# **Restful API & Falsk**

1. What is a  RESTful API?
 - A RESTful API (Representational State Transfer API) is a web service that follows the principles of REST architecture. It's used to let systems communicate over the internet, usually via HTTP.

Key points:
Uses HTTP methods:

GET – retrieve data

POST – create data

PUT/PATCH – update data

DELETE – remove data

Stateless: Each request from a client contains all the info needed. No session is stored on the server.

Resource-based: Everything is treated as a resource (like /users, /products), and URLs point to these resources.

Standard formats: Data is usually sent and received in JSON or XML.

Example:
GET /api/users/123 – fetches user with ID 123
POST /api/products – creates a new product

It's widely used because it's simple, scalable, and easy to integrate with front-end apps.










2. Explain the concept of API specification.
 - An API specification is a detailed blueprint that defines how an API works — it tells developers exactly how to interact with it.

Key elements of an API spec:
Endpoints: URLs to access different resources (/users, /orders)

Methods: HTTP verbs allowed (GET, POST, PUT, DELETE)

Request structure: Expected inputs like headers, parameters, and body format

Response format: What kind of data is returned, usually in JSON

Error codes: Possible status codes and what they mean (e.g., 404 Not Found, 401 Unauthorized)

Authentication: How users are verified (e.g., API keys, OAuth)

Why it matters:
Helps developers understand and use the API without guessing

Makes integration faster and smoother

Acts as a **

3. What is Falsk, and why is it popular for building APIs?
  - Flask is a lightweight Python web framework for building web apps and APIs.

Why it's popular for building APIs:

Minimal & flexible – You start with a small core and add only what you need.

Easy to learn – Simple syntax, good for beginners, and quick projects.

Built-in routing – Easy to map URLs to Python functions.



4. What is routing in Flask?
 - Routing in Flask is how you connect URLs to Python functions.

How it works:

You use the @app.route() decorator to define which URL triggers which function.

Example:

In [None]:
from flask import Flask
app = Flask(__name__)

@app.route('/hello')
def say_hello():
    return "Hello, World!"


When someone visits /hello in the browser, Flask runs the say_hello() function.

Key points:

Routes can handle different HTTP methods (GET, POST, etc.)

You can use dynamic URLs like /user/<username>

5. How do you create a simple Flak application?
 - Here's how to create a simple Flask application: install Flask.

In [None]:
    pip install Flask



Create a Python file: (e.g., app.py):

In [None]:
    from flask import Flask

    app = Flask(__name__)

    @app.route('/')
    def hello_world():
        return 'Hello, World!'

    if __name__ == '__main__':
        app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


Run the application.

In [None]:
    python app.py

SyntaxError: invalid syntax (<ipython-input-2-b851947b46d7>, line 1)

6. What are HTTP methods used in RESTFUL APIs?
  - Here are the main HTTP methods used in RESTful APIs:

🔹 GET
Purpose: Retrieve data

Example: GET /products → get a list of products

🔹 POST
Purpose: Create a new resource

Example: POST /products → create a new product

🔹 PUT
Purpose: Replace an existing resource

Example: PUT /products/10 → update all data for product 10

🔹 PATCH
Purpose: Update part of a resource

Example: PATCH /products/10 → update only the price

🔹 DELETE
Purpose: Delete a resource

Example: DELETE /products/10 → delete product 10

These methods help map HTTP actions to CRUD operations:

Create → POST

Read → GET

Update → PUT/PATCH

Delete → DELETE










7. What is the purpose of the @app.route() decorator in Flask?
 - The @app.route() decorator in Flask is used to define a URL route for a specific function.

🔧 Purpose:

It tells Flask:
"When this URL is requested, run this function."

🧾 Example:

In [None]:
@app.route('/hello')
def greet():
    return "Hello, World!"


➡️ When you visit /hello in the browser, Flask runs greet() and shows "Hello, World!"

✅ Key Points:
Binds URLs to functions

Can handle different HTTP methods (like GET, POST)

Supports dynamic paths (e.g., /user/<name>)

It’s the core of routing in Flask apps.

8. What is the difference between GET and POST HTTP methods?
 - The main difference between GET and POST HTTP methods lies in their intended use: GET is for retrieving data, while POST is for sending data to the server, often for creating or updating resources. GET requests send data in the URL, making it visible and cacheable, while POST requests send data in the request body, keeping it hidden and not typically cacheable.

Elaboration:

GET:

Used to request data from a server. It should only retrieve information and not modify the server's state. The data is included in the URL as query parameters, making it visible and potentially logged.

POST:

Used to send data to the server, often to create new resources or update existing ones. The data is sent

9. How do you handle errors in Flask APIs?
 - Error handling in Flask APIs can be implemented using the @app.errorhandler decorator or the abort() function. The @app.errorhandler decorator allows you to define custom error handlers for specific HTTP status codes or exception types. The abort() function raises an HTTPException with a specified status code, which can then be handled by an error handler.
Here's how you can handle errors in a Flask API: Using @app.errorhandler.

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def not_found(error):
    return jsonify({'error': 'Not found'}), 404

@app.errorhandler(500)
def internal_server_error(error):
    return jsonify({'error': 'Internal server error'}), 500

@app.route('/')
def index():
    # Simulate an error
    raise Exception()
    return 'Hello, World!'

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


10. How do you connect Flask to a SQL database?
 -
Setting Up SQLAlchemy

To create a database we need to import SQLAlchemy in app.py, set up SQLite configuration, and create a database instance as shown below.

We set up Flask, connect it to a SQLite database (site. ...

In the templates folder, create file "add_profile. ...

Create a "/add" route in app.py.

11. What is the role of Flask-SQLAlchemy?

 - Flask-SQLAlchemy is a Flask extension that makes using SQLAlchemy with Flask easier, providing you with tools and methods to interact with your database in your Flask applications through SQLAlchemy. In this tutorial, you'll build a small student management system that demonstrates how to use the Flask-SQLAlchemy extension

12. What is the purpose of Flask's request object?
 - The purpose of Flask's request object is to give access to all the data sent by the client in an HTTP request. It lets you interact with:

Form data (from POST requests): request.form

Query parameters (from GET requests): request.args

JSON payloads: request.get_json()

Headers: request.headers

Cookies: request.cookies

Files (for uploads): request.files

Method type: request.method

URL: request.url, request.path

Basically, it helps your Flask app read incoming data so you can handle requests properly.

13. What is the purpose of Flask's request object?
 - Flask’s request object lets your app access all the data sent by the client in an HTTP request—like form inputs, query parameters, JSON data, headers, cookies, files, and the request method. It’s how you read what the user or client is sending to your server.










14. How do you create a RESTful API endpoint using Flask?
 - To create a RESTful API endpoint in Flask:

Import Flask and create an app instance.

Use the @app.route decorator with the URL and HTTP methods.

Define a function that handles the request and returns a response (usually JSON).

Example:

In [None]:
from flask import Flask, jsonify, request

app = Flask(__name__)

@app.route('/api/items', methods=['GET'])
def get_items():
    items = ['item1', 'item2', 'item3']
    return jsonify(items)

if __name__ == '__main__':
    app.run()


 * Serving Flask app '__main__'
 * Debug mode: off


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m


This creates a simple GET endpoint at /api/items that returns a JSON list. You can add POST, PUT, DELETE similarly by changing the methods and handling data from request.

15. What is the purpose of Flask's jsonify() function?
 - The purpose of Flask's jsonify() function is to convert Python data structures (like dictionaries or lists) into a JSON-formatted HTTP response. It also sets the correct Content-Type header to application/json.

Why use jsonify() instead of json.dumps()?
jsonify() automatically sets the Content-Type: application/json header.

It returns a Flask Response object, which is directly usable as a return value from a route.

It handles encoding of special types (like datetime) more gracefully in some cases.

Example:

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/data')
def get_data():
    return jsonify({'name': 'John', 'age': 30})


This will return:

In [None]:
{
  "name": "John",
  "age": 30
}


{'name': 'John', 'age': 30}

16. Explain Flask's url_for() function.
 - Flask's url_for() function is used to dynamically build URLs for routes defined in your app, based on the function name (not hardcoded paths). This helps keep your code flexible and maintainable.

Purpose:
Avoids hardcoding URLs.

Automatically adapts if the route changes.

Supports adding query parameters easily.

Syntax:

In [None]:
url_for('function_name', **params)


NameError: name 'url_for' is not defined

Example:

In [None]:
from flask import Flask,


SyntaxError: trailing comma not allowed without surrounding parentheses (<ipython-input-6-417d19d03b65>, line 1)

17. How does Flask handle static files (CSS, JavaScript, etc.)?
 - Flask automatically handles static files like CSS, JavaScript, and images through a designated "static" folder within your application directory. When a Flask application is created, it sets up a route, /static, to serve files from this folder. To include a static file in a template, you use the url_for() function, specifying 'static' and the filename. For example, to include a CSS file named "style.css" located in the "static/css" folder, you would use:

In [None]:
<link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}">

SyntaxError: invalid syntax (<ipython-input-5-c6a2d96a5014>, line 1)

Flask then generates the correct path to the file. It is important to organize static files within the "static" directory to maintain a clear structure.

18. What is an API specification, and how does it help in building a Flask API?
 - An API specification is a detailed document that defines how an API should behave—covering endpoints, request/response formats, data types, authentication, and error handling.

It helps in building a Flask API by:

Giving a clear blueprint for what to build

Ensuring consistent request and response structures

Making it easier to communicate with frontend/dev teams or third parties

Enabling tools to auto-generate code, tests, and documentation

Common API specs include OpenAPI (Swagger), which many Flask extensions support for smoother API development.

19. What are HTTP status codes, and why are they important in a Flask API?
- HTTP status codes are standardized numbers sent by a server to indicate the result of a client’s request.

They’re important in a Flask API because they:

Tell the client if the request was successful (e.g., 200 OK)

Indicate errors like bad requests (400), unauthorized access (401), or not found (404)

Help clients handle responses properly and debug issues

Make your API communication clear and standardized

In Flask, you can set status codes in your responses like:



In [None]:
return jsonify(data), 404


SyntaxError: 'return' outside function (<ipython-input-4-c02ab413115b>, line 1)

20. How do you handle POST requests in Flask?
 - To handle POST requests in Flask:

Use @app.route with methods=['POST'].

Access the incoming data via request.form, request.json, or request.data.

Process the data and return a response.

Example:

In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit():
    data = request.get_json()  # get JSON data from client
    # process data here
    return jsonify({'message': 'Data received', 'your_data': data}), 200

if __name__ == '__main__':
    app.run()


 * Serving Flask app '__main__'
 * Debug mode: off


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m


21. How would you secure a Flask API?
 - To secure a Flask API, you can:

Use Authentication: Implement token-based auth like JWT or OAuth to verify users.

Use HTTPS: Serve your API over HTTPS to encrypt data in transit.

Validate Input: Always validate and sanitize incoming data to prevent injections.

Limit Rate: Apply rate limiting to prevent abuse and DoS attacks.

Use CORS Carefully: Configure CORS headers properly to restrict which domains can access your API.

Handle Errors Safely: Don’t expose sensitive info in error messages.

Keep Dependencies Updated: Regularly update Flask and extensions to patch vulnerabilities.

Using Flask extensions like Flask-JWT-Extended, Flask-Limiter, and configuring your server for HTTPS helps a lot.










22. What is the significance of the Flask-RESTful extension?
 - Flask-RESTful simplifies building REST APIs with Flask by providing handy tools like:

Resource classes to organize endpoints cleanly

Automatic request parsing and input validation

Easy routing tied to resources

Built-in support for common HTTP methods (GET, POST, PUT, DELETE)

Cleaner, more maintainable code structure

Basically, it speeds up API development and makes your code neater compared to using plain Flask routes.

23. What is the role of Flask's session object?
 - Flask’s session object stores data specific to a user’s browser session. It lets you keep info like login status or user preferences between requests.

Key points:

Data is stored client-side in a secure cookie

It persists across multiple requests until the user closes the browser or the session expires

Useful for tracking user state without a database

Example:


In [None]:
from flask import session

session['user_id'] = 123  # Save user info in session


RuntimeError: Working outside of request context.

This typically means that you attempted to use functionality that needed
an active HTTP request. Consult the documentation on testing for
information about how to avoid this problem.

# **Practical**

# New Section

1. How do you create a basic Flask application?

1. Install Flask

In [None]:
pip install flask




2. Create Your Flask App File

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


3. Run the App


In [None]:
python app.py


Go to http://127.0.0.1:5000/ in your browser – you’ll see Hello, Flask!.



2. How do you serve static files like images or CSS in Flask?
 - 🔧 Steps:
Create a static folder in your project directory.

Put your files inside it:

**Use in HTML templates

In [None]:
/static
    /images
        logo.png
    /css
        style.css


3. How do you define different routes with different HTTP methods in Flask?

In [None]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Data received via POST"
    else:
        return "Send data via POST method"

if __name__ == '__main__':
    app.run(debug=True)


✅ Notes:

Default method is GET if not specified.

You can use any of: GET, POST, PUT, DELETE, PATCH, etc.

Let me know if you want examples with JSON or form data.

4. How do you render HTML templates in Flask?
 - 🔧 Steps:
Create a templates folder in your project directory.

Add an HTML file, e.g., index.html:

5. How can you generate URLs for routes in Flask?

In [None]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/profile/<username>')
def profile(username):
    return f"User: {username}"

@app.route('/')
def home():
    return url_for('profile', username='john')  # → /profile/john

if __name__ == '__main__':
    app.run(debug=True)


✅ Why use url_for()?
It auto-generates URLs based on function names.

Safer than hardcoding paths (adapts if routes change).

Let me know if you want to use it in templates too.

6. How do you handle forms in Flask?
 - 🔧 1. HTML Form (templates/form.html)

In [None]:
<form method="POST">
  <input type="text" name="username" placeholder="Enter name">
  <input type="submit" value="Submit">
</form>


🔧 2. Flask Route (app.py)


In [None]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/form', methods=['GET', 'POST'])
def form():
    if request.method == 'POST':
        username = request.form['username']
        return f"Hello, {username}!"
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


7. How can you validate form data in Flask?
 - ✅ 1. Basic Manual Validation (Simple Way)

In [None]:
@app.route('/form', methods=['POST'])
def form():
    username = request.form.get('username')
    if not username:
        return "Username is required", 400
    return f"Hello, {username}!"


8. How do you manage sessions in Flask?
 - In Flask, session management is handled using the session object from the flask module. Here's the short and crisp overview:

🔐 What is a Flask Session?

A session lets you store information (like user data) across multiple requests.

Flask stores session data on the client side in a secure cookie.

⚙️ How to Use Flask Sessions

Set up secret key (for encryption)

In [None]:
from flask import Flask, session

app = Flask(__name__)
app.secret_key = 'your_secret_key_here'


Set a session variable



In [None]:
session['username'] = 'nabi'


NameError: name 'session' is not defined

Access a session variable

In [None]:
username = session.get('username')


NameError: name 'session' is not defined

Remove session data


In [None]:
session.pop('username', None)


NameError: name 'session' is not defined

📦 Behind the Scenes

Flask uses secure cookies (flask.session) to store session data.

Data is cryptographically signed using the secret_key.

Values are stored as key-value pairs (like a dictionary).

💡 Tip

For large or sensitive data, use server-side sessions with extensions like:

Flask-Session (stores in Redis, filesystem, DB, etc.)



9. How do you redirect to a different route in Flask?
 -  Basic Redirect Example

In [None]:
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return redirect(url_for('dashboard'))

@app.route('/dashboard')
def dashboard():
    return 'Welcome to Dashboard'


🔍 Key Points

redirect() tells Flask to send the user to a new URL.

url_for('dashboard') generates the URL for the dashboard route.

📌 Example with Parameters

In [None]:
return redirect(url_for('profile', username='nabi'))


SyntaxError: 'return' outside function (<ipython-input-18-7680a0441855>, line 1)

This redirects to /profile/nabi if the route is defined as:


In [None]:
@app.route('/profile/<username>')
def profile(username):
    return f'User: {username}'



10. How do you handle errors in different routes in Flask?
 - In Flask, you handle errors in different routes by using error handlers or try-except blocks within routes. Here's a crisp breakdown:

✅ 1. Global Error Handlers

Use @app.errorhandler() to catch specific error codes globally:

In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.errorhandler(404)
def not_found(e):
    return jsonify(error="Resource not found"), 404

@app.errorhandler(500)
def server_error(e):
    return jsonify(error="Internal Server Error"), 500


✅ 2. Route-Specific Try-Except

Use try-except inside routes to handle logic-specific errors:

In [None]:
@app.route("/divide/<int:a>/<int:b>")
def divide(a, b):
    try:
        result = a / b
        return jsonify(result=result)
    except ZeroDivisionError:
        return jsonify(error="Division by zero"), 400


✅ 3. Custom Exceptions
Define and handle your own errors:

In [None]:
class CustomError(Exception):
    pass

@app.errorhandler(CustomError)
def handle_custom_error(e):
    return jsonify(error=str(e)), 400

@app.route("/custom")
def custom():
    raise CustomError("Something custom went wrong")


✅ 4. Abort
Use abort() to manually trigger HTTP errors:


In [None]:
from flask import abort

@app.route("/secret")
def secret():
    abort(403)  # Forbidden


11. How do you structure a Flask app using Blueprints?

✅ 1. Project Structure

In [None]:
your_app/
├── app.py
├── __init__.py
├── blueprints/
│   ├── __init__.py
│   ├── users/
│   │   ├── __init__.py
│   │   └── routes.py
│   └── products/
│       ├── __init__.py
│       └── routes.py


SyntaxError: invalid character '├' (U+251C) (<ipython-input-12-1e0dffba6956>, line 2)

✅ 2. Blueprint Definition (routes.py)

Example: blueprints/users/routes.py

In [None]:
from flask import Blueprint, jsonify

users_bp = Blueprint('users', __name__, url_prefix='/users')

@users_bp.route('/')
def get_users():
    return jsonify(message="List of users")


✅ 3. Init File to Export Blueprint

Example: blueprints/users/__init__.py



In [None]:
from .routes import users_bp


ImportError: attempted relative import with no known parent package

✅ 4. Register Blueprints in Main App

Example: app.py

In [None]:
from flask import Flask
from blueprints.users import users_bp
from blueprints.products.routes import products_bp

app = Flask(__name__)
app.register_blueprint(users_bp)
app.register_blueprint(products_bp)

if __name__ == "__main__":
    app.run(debug=True)


ModuleNotFoundError: No module named 'blueprints'

12. How do you define a custom Jinja filter in Flask?

✅ 1. Define the Filter Function

In [None]:
def reverse_string(s):
    return s[::-1


SyntaxError: incomplete input (<ipython-input-7-8ea524c3f2e1>, line 2)

13. How can you redirect with a query parameter in Flask?

In [None]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/go')
def go():
    return redirect(url_for('target', name='Nabi', age=30))

@app.route('/target')
def target():
    name = request.args.get('name')
    age = request.args.get('age')
    return f"Name: {name}, Age: {age}"


🔍 What Happens
/go redirects to /target?name=Nabi&age=30

request.args.get() fetches query params



14. How do you return JSON responses in Flask?

In Flask, return JSON responses using either jsonify() or a Response with json.dumps().

✅ 1. Using jsonify() (Recommended)


In [None]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/data')
def get_data():
    return jsonify(status="success", data={"user": "Nabi"})


✅ 2. Using Response + json.dumps()

In [None]:
from flask import Response
import json

@app.route('/manual')
def manual_json():
    data = {"status": "ok"}
    return Response(json.dumps(data), mimetype='application/json')



NameError: name 'app' is not defined

✅ Auto sets headers:
jsonify() automatically sets Content-Type: application/json



15. How do you capture URL parameters in Flask?

In Flask, capture URL parameters by defining them in the route with < > and accessing them as function arguments.

✅ Example — Capturing a string parameter

In [None]:
@app.route('/user/<username>')
def user_profile(username):
    return f"User: {username}"


NameError: name 'app' is not defined

✅ Example — Capturing an integer parameter

In [None]:
@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f"Post ID: {post_id}"


NameError: name 'app' is not defined

You can also capture multiple parameters:

In [None]:
@app.route('/order/<int:order_id>/item/<item_name>')
def order_item(order_id, item_name):
    return f"Order {order_id}, Item: {item_name}"


NameError: name 'app' is not defined

In [None]:
2+2