’s popular for API development because it’s simple, flexible, and easy to learn. It provides essential tools and libraries while allowing developers to choose their components. Flask’s minimalist design makes it ideal for microservices and RESTful APIs, and extensions like Flask-RESTful or Flask-SQLAlchemy enhance its capabilities without making it heavy.

**Question. No. 4. What is routing in Flask?**

**Answer.** Routing in Flask refers to the mapping of URL paths to specific functions in application. When a user visits a certain URL, Flask determines which function (called a view) should handle the request based on routing rules defined using the @app.route() decorator. Routing enables clean, organized, and predictable URL structures, making it easier to build scalable web applications and APIs.

**Question. No. 5. How do you create a simple Flask application?**

**Answer.** To create a simple Flask app, install Flask using pip, then write a Python script. Import Flask, create an app instance, and define a route with a function. Example:

In [None]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)

**Question. No. 6. What are HTTP methods used in RESTful APIs?**

**Answer.** RESTful APIs use standard HTTP methods to perform operations on resources. The main methods include:

**GET:** Retrieve data from the server

**POST:** Create new data

**PUT:** Update existing data

**DELETE:** Remove data

**PATCH:** Partially update data

Each method follows specific rules and is used to perform distinct operations, ensuring clarity and consistency in API design. These methods make REST APIs intuitive and aligned with web standards.

**Quesion. No. 7. What is the purpose of the @app.route() decorator in Flask?**

**Answer.** The @app.route() decorator in Flask is used to bind a URL path to a Python function. When a user accesses that URL, the corresponding function is executed. It allows you to define different endpoints (routes) in your application, such as /home, /about, or /api/data. You can also specify which HTTP methods (GET, POST, etc.) the route accepts. This decorator is essential for handling requests and creating a structured API.

**Question. No. 8. What is the difference between GET and POST HTTP methods?**

**Answer.** **GET** retrieves data from the server and is used for read-only operations. Parameters are sent via the URL, and it should not change the server state.

**POST** sends data to the server, typically to create a new resource. It carries data in the request body and can modify server state.

GET requests can be bookmarked and cached, while POST requests cannot. POST is more secure for sensitive data since it's not exposed in the URL.

**Question. No. 9. How do you handle errors in Flask APIs?**

**Answer.** Flask allows error handling using @app.errorhandler() decorators or try-except blocks. For common HTTP errors like 404 or 500, custom error messages can be returned using:

In [None]:
@app.errorhandler(404)
def not_found(error):
    return {"error": "Not found"}, 404


We can also catch exceptions in view functions and return structured JSON responses. Flask provides a flexible way to handle and log errors to improve the reliability of your API.

**Question. No. 10. How do you connect Flask to a SQL database?**

**Answer.** To connect Flask to a SQL database, you use libraries like Flask-SQLAlchemy. First, install the package, then configure the database URI in your app:

In [None]:
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db'
db = SQLAlchemy(app)


Define models as Python classes, and SQLAlchemy maps them to database tables. You can perform CRUD operations easily using Python code. This integration simplifies database interaction within Flask applications.

**Question. No. 11. What is the role of Flask-SQLAlchemy?**

**Answer.**   **Flask-SQLAlchemy** is an extension that integrates SQLAlchemy (an ORM) with Flask. It simplifies database interactions by letting developers work with Python classes instead of raw SQL queries. It manages database sessions, migrations, and table creation. With Flask-SQLAlchemy, you define models using classes, and perform operations like insert, update, and delete using Python code. It improves productivity, especially when building APIs that interact with databases.

**Question. No. 12. What are Flask blueprints, and how are they useful?**

**Answer.** Flask blueprints help organize large applications into smaller, manageable modules. A blueprint is like a mini Flask app that contains routes, templates, and static files. You register blueprints on the main app using app.register_blueprint(). This modular structure makes your code cleaner and reusable, especially when working on larger projects or RESTful APIs with multiple endpoints.

**Question. No. 13. What is the purpose of Flask's request object?**

**Answer.** The request object in Flask gives access to incoming request data. It’s used to retrieve form data, JSON payloads, URL parameters, and request headers. For example, request.json retrieves JSON data, while request.args.get('id') accesses query parameters. It is crucial for building APIs that process client input and make decisions based on it. Flask automatically creates this object for every request.

**Question. No. 14. How do you create a RESTful API endpoint using Flask?**

**Answer.** To create a RESTful endpoint, define a route with @app.route() and specify allowed HTTP methods. For example:

In [None]:
@app.route('/api/user', methods=['GET'])
def get_user():
    return jsonify({"name": "John"})


We can use request to handle input and jsonify() to return JSON. For larger APIs, use Flask-RESTful to create class-based views with Resource and api.add_resource() for better organization.

**Question. No. 15. What is the purpose of Flask's jsonify() function ?**

**Answer.** The jsonify() function converts Python dictionaries or lists into JSON responses. It sets the correct MIME type (application/json) and handles encoding automatically. This is especially useful in APIs, where JSON is the standard data format. Instead of manually converting data using json.dumps(), jsonify() ensures a cleaner and more reliable output, improving response consistency.

**Question. No. 16. Explain Flask's url_for() function.**

**Anwer.** url_for() generates URLs dynamically based on the name of a view function. This is useful for avoiding hardcoded paths in your app. For example:

In [None]:
url_for('home')

This returns the full URL for the home view. It’s helpful when linking between routes or redirecting users. It ensures your app stays maintainable, especially when route names or parameters change.

**Question. No. 17. How does Flask handle static files (CSS, JavaScript, etc.)?**

**Anwer.** Flask serves static files from the static/ directory by default. We can link them in templates using url_for('static', filename='style.css'). This setup simplifies the management of frontend assets like CSS, JS, and images. Flask also allows custom static folders if configured, and it efficiently handles file delivery during development.

**Question. No. 18. What is an API specification, and how does it help in building a Flask API?**

**Answer.** An API specification defines how your API works—what endpoints exist, what parameters they take, and what responses they return. It helps to design, test, and document of an API. In Flask, following a spec like OpenAPI ensures consistent structure and communication. It also supports auto-generating documentation using tools like Swagger, which is helpful for teams and external developers.

**Question. No. 19. What are HTTP status codes, and why are they important in Flask API?**

**Answer.** HTTP status codes indicate the result of an API request. Common ones include 200 (OK), 201 (Created), 400 (Bad Request), 404 (Not Found), and 500 (Server Error). In Flask, we return these codes along with our response:

In [None]:
return {"msg": "Success"}, 200


They inform the client whether the request was successful or failed, enabling better error handling and debugging.

**Question. No. 20. How do you handle POST requests in Flask?**

**Answer.** To handle POST requests, define a route that accepts POST and use the request object to access incoming data:

In [None]:
@app.route('/submit', methods=['POST'])
def submit():
    data = request.json
    return jsonify(data), 201

This allows you to receive and process client input such as form submissions or JSON payloads. Ensure proper validation before processing the data.

**Question. No. 21. How would you secure a Flask API?**

**Answer.** We can secure a Flask API by implementing:

**Authentication** (e.g., JWT or token-based)

**Authorization** (user roles and permissions)

**Input validation** (to prevent injection)

**Rate limiting** (using Flask-Limiter)

**HTTPS** for secure communication

**CORS** control with Flask-CORS

Always sanitize input, log activities, and avoid exposing sensitive info in error messages. Security is vital to protect user data and prevent abuse.

**Question. No. 22. What is the significance of the Flask-RESTful extension?**

**Answer.** Flask-RESTful simplifies building REST APIs with Flask. It allows class-based views using Resource and supports input parsing, HTTP method handling, and error management. We define endpoints using classes and add them with api.add_resource(). This approach organizes code better and scales well for large APIs. It reduces boilerplate code, making development faster and cleaner.

**Question. No. 23. What is the role of Flask's session object?**
Flask's session object stores data specific to a user session using a secure cookie. It’s used for remembering user data between requests—like login state, preferences, or cart items. It behaves like a dictionary and is signed with a secret key for security. While not ideal for large data, it’s helpful for lightweight, session-based web apps and APIs.

#Practical Questions

**Question. No. 1. How do you create a basic flask application?**

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)

#This is a basic Flask app that runs on localhost:5000 and returns a simple message on the homepage.


**Question. No. 2.How do you serve stattic files like images or CSS in Flask?**


In [None]:
#Place files in a folder named static/. Then access them in HTML using:
<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
<img src="{{ url_for('static', filename='image.png') }}">


**Question. No. 3.How do you define different routes with different HTTP methods in Flask?**



In [None]:
@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Form submitted!"
    return "Submit form"



**Question. No. 4. How do you render HTML templates in Flask?**

In [None]:
from flask import render_template

@app.route('/')
def home():
    return render_template('index.html')


**Question. No. 5. How can you generate URLs for routes in Flask using url_for?**


In [None]:
@app.route('/profile/<username>')
def profile(username):
    return f"Hello, {username}"

# Generate URL:
url_for('profile', username='john')


**Question. No.6. How do you handle forms in Flask?**

In [None]:
#for HTML
#<form method="POST">
  #<input type="text" name="username">
  #<input type="submit">
#</form>"""

#FOR Python
from flask import request

@app.route('/form', methods=['POST'])
def form():
    username = request.form['username']
    return f"Hello {username}"


**Question. No. 7. How can you validate form data in Flask ?**


In [None]:
#Use WTForms:
pip install flask-wtf

#EXAMPLE

from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired

class MyForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired()])
    submit = SubmitField('Submit')


**Question. No. 8. How do you manage sessions in Flask?**


In [None]:
from flask import session

app.secret_key = 'secret'

@app.route('/login')
def login():
    session['user'] = 'admin'
    return 'Logged in'

@app.route('/logout')
def logout():
    session.pop('user', None)
    return 'Logged out'


**Question. No. 9. How do you redirect to a differenct route in Flask?**


In [None]:
from flask import redirect, url_for

@app.route('/go-home')
def go_home():
    return redirect(url_for('home'))


**Question. No. 10. How do you handle errors in Flask(e.g., 404) ?**


In [None]:
@app.errorhandler(404)
def not_found(error):
    return "Page not found", 404


**Question. No. 11. How do you structure a Flask app using Blueprints?**

In [None]:
In my_blueprint.py:

from flask import Blueprint

bp = Blueprint('bp', __name__)

@bp.route('/hello')
def hello():
    return "Hello from blueprint"

In main app:

from my_blueprint import bp
app.register_blueprint(bp, url_prefix='/bp')


**Question. No. 12. How do you define a custom Jinja filter in Flask?**


In [None]:
@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

#IN HTML

#{{ 'hello' | reverse }}


**Question. No. 13. How can you redirect with query parameters in Flask?**


In [None]:
return redirect(url_for('search', q='flask'))


#And define the route:

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Search results for {query}"


**Question. No. 14. How do you return JSON responses in Flask?**

In [None]:
from flask import jsonify

@app.route('/api')
def api():
    return jsonify({'name': 'Flask', 'version': 2})



**Question. No. 15. How do you capture URL parameters in Flask?**

In [None]:
@app.route('/user/<username>')
def show_user(username):
    return f"User: {username}"
