 1. What is a RESTful API?

A RESTful API follows the principles of Representational State Transfer (REST). It uses standard HTTP methods (GET, POST, PUT, DELETE) to interact with resources, typically represented in JSON or XML. RESTful APIs are stateless, scalable, and easy to cache and test.

 2 . What is an API Specification?

An API specification is a formal document that defines how an API behaves. It includes:
- Available endpoints and their paths
- Supported HTTP methods
- Request and response formats
- Authentication requirements
- Status codes and error messages
Tools like OpenAPI (Swagger) help generate documentation, mock servers, and client SDKs from these specs — making collaboration and testing smoother.

🧪 3. What is Flask, and why is it popular?

Flask is a lightweight Python web framework. It’s popular because:
- It’s minimal and flexible
- Easy to learn and extend
- Great for building RESTful APIs
- Has a rich ecosystem (Flask-SQLAlchemy, Flask-RESTful, Flask-JWT, etc.)

🛣️ 4. What is Routing in Flask?
Routing maps URLs to Python functions. For example:
@app.route('/hello')
def hello():
    return "Hello, World!"


This binds the /hello URL to the hello() function.

 5. How to Create a Simple Flask Application?

from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to Flask!"

if __name__ == '__main__':
    app.run(debug=True)



 6. What are HTTP methods used in RESTful APIs?

- GET: Retrieve data
- POST: Create new data
- PUT: Replace existing data
- PATCH: Partially update data
- DELETE: Remove data

 7. What is the purpose of the @app.route() decorator in Flask?

It’s a decorator that binds a URL to a view function. It tells Flask: “When this URL is requested, run this function.”

 8.What is the difference between GET and POST HTTP methods?

| Feature | GET | POST |
| Purpose | Retrieve data | Submit data |
| Data sent via | URL query string | Request body |
| Idempotent | Yes | No |
| Use case | Fetch user info | Submit form data |



 9. How do you handle errors in Flask APIs?

Use @app.errorhandler():
@app.errorhandler(404)
def not_found(e):
    return jsonify(error="Not found"), 404


You can also use abort() to trigger errors manually.

10. How do you connect Flask to a SQL database?

Use Flask-SQLAlchemy:
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db'
db = SQLAlchemy(app)

 11. What is the role of Flask-SQLAlchemy?

Flask-SQLAlchemy plays the role of a bridge between Flask and SQLAlchemy, making it easier to work with databases in your Flask applications. It wraps SQLAlchemy’s powerful ORM (Object Relational Mapper) and integrates it seamlessly into Flask’s ecosystem.

🧠 What Flask-SQLAlchemy Actually Does
- Simplifies setup: Automatically configures SQLAlchemy with your Flask app using app.config.
- Provides ORM capabilities: Lets you define models as Python classes and interact with the database using Python objects.
- Manages sessions: Handles database sessions and connections efficiently.
- Adds Flask-friendly features: Includes helpers like db.Model, db.Column, and db.session for cleaner code.
- Supports multiple databases: Works with SQLite, PostgreSQL, MySQL, and others.


 12. What are Flask blueprints, and how are they useful?

Blueprints help organize large apps into modules:
from flask import Blueprint
auth_bp = Blueprint('auth', __name__)

@auth_bp.route('/login')
def login():
    return "Login Page"

 13. What is the purpose of Flask's request object?

The request object in Flask is your gateway to everything the client sends to the server during an HTTP request. It’s like a snapshot of the incoming request, packed with useful data that helps you build dynamic, responsive web applications.

 What the request Object Does
Here’s what it gives you access to:
- HTTP method: Know whether the request is GET, POST, PUT, etc. via request.method.
- Form data: Retrieve submitted form fields using request.form.
- Query parameters: Access URL parameters like ?search=flask using request.args.
- JSON payloads: Parse JSON data from the body with request.get_json() or request.json.
- Headers: Inspect request headers like User-Agent or Authorization via request.headers.
- Cookies: Read cookies sent by the client using request.cookies.
- Uploaded files: Handle file uploads with request.files.
- Client IP: Get the user's IP address using request.remote_addr


 14. How do you create a RESTful API endpoint using Flask?

from flask import Flask, request, jsonify

app = Flask(__name__)

# Sample data
users = [
    {"id": 1, "name": "Alice"},
    {"id": 2, "name": "Bob"}
]

# GET endpoint to retrieve all users
@app.route('/api/users', methods=['GET'])
def get_users():
    return jsonify(users)

# POST endpoint to add a new user
@app.route('/api/users', methods=['POST'])
def add_user():
    new_user = request.get_json()
    users.append(new_user)
    return jsonify(new_user), 201

# GET endpoint to retrieve a user by ID
@app.route('/api/users/<int:user_id>', methods=['GET'])
def get_user(user_id):
    user = next((u for u in users if u["id"] == user_id), None)
    if user:
        return jsonify(user)
    return jsonify({"error": "User not found"}), 404

if __name__ == '__main__':
    app.run(debug=True)


15.what is the Purpose of jsonify()function?

The jsonify() function in Flask is your go-to tool for crafting clean, well-structured JSON responses—especially when building RESTful APIs or AJAX-powered web apps.

 What jsonify() Actually Does
- Converts Python objects (like dictionaries, lists, etc.) into JSON format.
- Creates a proper HTTP response with:
- Content-Type: application/json header
- Correct status code (default is 200 OK)
- Handles encoding and edge cases automatically, so you don’t have to manually use json.dumps() and set headers.

16.  Explain Flask’s url_for() function?

Generates URLs dynamically:
url_for('login')  # returns '/login'


Useful for redirects and templates.

17.How does Flask handle static files (CSS, JavaScript, etc.)?

Flask handles static files—like CSS, JavaScript, images, and fonts—through a built-in mechanism that makes it super easy to serve them from a designated folder. Here's how it works:

📁 Default Setup
- Flask automatically looks for a folder named static/ in your project root.
- Any file placed inside this folder can be accessed via the URL path /static/<filename>.
Example structure:
your_project/
│
├── app.py
├── static/
│   ├── style.css
│   └── script.js
└── templates/
    └── index.html



🔗 Linking Static Files in HTML
Use the url_for() function to generate the correct path:
<!-- templates/index.html -->
<html>
  <head>
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
    <script src="{{ url_for('static', filename='script.js') }}"></script>
  </head>
  <body>
    <h1>Hello, nazia!</h1>
  </body>
</html>


This ensures Flask correctly maps the file even if the static folder is customized.

⚙️ Customizing the Static Folder
You can change the default folder by passing arguments when initializing the app:
app = Flask(__name__, static_folder='assets', static_url_path='/static')


This tells Flask to serve static files from the assets/ directory but still use /static/ in URLs.

18.What is an API specification, and how does it help in building a Flask API?

  an API Specification Includes
- Endpoints: URLs like /users, /products/<id>, etc.
- HTTP Methods: GET, POST, PUT, DELETE, etc.
- Request Parameters: Query strings, path variables, headers, and body formats.
- Response Formats: JSON structure, status codes, and example responses.
- Authentication: How clients should authenticate (e.g., API keys, tokens).
- Error Handling: Standardized error messages and codes.

🚀 How It Helps When Building a Flask API
| Benefit | Description |
| Clarity & Consistency | Ensures all developers follow the same rules and structure. |
| Documentation | Makes it easier to generate docs using tools like Swagger or Flasgger. |
| Validation | Helps validate incoming requests and outgoing responses. |
| Automation | Enables auto-generation of client SDKs and testing scripts. |
| Collaboration | Frontend and backend teams can work in parallel using the spec as a guide. |

 19. What are HTTP status codes, and why are they important in a Flask API?

 HTTP status codes are standardized messages that a server sends back to the client to indicate the result of an HTTP request. In a Flask API, they’re crucial for communicating whether a request was successful, failed, or needs further action.
They’re 3-digit numbers grouped into categories:
| Category | Range | Meaning |
| 1xx | 100–199 | Informational responses |
| 2xx | 200–299 | Success |
| 3xx | 300–399 | Redirection |
| 4xx | 400–499 | Client errors (e.g., bad request) |
| 5xx | 500–599 | Server errors |

 They Matter in Flask APIs
- Clear Communication: They tell the client what happened—success, failure, or something else.
- Error Handling: You can use codes like 404 for "Not Found" or 400 for "Bad Request" to guide users and developers.
- Automation-Friendly: Clients (like frontend apps or other services) can programmatically respond based on the status code.
- Security & Validation: Codes like 401 Unauthorized or 403 Forbidden help enforce access control.
- Debugging: They make it easier to diagnose issues during development or in production.

🧪 Flask Example
from flask import Flask, jsonify, request

app = Flask(__name__)

@app.route('/api/data', methods=['POST'])
def create_data():
    data = request.get_json()
    if not data:
        return jsonify({"error": "Missing data"}), 400  # Bad Request
    return jsonify({"message": "Data created"}), 201     # Created





20.How do you handle POST requests in Flask?

 Handling POST requests in Flask is all about receiving data from the client—like form submissions or JSON payloads—and processing it on the server. Here's how you can do it step by step:

🧪 Basic Example: Handling JSON Data
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit_data():
    data = request.get_json()  # Extract JSON payload
    if not data:
        return jsonify({"error": "No data provided"}), 400
    return jsonify({"message": "Data received", "data": data}), 201

if __name__ == '__main__':
    app.run(debug=True)


This endpoint accepts a POST request with a JSON body and returns a confirmation.

📝 Handling Form Data
If you're submitting data via an HTML form:
@app.route('/login', methods=['POST'])
def login():
    username = request.form.get('username')
    password = request.form.get('password')
    if username == 'admin' and password == 'secret':
        return "Welcome, admin!"
    return "Invalid credentials", 401


Use request.form to access form fields submitted via application/x-www-form-urlencoded.

🔐 Best Practices
- Validate input before processing.
- Return appropriate status codes (201 Created, 400 Bad Request, etc.).
- Use jsonify() for consistent JSON responses.
- Secure sensitive data—never log passwords or personal info.

21.How would you secure a Flask API?

securing a Flask API involves multiple layers of protection to ensure data integrity, user privacy, and safe access:
- Use HTTPS: Encrypt all traffic between client and server to prevent man-in-the-middle attacks.
- Authentication & Authorization:
- Implement token-based authentication (e.g., JWT) to verify users.
- Use OAuth2 for third-party login and delegated access.
- Rate Limiting: Prevent abuse by limiting requests per IP (e.g., using Flask-Limiter).
- Input Validation: Sanitize and validate all incoming data to avoid injection attacks.
- CORS Configuration: Restrict cross-origin requests to trusted domains.
- Error Handling: Return meaningful error messages without exposing internal logic.
- Session Management: Use secure cookies and server-side session storage if needed.
- Use Flask-Security or Flask-JWT-Extended for built-in security features.
Want to see a JWT-based login flow or how to integrate OAuth with Auth0? I can walk you through it.




22. What is the significance of the Flask-RESTful extension?

Flask-RESTful is a powerful extension that simplifies building REST APIs in Flask by introducing a structured, class-based approach.
✨ Key Benefits:
- Resource-Oriented Design: Define endpoints as Python classes (Resource) with methods like get(), post(), etc.
- Cleaner Code: Reduces boilerplate and improves readability.
- Request Parsing: Built-in support for validating and extracting request arguments.
- Response Formatting: Automatically formats responses as JSON.
- Error Handling: Standardized error responses and decorators for custom logic.
🧪 Example:
from flask import Flask
from flask_restful import Api, Resource

app = Flask(__name__)
api = Api(app)

class Hello(Resource):
    def get(self):
        return {"message": "Hello, Flask-RESTful!"}

api.add_resource(Hello, '/hello')





23.What is the role of Flask’s session object?

The session object in Flask is used to store data across requests for a specific user. It’s like a temporary memory that persists between page loads.
🔍 What It Does:
- Stores data like login status, user preferences, or cart items.
- Uses secure cookies to store session IDs.
- Can be configured for server-side storage using Flask-Session.
🧪 Example:
from flask import Flask, session

app = Flask(__name__)
app.secret_key = 'your_secret_key'

@app.route('/login')
def login():
    session['user'] = 'Arbaaz'
    return 'Logged in!'

@app.route('/profile')
def profile():
    return f"Welcome, {session.get('user', 'Guest')}!"








In [16]:
#1.How do you create a basic Flask application?

In [13]:
# Install Flask
!pip install Flask



In [14]:
# Create a basic Flask app file
%%writefile app.py
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    # Run the app on all available interfaces and a specific port
    app.run(host='0.0.0.0', port=5000, debug=True)

Overwriting app.py


In [15]:
# Run the Flask app in the background
# Use system_raw to run the command without waiting for it to finish
get_ipython().system_raw('python app.py &')

The Flask app is now running in the background. You can access it by clicking the "Web preview" button in the left sidebar (if available) or by setting up a tunnel to port 5000.

In [None]:
#2.How do you serve static files like images or CSS in Flask?


In [18]:
your_project/
├── app.py
└── static/
    ├── style.css
    ├── images/
    │   └── logo.png
    └── script.js

SyntaxError: invalid character '├' (U+251C) (ipython-input-18-968530035.py, line 2)

As explained in the first markdown cell (cell ID `6rSeIbY8Piwt`, point 17), Flask handles static files (like CSS, JavaScript, images, etc.) by looking for a folder named `static/` in your project root by default. You can then link to these files in your HTML templates using the `url_for('static', filename='path/to/your/file')` function.

In [19]:
<!-- templates/index.html -->
<!DOCTYPE html>
<html>
<head>
    <title>Flask Static Demo</title>
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
    <h1>Welcome!</h1>
    <img src="{{ url_for('static', filename='images/logo.png') }}" alt="Logo">
    <script src="{{ url_for('static', filename='script.js') }}"></script>
</body>
</html>

SyntaxError: invalid syntax (ipython-input-19-790512647.py, line 1)

First, let's create a `templates` folder and save the HTML code as `index.html` inside it.

In [22]:
# Create templates directory
!mkdir templates

In [25]:
# Create the HTML template file
%%writefile templates/index.html
<!DOCTYPE html>
<html>
<head>
    <title>Flask Static Demo</title>
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
    <h1>Welcome!</h1>
    <img src="{{ url_for('static', filename='images/logo.png') }}" alt="Logo">
    <script src="{{ url_for('static', filename='script.js') }}"></script>
</body>
</html>

Overwriting templates/index.html


Now, modify your `app.py` file to use the `render_template` function to serve this HTML file.

In [24]:
%%writefile app.py
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html') # Render the template

if __name__ == '__main__':
    # Run the app on all available interfaces and a specific port
    app.run(host='0.0.0.0', port=5000, debug=True)

Overwriting app.py


Remember to restart your Flask application after modifying `app.py`. You can do this by stopping the previous background process (you might need to find its process ID and kill it, or restart the Colab runtime) and then running the cell to start the app again.

In [27]:
#3. How do you define different routes with different HTTP methods in Flask?
from flask import Flask, request

app = Flask(__name__)

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Data submitted!"
    return "Submit your data via POST."


In [None]:
#4. How do you render HTML templates in Flask?


In [30]:
your_project/
├── app.py
└── templates/
    └── index.html

SyntaxError: invalid character '├' (U+251C) (ipython-input-30-2101976484.py, line 2)

As shown in the previous steps (cell ID `0921a11c` and following), HTML template files are typically stored in a folder named `templates/` in your project root. Flask's `render_template()` function automatically looks for templates in this directory.

In [34]:
# Create the welcome HTML template file
%%writefile templates/welcome.html
<!DOCTYPE html>
<html>
<head>
    <title>Welcome</title>
</head>
<body>
    <h1>Hello, {{ name }}!</h1>
</body>
</html>

Writing templates/welcome.html


Now, let's add a new route to `app.py` to render this `welcome.html` template, passing a `name` variable to it.

In [35]:
%%writefile app.py
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html') # Render the index template

@app.route('/welcome/<name>')
def welcome(name):
    return render_template('welcome.html', name=name) # Render the welcome template with a variable

if __name__ == '__main__':
    # Run the app on all available interfaces and a specific port
    app.run(host='0.0.0.0', port=5000, debug=True)

Overwriting app.py


Remember to restart your Flask application after modifying `app.py`. After restarting, you can access the new route by visiting `/welcome/<your_name>` (replace `<your_name>` with a name) in your web browser.

In [37]:
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html', name='Arbaaz')

if __name__ == '__main__':
    app.run(debug=True)

 * Serving Flask app '__main__'
 * Debug mode: on


Address already in use
Port 5000 is in use by another program. Either identify and stop that program, or start the server with a different port.
ERROR:root:Internal Python error in the inspect module.
Below is the traceback from this internal error.



Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/werkzeug/serving.py", line 759, in __init__
    self.server_bind()
  File "/usr/lib/python3.11/http/server.py", line 136, in server_bind
    socketserver.TCPServer.server_bind(self)
  File "/usr/lib/python3.11/socketserver.py", line 472, in server_bind
    self.socket.bind(self.server_address)
OSError: [Errno 98] Address already in use

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/IPython/core/interactiveshell.py", line 3553, in run_code
    exec(code_obj, self.user_global_ns, self.user_ns)
  File "/tmp/ipython-input-37-2856112334.py", line 10, in <cell line: 0>
    app.run(debug=True)
  File "/usr/local/lib/python3.11/dist-packages/flask/app.py", line 662, in run
    run_simple(t.cast(str, host), port, self, **options)
  File "/usr/local/lib/python3.11/dist-packages/werkzeug/serving.py", line 1093,

TypeError: object of type 'NoneType' has no len()

In [38]:
#5.How can you generate URLs for routes in Flask using url_for?
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return 'Welcome to the homepage!'

with app.test_request_context():
    print(url_for('home'))

/


In [44]:
#6.How do you handle forms in Flask?


In [43]:
from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired

class SimpleForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired()])
    submit = SubmitField('Submit')

In this example:

- We import `FlaskForm` from `flask_wtf`.
- We import `StringField` and `SubmitField` for text input and a submit button, and `DataRequired` as a validator to ensure the name field is not empty.
- We create a class `SimpleForm` that inherits from `FlaskForm`.
- We define `name` as a `StringField` with a label 'Name' and the `DataRequired` validator.
- We define `submit` as a `SubmitField` with the label 'Submit'.

In [45]:
#7.How can you validate form data in Flask?
from flask import Flask, request, redirect, url_for, flash

app = Flask(__name__)
app.secret_key = 'secret'  # Needed for flashing messages

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')
    email = request.form.get('email')

    if not name:
        flash('Name is required!')
        return redirect(url_for('home'))
    if '@' not in email:
        flash('Invalid email!')
        return redirect(url_for('home'))

    flash('Form submitted successfully!')
    return redirect(url_for('home'))

In [49]:
#8.How do you manage sessions in Flask?



In [50]:
# Install Flask-Session
!pip install Flask-Session



In [51]:
from flask import Flask, session
from flask_session import Session

app = Flask(__name__)
app.config['SESSION_TYPE'] = 'filesystem'  # Options: 'redis', 'memcached', etc.
Session(app)


<flask_session.Session at 0x7980c4d33810>

In [52]:
#9.How do you redirect to a different route in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)


In [53]:
@app.route('/')
def home():
    return redirect(url_for('profile'))  # Redirects to the 'profile' route

@app.route('/profile')
def profile():
    return "This is the profile page"


In [54]:
#10.How do you handle errors in Flask (e.g., 404)?
from flask import Flask, render_template

app = Flask(__name__)

@app.errorhandler(404)
def page_not_found(error):
    return "<h1>404 - Page Not Found</h1>", 404


In [55]:
#11.How do you structure a Flask app using Blueprints?



First, let's create a directory structure for our Flask app with blueprints.

In [59]:
# Create the main application directory
!mkdir my_flask_app
!mkdir my_flask_app/auth
!mkdir my_flask_app/main

In [60]:
# Create __init__.py files to make directories Python packages
!touch my_flask_app/__init__.py
!touch my_flask_app/auth/__init__.py
!touch my_flask_app/main/__init__.py

Now, let's put the blueprint definitions into their respective files (`routes.py`) within the new directory structure.

In [61]:
%%writefile my_flask_app/auth/routes.py
from flask import Blueprint, render_template, redirect, url_for

auth_bp = Blueprint('auth', __name__, url_prefix='/auth')

@auth_bp.route('/login')
def login():
    return render_template('login.html')

@auth_bp.route('/logout')
def logout():
    # Assuming you have a 'main' blueprint with a 'home' route
    return redirect(url_for('main.home'))

Writing my_flask_app/auth/routes.py


In [62]:
%%writefile my_flask_app/main/routes.py
from flask import Blueprint, render_template

main_bp = Blueprint('main', __name__)

@main_bp.route('/')
def home():
    return render_template('home.html')

Writing my_flask_app/main/routes.py


Finally, let's create/modify the main `app.py` file in the root directory to import and register these blueprints. We also need to add the `my_flask_app` directory to the Python path so that we can import modules from it.

In [64]:
%%writefile app.py
from flask import Flask
import os
import sys

# Add the application directory to the Python path
sys.path.append(os.path.join(os.getcwd(), 'my_flask_app'))

# Import blueprints from the new structure
from auth.routes import auth_bp
from main.routes import main_bp

app = Flask(__name__)
app.secret_key = 'your_secret_key' # Needed for flashing messages or sessions

# Register blueprints
app.register_blueprint(auth_bp)
app.register_blueprint(main_bp)

if __name__ == '__main__':
    # Run the app on all available interfaces and a specific port
    # You might need to stop a previous Flask process if one is running
    app.run(host='0.0.0.0', port=5000, debug=True)

Overwriting app.py


Remember to run these cells in order. After running the last cell, you should have a Flask app structured with blueprints. If you encounter an "Address already in use" error, you'll need to stop the previous Flask process as explained before (often by restarting the Colab runtime).

In [65]:
#12 How do you define a custom Jinja filter in Flask?
def reverse_string(s):
    return s[::-1]


In [67]:
app.jinja_env.filters['reverse'] = reverse_string


In [68]:
#13.How can you redirect with query parameters in Flask?
@app.route('/search')
def search():
    query = request.args.get('q')       # 'flask'
    page = request.args.get('page')     # '2'
    return f"Search results for: {query}, Page: {page}"


In [69]:
#14.How do you return JSON responses in Flask?
from flask import jsonify

@app.route('/api/data')
def api_data():
    data = {'message': 'Hello, API!'}
    return jsonify(data)

In [70]:
#15.How do you capture URL parameters in Flask?
@app.route('/user/<username>')
def user_profile(username):
    return f"Welcome, {username}!"