#**RESTful API and Flask Theory Section**

1. What is a RESTful API?

RESTful API stands for Representational State Transfer Application Programming Interface.

It is an architectural style for designing networked applications.

RESTful APIs use standard HTTP methods (GET, POST, PUT, DELETE) for operations.

They are stateless, meaning each request from a client to server contains all the necessary information to understand the request.

2. Explain the concept of API specification.

An API specification is a document or a set of rules that describes how an API works.

It defines the endpoints, HTTP methods, request parameters, and response structures.

Popular formats include OpenAPI (Swagger) and RAML.

Specifications help developers understand and interact with the API without needing to see the source code.

3. What is Flask, and why is it popular for building APIs?

Flask is a micro web framework written in Python.

It is known for its simplicity and minimalistic approach, providing only essential tools.

Its "micro" nature means it doesn't come with many built-in features, allowing developers to choose their own tools and libraries.

This flexibility makes it popular for building lightweight and scalable APIs.

4. What is routing in Flask?

Routing in Flask refers to the process of mapping URLs to Python functions.

It determines which function should be executed when a specific URL is accessed.

This is typically achieved using the @app.route() decorator.

Routes can include dynamic parts (variable rules) to capture values from the URL.

5. How do you create a simple Flask application?

First, import the Flask class from the flask module.

Create an instance of the Flask class, typically app = Flask(__name__).

Define a route using the @app.route('/') decorator for the root URL.

Write a Python function that returns the content to be displayed for that route and run the application using app.run().

6. What are HTTP methods used in RESTful APIs?

GET: Retrieves data from the server.

POST: Sends new data to the server to create a resource.

PUT: Updates an existing resource or creates one if it doesn't exist.

DELETE: Removes a resource from the server.

7. What is the purpose of the @app.route() decorator in Flask?

The @app.route() decorator binds a URL path to a specific Python function.

It tells Flask which function to call when a client requests a particular URL.

It can specify HTTP methods that the route should respond to (e.g., methods=['GET', 'POST']).

It is a core part of Flask's routing mechanism, simplifying the creation of endpoints.

8. What is the difference between GET and POST HTTP methods?

GET is used to request data from a specified resource; data is sent in the URL query string.

POST is used to send data to a server to create or update a resource; data is sent in the request body.

GET requests are idempotent (multiple identical requests have the same effect as a single one) and can be cached.

POST requests are not idempotent and generally not cached.

9. How do you handle errors in Flask APIs?

Flask allows you to register error handlers for specific HTTP status codes (e.g., 404 Not Found, 500 Internal Server Error).

You can use the @app.errorhandler() decorator to define functions that execute when an error occurs.

Custom error responses (e.g., JSON error messages) can be returned from these handlers.

For unhandled exceptions, Flask provides a default debug traceback, but custom error pages are essential for production.

10. How do you connect Flask to a SQL database?

You typically use a database connector library for Python, such as psycopg2 for PostgreSQL or mysql-connector-python for MySQL.

Flask-SQLAlchemy is a popular Flask extension that provides an ORM (Object-Relational Mapper) layer for SQLAlchemy.

This extension simplifies database interactions by mapping Python objects to database tables.

You configure the database URI in your Flask application's configuration.

11. What is the role of Flask-SQLAlchemy?

Flask-SQLAlchemy is an extension that provides SQLAlchemy support for Flask applications.

It simplifies database operations by integrating SQLAlchemy's ORM capabilities directly into Flask.

It manages database sessions, connection pooling, and provides a convenient way to define and query models.

It streamlines the process of working with relational databases in a Flask project.

12. What are Flask blueprints, and how are they useful?

Flask blueprints are a way to organize your Flask application into smaller, reusable components.

They allow you to modularize your application by separating different functionalities (e.g., user authentication, blog posts).

Blueprints can define their own routes, templates, and static files, and can be registered with the main Flask application.

They are useful for building larger applications, promoting code reusability, and managing complex routing structures.

13. What is the purpose of Flask's request object?

The request object in Flask holds all incoming request data from the client.

It provides access to form data (request.form), query parameters (request.args), JSON data (request.json), headers (request.headers), and files (request.files).

It is a global object that is available within the context of a request.

It is crucial for processing client inputs and building dynamic responses.

14. How do you create a RESTful API endpoint using Flask?

Define a function that will handle requests to a specific URL path.

Use the @app.route() decorator (or @blueprint.route()) to map the URL and specify allowed HTTP methods (e.g., methods=['GET', 'POST']).

Inside the function, access request data using Flask's request object.

Return a JSON response using Flask's jsonify() function to maintain RESTful conventions.

15. What is the purpose of Flask's jsonify() function?

jsonify() is a helper function in Flask that serializes Python dictionaries or lists into JSON format.

It also sets the Content-Type header of the HTTP response to application/json.

It simplifies returning structured data from API endpoints.

It ensures that the response is properly formatted for consumption by other applications.

16. Explain Flask's url_for() function.

url_for() is a Flask function used for URL building, also known as reverse routing.

It takes the name of a view function (endpoint) as its first argument and any variable parts of the URL as keyword arguments.

It generates a URL for the specified endpoint, making your application's URLs independent of actual URL changes.

This helps in avoiding hardcoding URLs, making applications more robust and maintainable.

17. How does Flask handle static files (CSS, JavaScript, etc.)?

Flask provides a dedicated mechanism for serving static files.

By default, it looks for static files in a folder named static within your application's root directory.

You can access these files in your templates using the url_for() function with the special endpoint 'static'.

For example, url_for('static', filename='css/style.css') would generate the URL for static/css/style.css.

18. What is an API specification, and how does it help in building a Flask API?

An API specification is a blueprint or contract describing the API's functionality, endpoints, data models, and operations.

It helps in building a Flask API by providing clear documentation for both frontend and backend developers.

Tools like OpenAPI (Swagger) can generate interactive documentation directly from the specification.

It facilitates consistent API design, enables automated testing, and simplifies client integration.

19. What are HTTP status codes, and why are they important in a Flask API?

HTTP status codes are three-digit numbers returned by the server in response to an HTTP request.

They indicate the outcome of the request (e.g., 200 OK, 404 Not Found, 500 Internal Server Error).

In a Flask API, they are crucial for communicating the success or failure of an operation to the client.

Proper use of status codes helps clients understand what happened and how to proceed, leading to more robust API interactions.

20. How do you handle POST requests in Flask?

Define a route using @app.route() and explicitly specify methods=['POST'].

Access the data sent in the request body using request.form for form data or request.json for JSON data.

Process the incoming data, which often involves saving it to a database or performing some business logic.

Return an appropriate HTTP status code (e.g., 201 Created for successful resource creation) and a response, often in JSON format.

21. How would you secure a Flask API?

Authentication: Implement user authentication using methods like token-based authentication (JWT), OAuth, or session management.

Authorization: Control access to resources based on user roles and permissions.

HTTPS: Ensure all communication is encrypted using SSL/TLS to prevent eavesdropping and data tampering.

Input Validation & Sanitize: Validate and sanitize all incoming data to prevent common vulnerabilities like SQL injection and XSS.

22. What is the significance of the Flask-RESTful extension?

Flask-RESTful is an extension for Flask that provides tools for quickly building REST APIs.

It simplifies common API development tasks such as request parsing, response formatting, and error handling.

It provides a resource-based approach, allowing developers to define API endpoints as classes.

It abstracts away much of the boilerplate code required for RESTful API creation in Flask.

23. What is the role of Flask's session object?

The Flask session object provides a way to store data specific to a user's session across multiple requests.

It is typically implemented using signed cookies, where data is stored client-side but signed by the server to prevent tampering.

It's used for maintaining user state, such as login status, shopping cart contents, or user preferences.

Session data is typically encrypted and signed, ensuring its integrity and preventing unauthorized modification.

#**RESTful API and Flask Practical Section**

In [None]:
# 1. How do you create a basic Flask application?
from flask import Flask

app = Flask(__name__)

@app.route('/')
def hello_world():
    return 'Hello, World!'

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 2. How do you serve static files like images or CSS in Flask?
# Static files are typically served from a 'static' folder in your application's root directory.
# For example, if you have a file 'style.css' in a 'static' folder:
# /your_app
#   /static
#     style.css
#   app.py

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def index():
    return '''
    <!DOCTYPE html>
    <html lang="en">
    <head>
        <meta charset="UTF-8">
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        <title>Static Files Example</title>
        <link rel="stylesheet" href="/static/style.css">
    </head>
    <body>
        <h1>Serving Static Files</h1>
        <img src="/static/image.png" alt="Example Image">
        <p>This page uses a static CSS file and an image.</p>
    </body>
    </html>
    '''

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 3. How do you define different routes with different HTTP methods in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        return 'Logged in via POST'
    else:
        return 'Please log in via GET (form)'

@app.route('/data', methods=['GET'])
def get_data():
    return 'Here is your data (GET request)'

@app.route('/data', methods=['POST'])
def post_data():
    return 'Data received (POST request)'

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 4. How do you render HTML templates in Flask?
# Templates are typically stored in a 'templates' folder.
# For example, if you have 'index.html' in a 'templates' folder:
# /your_app
#   /templates
#     index.html
#   app.py

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def index():
    user_name = "Alice"
    items = ["item1", "item2", "item3"]
    return render_template('index.html', name=user_name, items=items)

# Example content for templates/index.html:
# <!DOCTYPE html>
# <html lang="en">
# <head>
#     <meta charset="UTF-8">
#     <meta name="viewport" content="width=device-width, initial-scale=1.0">
#     <title>Home</title>
# </head>
# <body>
#     <h1>Hello, {{ name }}!</h1>
#     <p>Here are your items:</p>
#     <ul>
#         {% for item in items %}
#             <li>{{ item }}</li>
#         {% endfor %}
#     </ul>
# </body>
# </html>

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 5. How can you generate URLs for routes in Flask using url_for?
from flask import Flask, url_for, redirect

app = Flask(__name__)

@app.route('/')
def index():
    return 'Welcome to the home page!'

@app.route('/user/<username>')
def show_user_profile(username):
    return f'User: {username}'

@app.route('/login')
def login():
    return 'This is the login page.'

@app.route('/generate_url')
def generate_urls():
    # Generate URL for 'index' route
    home_url = url_for('index')
    # Generate URL for 'show_user_profile' with a parameter
    user_url = url_for('show_user_profile', username='Bob')
    # Generate URL for 'login' route
    login_url = url_for('login')
    # Generate URL for static files (e.g., a CSS file)
    css_url = url_for('static', filename='style.css')

    return f"""
    <p>Home URL: <a href="{home_url}">{home_url}</a></p>
    <p>User URL for Bob: <a href="{user_url}">{user_url}</a></p>
    <p>Login URL: <a href="{login_url}">{login_url}</a></p>
    <p>Static CSS URL: <a href="{css_url}">{css_url}</a></p>
    """

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 6. How do you handle forms in Flask?
from flask import Flask, request, render_template_string

app = Flask(__name__)

@app.route('/submit_form', methods=['GET', 'POST'])
def submit_form():
    if request.method == 'POST':
        name = request.form.get('name')
        email = request.form.get('email')
        return f'Form submitted! Name: {name}, Email: {email}'
    return render_template_string('''
        <form method="POST">
            <label for="name">Name:</label><br>
            <input type="text" id="name" name="name"><br>
            <label for="email">Email:</label><br>
            <input type="email" id="email" name="email"><br><br>
            <input type="submit" value="Submit">
        </form>
    ''')

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 7. How can you validate form data in Flask?
from flask import Flask, request, render_template_string, flash, redirect, url_for

app = Flask(__name__)
app.secret_key = 'your_secret_key' # Required for flashing messages

@app.route('/register', methods=['GET', 'POST'])
def register():
    if request.method == 'POST':
        username = request.form.get('username')
        password = request.form.get('password')
        confirm_password = request.form.get('confirm_password')

        errors = []
        if not username:
            errors.append('Username is required.')
        if not password:
            errors.append('Password is required.')
        elif len(password) < 6:
            errors.append('Password must be at least 6 characters long.')
        if password != confirm_password:
            errors.append('Passwords do not match.')

        if errors:
            for error in errors:
                flash(error, 'error')
            return render_template_string('''
                {% with messages = get_flashed_messages(with_categories=true) %}
                  {% if messages %}
                    <ul class=flashes>
                    {% for category, message in messages %}
                      <li class="{{ category }}">{{ message }}</li>
                    {% endfor %}
                    </ul>
                  {% endif %}
                {% endwith %}
                <form method="POST">
                    <label for="username">Username:</label><br>
                    <input type="text" id="username" name="username" value="{{ request.form.username or '' }}"><br>
                    <label for="password">Password:</label><br>
                    <input type="password" id="password" name="password"><br>
                    <label for="confirm_password">Confirm Password:</label><br>
                    <input type="password" id="confirm_password" name="confirm_password"><br><br>
                    <input type="submit" value="Register">
                </form>
            ''', request=request)
        else:
            flash('Registration successful!', 'success')
            return redirect(url_for('register'))

    return render_template_string('''
        {% with messages = get_flashed_messages(with_categories=true) %}
          {% if messages %}
            <ul class=flashes>
            {% for category, message in messages %}
              <li class="{{ category }}">{{ message }}</li>
            {% endfor %}
            </ul>
          {% endif %}
        {% endwith %}
        <form method="POST">
            <label for="username">Username:</label><br>
            <input type="text" id="username" name="username"><br>
            <label for="password">Password:</label><br>
            <input type="password" id="password" name="password"><br>
            <label for="confirm_password">Confirm Password:</label><br>
            <input type="password" id="confirm_password" name="confirm_password"><br><br>
            <input type="submit" value="Register">
        </form>
    ''')

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 8. How do you manage sessions in Flask?
from flask import Flask, session, redirect, url_for, escape, request

app = Flask(__name__)
app.secret_key = 'super secret key' # Essential for session security

@app.route('/')
def index():
    if 'username' in session:
        return f'Logged in as {escape(session["username"])} <br><a href="/logout">Logout</a>'
    return 'You are not logged in <br><a href="/login">Login</a>'

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        session['username'] = request.form.get('username')
        return redirect(url_for('index'))
    return '''
        <form method="post">
            <p><input type=text name=username>
            <p><input type=submit value=Login>
        </form>
    '''

@app.route('/logout')
def logout():
    session.pop('username', None)
    return redirect(url_for('index'))

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 9. How do you redirect to a different route in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def index():
    return 'This is the index page.'

@app.route('/old_route')
def old_route():
    # Redirect to the 'new_route'
    return redirect(url_for('new_route'))

@app.route('/new_route')
def new_route():
    return 'You have been redirected to the new route!'

@app.route('/external_redirect')
def external_redirect():
    # Redirect to an external URL
    return redirect("https://www.google.com")

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 10. How do you handle errors in Flask (e.g., 404)?
from flask import Flask, render_template_string, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(error):
    # Render a custom 404 HTML page
    return render_template_string('''
        <!DOCTYPE html>
        <html lang="en">
        <head>
            <meta charset="UTF-8">
            <meta name="viewport" content="width=device-width, initial-scale=1.0">
            <title>404 Not Found</title>
        </head>
        <body>
            <h1>404 - Page Not Found</h1>
            <p>Sorry, the page you are looking for does not exist.</p>
            <p>{{ error }}</p>
        </body>
        </html>
    ''', error=error), 404

@app.errorhandler(500)
def internal_server_error(error):
    # For API endpoints, you might want to return JSON
    if request.path.startswith('/api/'):
        return jsonify(error="Internal Server Error", message=str(error)), 500
    return "<h1>500 - Internal Server Error</h1><p>Something went wrong.</p>", 500

@app.route('/')
def index():
    return 'Welcome! Try going to a non-existent page to see the 404 error.'

@app.route('/trigger_500')
def trigger_500():
    raise Exception("This is a simulated internal server error!")

@app.route('/api/data')
def api_data():
    # Simulate an error in an API endpoint
    if True: # Some condition that leads to an error
        raise ValueError("Invalid data requested")
    return jsonify({"message": "Data retrieved"})


if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 11. How do you structure a Flask app using Blueprints?
# Create a 'my_app' directory:
# my_app/
#   __init__.py
#   auth.py
#   blog.py
#   views.py

# --- my_app/__init__.py ---
from flask import Flask

def create_app():
    app = Flask(__name__)
    app.config['SECRET_KEY'] = 'your_secret_key'

    from .auth import auth_bp
    from .blog import blog_bp

    app.register_blueprint(auth_bp, url_prefix='/auth')
    app.register_blueprint(blog_bp, url_prefix='/blog')

    @app.route('/')
    def index():
        return 'Welcome to the main app!'

    return app

# --- my_app/auth.py ---
from flask import Blueprint, render_template, request, flash, redirect, url_for

auth_bp = Blueprint('auth', __name__)

@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        username = request.form.get('username')
        password = request.form.get('password')
        if username == 'user' and password == 'pass':
            flash('Logged in successfully!', 'success')
            return redirect(url_for('auth.dashboard'))
        else:
            flash('Invalid credentials.', 'error')
    return render_template_string('''
        <form method="POST">
            <label for="username">Username:</label><br>
            <input type="text" id="username" name="username"><br>
            <label for="password">Password:</label><br>
            <input type="password" id="password" name="password"><br><br>
            <input type="submit" value="Login">
        </form>
        {% with messages = get_flashed_messages(with_categories=true) %}
          {% if messages %}
            <ul class=flashes>
            {% for category, message in messages %}
              <li class="{{ category }}">{{ message }}</li>
            {% endfor %}
            </ul>
          {% endif %}
        {% endwith %}
    ''')

@auth_bp.route('/dashboard')
def dashboard():
    return 'Welcome to the Auth Dashboard!'

# --- my_app/blog.py ---
from flask import Blueprint, render_template

blog_bp = Blueprint('blog', __name__)

@blog_bp.route('/')
def home():
    return 'Welcome to the Blog!'

@blog_bp.route('/post/<int:post_id>')
def post(post_id):
    return f'Viewing Blog Post {post_id}'

# --- run.py (in the root directory, alongside 'my_app') ---
# from my_app import create_app
#
# app = create_app()
#
# if __name__ == '__main__':
#     app.run(debug=True)

# To run this example, you would typically have the file structure and then run run.py.
# For demonstration purposes, here's a minimal setup that can be run directly:
from flask import Flask, Blueprint, render_template_string, request, flash, redirect, url_for

app_blueprint_example = Flask(__name__)
app_blueprint_example.config['SECRET_KEY'] = 'another_secret_key'

auth_bp_example = Blueprint('auth_bp_example', __name__, url_prefix='/auth')
blog_bp_example = Blueprint('blog_bp_example', __name__, url_prefix='/blog')

@auth_bp_example.route('/login')
def login_bp_example():
    return 'Auth Blueprint Login Page'

@blog_bp_example.route('/posts')
def posts_bp_example():
    return 'Blog Blueprint Posts Page'

app_blueprint_example.register_blueprint(auth_bp_example)
app_blueprint_example.register_blueprint(blog_bp_example)

@app_blueprint_example.route('/')
def index_blueprint_example():
    return 'Main App Page'

if __name__ == '__main__':
    app_blueprint_example.run(debug=True, port=5001) # Using a different port to avoid conflict

In [None]:
# 12. How do you define a custom Jinja filter in Flask?
from flask import Flask, render_template_string

app = Flask(__name__)

# Custom Jinja filter to reverse a string
@app.template_filter('reverse_string')
def reverse_string_filter(s):
    return s[::-1]

# Custom Jinja filter to capitalize the first letter of each word
@app.template_filter('capitalize_words')
def capitalize_words_filter(s):
    return ' '.join(word.capitalize() for word in s.split())

@app.route('/')
def index():
    return render_template_string('''
        <p>Original string: Hello World</p>
        <p>Reversed string: {{ "Hello World" | reverse_string }}</p>
        <p>Capitalized words: {{ "this is a test string" | capitalize_words }}</p>
    ''')

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 13. How can you redirect with query parameters in Flask?
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def index():
    return 'Welcome! Go to /redirect_with_params to see a redirect.'

@app.route('/redirect_with_params')
def redirect_with_params():
    # Redirect to '/target_page' with query parameters
    return redirect(url_for('target_page', name='Alice', age=30, city='New York'))

@app.route('/target_page')
def target_page():
    name = request.args.get('name')
    age = request.args.get('age')
    city = request.args.get('city')
    return f'Welcome to the target page! Name: {name}, Age: {age}, City: {city}'

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 14. How do you return JSON responses in Flask?
from flask import Flask, jsonify, request

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {
        "name": "John Doe",
        "age": 30,
        "isStudent": False,
        "courses": ["Math", "Science", "History"]
    }
    return jsonify(data)

@app.route('/api/post_data', methods=['POST'])
def post_data():
    if request.is_json:
        received_data = request.get_json()
        return jsonify({"message": "Data received successfully!", "your_data": received_data}), 200
    else:
        return jsonify({"error": "Request must be JSON"}), 400

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# 15. How do you capture URL parameters in Flask?
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user_profile(username):
    # Captures 'username' from the URL path
    return f'User profile for: {username}'

@app.route('/post/<int:post_id>')
def show_post(post_id):
    # Captures 'post_id' as an integer
    return f'Post ID: {post_id}'

@app.route('/path/<path:subpath>')
def show_subpath(subpath):
    # Captures 'subpath' which can include slashes
    return f'Subpath: {subpath}'

@app.route('/greet/<string:name>/<int:times>')
def greet_multiple_times(name, times):
    # Captures multiple parameters with type converters
    return f'Hello {name}! ' * times

if __name__ == '__main__':
    app.run(debug=True)