#Restful API and Flask

# 1. What is a RESTful API?
   - A RESTful API is a way of designing and exposing web services that follow the REST (Representational State Transfer) principles. In REST, resources (such as users, products, or books) are identified by unique URLs, and clients interact with these resources using standard HTTP methods like GET (read), POST (create), PUT (update), and DELETE (remove). RESTful APIs are stateless, meaning each request from a client to the server must contain all the information needed to process it. They are widely used in modern web applications because they are lightweight, scalable, and easy to integrate with different platforms.

# 2. Explain the concept of API specification.
  - An API specification is like a contract that clearly defines how an API should work. It describes all available endpoints, HTTP methods, request parameters, headers, authentication requirements, and the expected response format (usually JSON or XML). A good specification makes it easier for developers to integrate the API into their applications without needing to look at the backend code. Common tools like OpenAPI/Swagger allow developers to create API documentation that is interactive and testable.

# 3. What is Flask, and why is it popular for building APIs?
  - Flask is a lightweight Python web framework that is designed to be simple yet powerful. Unlike heavy frameworks such as Django, Flask provides only the core features required to build web apps and APIs, while giving developers the flexibility to choose additional tools when needed. Flask is popular for APIs because it is easy to learn, quick to set up, and highly extensible. With Flask, you can build a fully functional API in just a few lines of code, making it ideal for beginners, prototypes, and even production-ready services.

# 4. What is routing in Flask?
   - Routing in Flask is the process of mapping a specific URL path to a Python function, which is called a view function. When a client (browser or API consumer) sends a request to a URL, Flask looks at its routing table and decides which function to call. Each route is defined using the @app.route() decorator, which allows you to bind URLs to functions. Routing makes it easy to create multiple pages or API endpoints in a Flask app. For example, /home may show a welcome message, while /users may return a list of users. Without routing, Flask would not know how to handle different client requests.


# 5. How do you create a simple Flask application?
   - Creating a simple Flask application involves three main steps: importing Flask, creating an instance of the Flask class, and defining at least one route with a function. Flask automatically starts a development server that runs locally so developers can test their apps. This makes Flask ideal for quickly building and testing applications. The simplicity of setup is one reason Flask is so widely used.

# 6. What are HTTP methods used in RESTful APIs?
   - RESTful APIs use HTTP methods to perform actions on resources. The most common are:

   - GET: Retrieve data (e.g., get a user’s profile).

   - POST: Create a new resource (e.g., add a new user).

   - PUT: Update an existing resource  completely.

   - PATCH: Partially update an existing resource.

   - DELETE: Remove a resource.
   Each method has a specific purpose, ensuring that APIs are standardized and easy to understand.

# 7.  What is the purpose of the @app.route() decorator in Flask?
  - The @app.route() decorator in Flask is used to bind a URL path to a specific function. This decorator tells Flask that whenever a client accesses that URL, the associated function should be executed. Without this, Flask wouldn’t know which function to run for a given request. It is one of the most essential parts of a Flask app, enabling developers to easily define multiple routes and endpoints.

# 8. What is the difference between GET and POST HTTP methods?
  - The GET method is used to request data from a server and typically sends parameters via the URL (query strings). It is mostly used for reading or fetching information. The POST method, on the other hand, is used to send data to the server in the body of the request. It is commonly used for creating or submitting new data such as forms or JSON objects. GET requests are visible in the URL, while POST requests hide the data in the request body, making POST more secure for sensitive information.

# 9. How do you handle errors in Flask APIs?
  - Error handling in Flask APIs is very important because it improves user experience and makes debugging easier. By default, Flask shows raw error messages such as 404 Not Found or 500 Internal Server Error, but in an API, it is better to send errors in a structured format (like JSON) so that clients (mobile apps, frontend apps, or other APIs) can understand and process them. Flask provides the @app.errorhandler() decorator, which allows developers to define custom error responses for specific error codes. For example, when a user tries to access a route that does not exist, instead of showing an HTML error page, we can return a JSON response that clearly states the problem. This approach keeps the API consistent and professional. Common error codes include 400 Bad Request (invalid input), 401 Unauthorized (authentication failed), 404 Not Found (resource missing), and 500 Internal Server Error (unexpected failure).

# 10. How do you connect Flask to a SQL database?
   - Flask by itself does not have built-in database support, but it can be connected to SQL databases like SQLite, MySQL, or PostgreSQL using libraries such as Flask-SQLAlchemy. SQLAlchemy is an Object Relational Mapper (ORM) that allows you to interact with a database using Python classes instead of writing raw SQL queries. To connect, you configure the database URI in Flask’s app.config and then initialize SQLAlchemy. This makes it easy to create tables, insert records, and query data in a Pythonic way. For beginners, SQLite is commonly used because it requires no setup and works with a single file.

# 11. What is the role of Flask-SQLAlchemy?
   - Flask-SQLAlchemy is an extension that integrates SQLAlchemy with Flask, making database operations more seamless. Instead of writing complex SQL queries, developers can define Python classes (models) to represent tables. This makes code cleaner and more maintainable. Flask-SQLAlchemy also manages database sessions, migrations, and provides helper methods to simplify queries. It is widely used in production-grade Flask applications for managing relational data.

# 12. What are Flask blueprints, and how are they useful?
   - Blueprints in Flask allow developers to organize applications into smaller, modular components. Instead of defining all routes in one file, you can group related routes (like user routes, admin routes, or API routes) into separate blueprints and then register them with the main app. This makes large applications easier to manage and improves code readability. Blueprints also allow reusability — you can package a set of routes as a module and reuse it in multiple projects.

# 13. What is the purpose of Flask's request object?
   - The request object in Flask is used to access all incoming request data from clients. This includes query parameters, form data, JSON payloads, headers, and even cookies. It allows you to extract data sent via GET and POST requests and process it accordingly. Without the request object, the server would not be able to understand or process the data coming from clients.

# 14. How do you create a RESTful API endpoint using Flask?
   - Creating a RESTful API endpoint in Flask involves defining a route and returning data in JSON format using jsonify(). Unlike normal routes that return HTML or text, API endpoints are designed to return structured responses that other programs or apps can consume.

# 15. What is the purpose of Flask's jsonify() function?
   - The jsonify() function is used to return JSON responses in Flask with the correct Content-Type header. If you return a dictionary directly, Flask might treat it as plain text, but jsonify() ensures the response is in proper JSON format and safe for API consumption.

# 16. Explain Flask’s url_for() function.
   - The url_for() function generates URLs dynamically by referencing a function name instead of hardcoding URLs. This prevents broken links if routes change later. It is especially useful in templates, redirects, and APIs where dynamic URL building is required.

# 17. How does Flask handle static files (CSS, JavaScript, etc.)?
   - Flask automatically serves static files like CSS, JavaScript, and images from a folder named static/. Developers can place files inside this folder and reference them in templates using url_for('static', filename='file.css'). This makes it simple to include frontend assets in web applications.

# 18. What is an API specification, and how does it help in building a Flask API?
  - An API specification defines all available endpoints, request methods, parameters, authentication, and response formats. In Flask, this helps ensure consistency and allows developers to use documentation tools like Swagger/OpenAPI. It also makes it easier for frontend teams or third-party developers to understand how to interact with the API without needing to see backend code.

# 19. What are HTTP status codes, and why are they important in a Flask API?
   - HTTP status codes indicate the result of an API request. They are important because they let clients know whether a request was successful or failed, and why. Examples include 200 OK (success), 201 Created (new resource created), 400 Bad Request (invalid input), 401 Unauthorized (no authentication), 404 Not Found (resource missing), and 500 Internal Server Error (server failure). Returning proper codes ensures that clients can handle responses correctly.

# 20. How do you handle POST requests in Flask?
   - POST requests are used to send data to the server, usually in JSON or form-data format. Flask allows reading this data with request.form for form data or request.json for JSON payloads. This makes it possible to create new records or process user input.

# 21. How would you secure a Flask API?
   - Securing a Flask API involves multiple techniques: using authentication (like JWT tokens or API keys), validating user input to prevent SQL injection, enforcing HTTPS for encrypted communication, rate limiting to avoid abuse, and applying CORS rules to restrict access from unauthorized domains. Flask provides extensions like Flask-JWT-Extended for authentication and Flask-Limiter for rate limiting. Security is critical in production APIs to protect data and prevent attacks.

# 22. What is the significance of the Flask-RESTful extension?
   - Flask-RESTful is an extension that simplifies building REST APIs by using class-based resources instead of functions. It provides request parsing, automatic error handling, and cleaner code organization. Developers can define each resource as a Python class with methods like get(), post(), and delete().

# 23. What is the role of Flask’s session object?
  - The session object in Flask is used to store user-specific data across multiple requests. Since HTTP is stateless, Flask uses sessions to remember things like login information or user preferences. The data is stored securely in a cookie signed with a secret key, preventing tampering. This makes sessions essential for authentication systems, shopping carts, and personalized user experiences.

#Practical

# 1. How do you create a basic Flask application?

In [22]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def hello():
    return "Hello, Flask!"



Hello flask!


# 2. How do you serve static files like images or CSS in Flask?

In [23]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return '<link rel="stylesheet" href="/static/style.css"><h1>Static Example</h1>'

if __name__ == "__main__":
    app.run(debug=True)


static example


# 3. How do you define different routes with different HTTP methods in Flask?

In [24]:
from flask import Flask, request
app = Flask(__name__)

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Form Submitted!"
    return "Send data via POST."

if __name__ == "__main__":
    app.run(debug=True)


Form Submitted!


# 4. How do you render HTML templates in Flask?

In [25]:
from flask import Flask, render_template_string
app = Flask(__name__)

@app.route('/')
def home():
    return render_template_string("<h1>Hello {{name}}</h1>", name="Akanksha")


Hello Buddy


# 5. How can you generate URLs for routes in Flask using url_for?

In [26]:
from flask import Flask, url_for
app = Flask(__name__)

@app.route('/')
def index():
    return f'Profile URL: {url_for("profile", username="kiran")}'

@app.route('/user/<username>')
def profile(username):
    return f"User: {username}"


User: kiran


# 6. How do you handle forms in Flask?

In [27]:
from flask import Flask, request
app = Flask(__name__)

@app.route('/form', methods=['GET','POST'])
def form():
    if request.method == 'POST':
        return f"Hello {request.form['username']}"
    return '''<form method="POST">
                <input type="text" name="username">
                <input type="submit">
              </form>'''


Hello Akanksha


# 7. How can you validate form data in Flask?

In [28]:
from flask import Flask, request
app = Flask(__name__)

@app.route('/login', methods=['POST'])
def login():
    username = request.form.get("username")
    if not username:
        return "Username required", 400
    return f"Welcome {username}"


welcome Kiran


# 8. How do you manage sessions in Flask?

In [29]:
from flask import Flask, session
app = Flask(__name__)
app.secret_key = "secret"

@app.route('/set/<name>')
def set_session(name):
    session['user'] = name
    return f"Session set for {name}"

@app.route('/get')
def get_session():
    return f"User: {session.get('user', 'Guest')}"


User: Akanksha


# 9. How do you redirect to a different route in Flask?

In [30]:
from flask import Flask, redirect, url_for
app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('dashboard'))

@app.route('/dashboard')
def dashboard():
    return "Welcome to Dashboard"


Welcome to Dashboard


# 10. How do you handle errors in Flask (e.g., 404)?

In [31]:
from flask import Flask
app = Flask(__name__)

@app.errorhandler(404)
def not_found(e):
    return "Custom 404 Page", 404


Custom 404 Page


# 11. How do you structure a Flask app using Blueprints?

In [32]:
from flask import Blueprint
user_bp = Blueprint('user', __name__)

@user_bp.route('/profile')
def profile():
    return "User Profile Page"
from flask import Flask
from user import user_bp

app = Flask(__name__)
app.register_blueprint(user_bp, url_prefix='/user')


User Profile Page


# 12. How do you define a custom Jinja filter in Flask?

In [33]:
from flask import Flask, render_template_string
app = Flask(__name__)

@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

@app.route('/')
def index():
    return render_template_string("{{ 'Flask'|reverse }}")


ksalF


# 13. How can you redirect with query parameters in Flask?

In [34]:
from flask import Flask, redirect, url_for, request
app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('search', q='flask'))

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Search results for: {query}"


Search results for: flask


# 14. How do you return JSON responses in Flask?

In [38]:
from flask import Flask, jsonify
app = Flask(__name__)

@app.route('/api/data')
def data():
    return jsonify({"name": "Pranali", "age": 21})


{'name': 'Pranali', 'age': 21}


# 15. How do you capture URL parameters in Flask?

In [39]:
from flask import Flask
app = Flask(__name__)

@app.route('/user/<username>')
def user(username):
    return f"Hello {username}"


Hello Kiran
