# Theory Questions.

1. What is a RESTful API?
 - A RESTful API (Representational State Transfer API) is a type of web service that follows the principles of REST architecture. It allows communication between computer systems over the internet using standard HTTP methods. RESTful APIs are designed to be simple, scalable, and stateless.

     **Key Concepts of RESTful APIs:**
     1. Resources:
      * Everything in REST is considered a resource, such as a user, a post, or a product.
      * Resources are identified using URIs (e.g., https://api.example.com/users/123).
     2. HTTP Methods:

      REST uses standard HTTP methods to operate on resources:
      * GET – Retrieve a resource.
      * POST – Create a new resource.
      * PUT – Update/replace an existing resource.
      * PATCH – Partially update a resource.
      * DELETE – Remove a resource.
     3. Statelessness:
      * Each request from a client to the server must contain all the information needed to understand and process it.
      * The server does not store any client context between requests.
     4. JSON or XML Payloads:
      * RESTful APIs often use JSON (JavaScript Object Notation) to exchange data, though XML can also be used.
     5. HTTP Status Codes:
     * Responses include standard HTTP status codes to indicate the result:
      * 200 OK – Success
      * 201 Created – Resource created
      * 400 Bad Request – Client error
      * 401 Unauthorized – Authentication failure
      * 404 Not Found – Resource not found
      * 500 Internal Server Error – Server-side issue
     6. Uniform Interface:
      * REST emphasizes a consistent, uniform interface, making it easier to understand and use across different APIs.

     **Summary**

     A RESTful API is:
      * Based on HTTP
      * Resource-oriented
      * Stateless
      * Often returns data in JSON
      * Designed for scalability and simplicity

2.  Explain the concept of API specification?
 - An API specification is a detailed, formal document that describes how an API behaves and how developers should use it. It outlines the structure, endpoints, methods, request/response formats, authentication, and error handling of the API.

     Think of it as a blueprint for how to interact with the API — essential for both developers who build the API and those who consume it.

     **Key Elements of an API Specification:**
      1. Endpoints (URIs):
        * Specifies the URL paths where resources can be accessed.
        * Example: /users, /products/{id}
      2. HTTP Methods:
        * Describes what operations are allowed on each endpoint (GET, POST, PUT, DELETE, etc.).
      3. Request Parameters:
        * Lists required or optional parameters (e.g., query strings, path variables, headers).
      4. Request Body:
        * Defines the structure of data expected in POST/PUT requests, often in JSON or XML.
      5. Response Format:
        * Details the structure of the data returned (e.g., JSON objects, arrays, fields, data types).
      6. Status Codes:
        * Enumerates possible HTTP response codes and their meanings.
        * Example: 200 OK, 404 Not Found, 500 Internal Server Error.
      7. Authentication Requirements:
        * Describes how clients should authenticate (e.g., API keys, OAuth tokens).
      8. Error Messages:
        * Lists possible error messages and codes for different failure scenarios.
      9. Rate Limiting and Throttling (if applicable):
        * Specifies how often the API can be called (e.g., 1000 requests per hour).

     **Common Formats for API Specifications:**
        * OpenAPI Specification (formerly Swagger) – the most widely used standard for RESTful APIs.
        * RAML (RESTful API Modeling Language) – a YAML-based modeling language.
        * API Blueprint – a markdown-based format for describing APIs.
        * GraphQL Schema – for GraphQL APIs, it defines the types, queries, and mutations.

     **Why API Specifications Matter:**
        * Consistency: Ensures all developers understand how the API behaves.
        * Automation: Allows for automatic code generation, testing, and documentation.
        * Collaboration: Helps frontend and backend teams work in parallel.
        * Validation: Makes it easier to test if the API meets its contract.

     **Summary**
     
     An API specification is a formal, detailed document that defines how an API works. It serves as both technical documentation and a contract between the API provider and consumer, ensuring consistency, clarity, and interoperability.

3. What is Flask, and why is it popular for building APIs?
 - Flask is a lightweight, open-source web framework written in Python. It is designed to help developers build web applications and RESTful APIs quickly and easily. Flask follows the WSGI (Web Server Gateway Interface) standard and is known for its minimalist and flexible design.

     **Core Features of Flask:**
     * Minimal & Modular: Flask comes with only the essentials, letting developers choose and add components as needed.
     * Built-in Development Server and debugger.
     * Routing system using decorators (@app.route).
     * Supports RESTful request handling (GET, POST, PUT, DELETE, etc.).
     * Jinja2 templating engine for rendering HTML (if needed).
     * Extensions for adding database support, authentication, input validation, etc.

     **Why is Flask Popular for Building APIs?**
     1. Simplicity & Minimalism:
       * Easy to learn, with clean and concise code.
       * Ideal for beginners and small to medium-sized applications.
     2. Flexibility:
       * Doesn’t enforce a specific project structure or tools.
       * You can plug in only what you need (e.g., SQLAlchemy for database, Marshmallow for serialization).
     3. Quick Prototyping:
       * Perfect for building and testing APIs quickly, especially in the early stages of development.
     4. Rich Ecosystem of Extensions:
       * Available extensions for security (Flask-JWT), forms (WTForms), and database integration (Flask-SQLAlchemy).
     5. Strong Community Support:
       * Large user base, lots of tutorials, Stack Overflow help, and active maintenance.
     6. Good Integration with RESTful Design:
       * Flask makes it easy to map HTTP verbs to Python functions, making it natural for building REST APIs.

     **Summary**

     Flask is a lightweight Python web framework that is especially popular for building RESTful APIs due to its:
     * Simplicity
     * Flexibility
     * Rich extension ecosystem
     * Rapid development capabilities


4. What is routing in Flask?
 - Routing in Flask refers to the process of mapping URLs (routes) to functions in your Python code, which handle the logic for that specific endpoint.

     In simpler terms, routing connects a web address (like /home or /api/data) to a Python function, so that when a user accesses that address, the associated function runs and returns a response (like HTML, JSON, or text).

     **How Does Routing Work in Flask?**

     Flask uses decorators to define routes. A decorator like @app.route() tells Flask:

     **Routing with HTTP Methods**

     You can also specify which HTTP methods a route supports (GET, POST, etc.):

     **Variable Rules in Routes**

     Flask allows dynamic routing by using placeholders:

     **Summary**

     Routing in Flask is the mechanism that:
      * Connects URLs to Python functions
      * Handles dynamic paths and HTTP methods
      * Allows you to build web pages and APIs that respond to specific requests
      
     It’s one of the core features that makes Flask simple yet powerful for web development.

5. How do you create a simple Flask application?
 - Creating a simple Flask application involves just a few lines of Python code. Flask is designed to be lightweight and beginner-friendly, so you can get a basic app running very quickly.

     **Steps to Create a Simple Flask App**
     1. Install Flask
      * If you haven’t already, install Flask using pip:
     2. Write the Application Code
     3. Run the Application
      * In your terminal, navigate to the directory containing app.py, and run:

     **Key Concepts in the Example:**
     * Flask(__name__): Creates the application instance.
     * @app.route('/'): Maps the root URL (/) to the home() function.
     * app.run(debug=True): Starts a development server and enables debugging.

     **Summary**

     To create a simple Flask app:
     1. Install Flask
     2. Write minimal Python code using Flask and @app.route()
     3. Run it with python app.py
     4. Access it in your browser
     
     This basic structure is the foundation for building more complex web apps and APIs in Flask.

6. What are HTTP methods used in RESTful APIs?
 - In RESTful APIs, HTTP methods (also called HTTP verbs) are used to perform actions on resources (like users, posts, or products). Each method represents a specific type of operation and aligns with CRUD (Create, Read, Update, Delete) operations.

     **Explanation of Each Method:**
     1. GET
       * Purpose: Fetch data from the server.
       * Example: GET /users/123 → Fetch user with ID 123.
       * Safe: Yes (does not modify data).
       * Idempotent: Yes (same request, same result).
     2. POST
       * Purpose: Send data to create a new resource.
       * Example: POST /users → Create a new user with submitted details.
       * Safe: No.
       * Idempotent: No (multiple requests create multiple resources).
     3. PUT
       * Purpose: Replace an existing resource completely.
       * Example: PUT /users/123 → Replace user 123's data.
       * Safe: No.
       * Idempotent: Yes (same request produces the same effect).
     4. PATCH
       * Purpose: Update part of a resource.
       * Example: PATCH /users/123 with {"email": "new@example.com"}.
       * Safe: No.
       * Idempotent: Yes (if repeated with same data, result stays the same).
     5. DELETE
       * Purpose: Delete a resource.
       * Example: DELETE /users/123 → Removes user 123.
       * Safe: No.
       * Idempotent: Yes (repeating delete has the same outcome).
       

7. What is the purpose of the @app.route() decorator in Flask?
 - The @app.route() decorator in Flask is used to associate a URL path with a specific function, known as a view function. This allows the web application to respond to HTTP requests at that URL.

     **Purpose:**
     * Defines a route (URL endpoint) in the web application.
     * Maps that route to a Python function that handles the request.
     * Enables Flask to know which code to execute when a client visits a specific URL.

     **Key Features of @app.route():**
     * Supports static routes (e.g., /about)
     * Supports dynamic routes (e.g., /user/<username>)
     * Allows specifying HTTP methods (GET, POST, etc.)

     **Summary:**

     The @app.route() decorator in Flask:
     * Creates URL routes
     * Connects URLs to Python functions
     * Allows the application to handle web requests and return responses

8. What is the difference between GET and POST HTTP methods?
 - GET and POST are two of the most commonly used HTTP methods in web development and RESTful APIs. Both are used to communicate with the server, but they serve different purposes and behave differently.

     **Comparison Table**

     Feature	                GET	                          POST

     Purpose	        Retrieve data from the server	      Send data to the server to create a resource
      
     Data Visibility	Data is sent in the URL (query string)	Data is sent in the request body

     Use Case	       Reading/fetching data	            Submitting forms, creating new resources

     Caching	        Can be cached by browsers	       Not cached by default

     Idempotent	    Yes (repeating the request has no effect)	 No (repeating may create duplicate entries)

     Bookmarkable	  Yes (because data is in the URL)	  No
       
     Security	      Less secure for sensitive data (in URL) 	More secure (data in body, not logged in URL)

     **Summary**
     
     In RESTful APIs:
     * Use GET to read resources.
     * Use POST to create new resources.


9. How do you handle errors in Flask APIs?
 - In Flask APIs, error handling is the process of catching exceptions or unexpected conditions and returning appropriate HTTP responses (like 400 Bad Request or 404 Not Found). Proper error handling improves the reliability, usability, and security of your API.

     **Common Ways to Handle Errors in Flask:**
      1. Using abort() Function
        * Flask provides the abort() function to return standard HTTP error codes.
      2. Custom Error Handlers with @app.errorhandler
        * You can define custom responses for specific error codes.
      3. Try-Except Blocks for Custom Exceptions
        * You can catch exceptions during execution and return meaningful responses.
      4. Returning Custom HTTP Status Codes
        * You can manually return an error message and status code from any view.

     **Summary**

     In Flask APIs, you handle errors by:
      * Using abort() to raise standard errors
      * Creating @app.errorhandler functions for custom responses
      * Using try-except blocks for runtime exceptions
      * Returning appropriate status codes with responses
     
     Proper error handling makes your API more robust, user-friendly, and easier to debug.

10. How do you connect Flask to a SQL database?
 - To connect Flask to a SQL database, you typically use an ORM (Object-Relational Mapper) like SQLAlchemy or use raw SQL via a database driver. The most common and powerful method is using Flask-SQLAlchemy, which integrates SQLAlchemy with Flask.

     **Steps to Connect Flask to a SQL Database (Using Flask-SQLAlchemy)**
     1. Install Flask-SQLAlchemy
     2. Configure the Database in Your Flask App
       * In your app.py or main script:
     3. Define a Model (Table Schema)
     4. Create the Database and Tables
     5. Add or Query Data

     **Why Use SQLAlchemy?**
     * Avoids writing raw SQL
     * Simplifies table relationships
     * Provides a clean Python interface
     * Works with multiple SQL databases (SQLite, MySQL, PostgreSQL, etc.)
     

11. What is the role of Flask-SQLAlchemy?
 - Flask-SQLAlchemy is an extension for Flask that integrates SQLAlchemy, a powerful Object-Relational Mapper (ORM), into Flask applications. It simplifies the process of connecting Flask to SQL databases and managing database operations using Python code instead of raw SQL.

     **Primary Roles of Flask-SQLAlchemy:**
      1. Simplifies Database Integration
     
     It provides an easy way to connect your Flask app to databases like SQLite, MySQL, or PostgreSQL using SQLAlchemy.

      2. Enables Object-Relational Mapping (ORM)
     
     It allows you to interact with database tables as Python classes and objects, making the code more readable and maintainable.
      3. Manages Database Sessions
     
     It handles transactions and sessions through db.session, so you can add, update, or delete records cleanly.

      4. Schema Definition and Migration
     
     Lets you define the database schema using Python classes and supports integration with migration tools like Flask-Migrate.

      5. Works Seamlessly with Flask App Context
     
     Automatically integrates with Flask’s application context and configuration system.

     **Benefits of Using Flask-SQLAlchemy:**
     * Easy configuration of database connections
     * Eliminates most raw SQL queries
     * Cleaner, more Pythonic code
     * Supports relationships between models (foreign keys, joins)
     * Works well with Flask ecosystem tools (Flask-Migrate, Flask-Admin)

     **Summary**

     Flask-SQLAlchemy:
     * Is a bridge between Flask and SQLAlchemy
     * Lets you define database models as Python classes
     * Handles database connections, sessions, and transactions
     * Makes database interaction in Flask apps easier, cleaner, and more powerful

12. What are Flask blueprints, and how are they useful?
 - Flask Blueprints are a way to organize your Flask application into smaller, reusable, and modular components. They allow you to group routes, templates, static files, and other code into distinct sections (or modules) of your app.

     Think of blueprints as mini Flask apps that can be registered on the main Flask application.

     **Why Use Blueprints?**
     1. Modularity
     
     Break down a large application into manageable parts. For example, you can separate user authentication, blog posts, and admin features into different blueprints.
     2. Reusability
     
     You can reuse blueprints across different projects or share them with other developers.
     3. Collaboration
     
     Teams can work on different blueprints independently without interfering with each other's code.
     4. Cleaner Structure
     
     Avoid a cluttered app.py by splitting routes and logic into multiple files or packages.

     **How Do Blueprints Work?**
     * You define a blueprint with its own routes and views.
     * Register the blueprint with the main Flask app.
     * URLs and static/template folders can be namespaced or prefixed.
     
     **Summary**
     
     Flask Blueprints:
     * Organize code into modular components
     * Help manage large applications easily
     * Promote code reuse and better team collaboration
     * Make your Flask project scalable and maintainable


13. What is the purpose of Flask's request object?
- The request object in Flask represents the incoming HTTP request from a client (like a browser or API consumer). It provides access to all the data sent by the client as part of that request.

     **Key Purposes of Flask’s request Object:**
    1. Access Request Data
      
      Retrieve form data, query parameters, JSON payloads, and more.
    2. Inspect Request Metadata
      
      Get information like HTTP method (GET, POST), headers, cookies, and URL.
    3. Work with Uploaded Files
      
      Access files sent in the request (e.g., images, documents).

  **Summary**

  The Flask request object is your gateway to:
    * Accessing everything the client sends in an HTTP request
    * Handling user input, API payloads, and file uploads
    * Making decisions based on request metadata like method or headers
     
  It is essential for building interactive and data-driven Flask applications.

14.  How do you create a RESTful API endpoint using Flask?
 - Creating a RESTful API endpoint in Flask involves defining a route that responds to HTTP methods (like GET, POST) and returns data in a structured format (usually JSON).

     **Key Steps:**
     1. Import Flask and necessary modules
     2. Create a Flask app instance
     3. Define a route with @app.route()
     4. Handle HTTP methods inside the view function
     5. Return JSON responses using jsonify

     **Explanation:**
        * Route: /users is the endpoint URL.
        * Methods: Supports GET (read users) and POST (create user).
        * jsonify: Converts Python dictionaries/lists to JSON responses.
        * Request handling: Uses request.get_json() to parse incoming JSON data.
        * Status codes: Returns 201 Created after successful POST.

     **Summary**

     To create a RESTful API endpoint in Flask:
       * Use @app.route() with relevant URL and HTTP methods.
       * Parse incoming data via request.
       * Return JSON data using jsonify.
       * Handle different HTTP methods (GET, POST, PUT, DELETE) according to REST principles.

15. What is the purpose of Flask's jsonify() function?
 - The jsonify() function in Flask is used to convert Python data structures (like dictionaries or lists) into a JSON-formatted HTTP response.

     **Key Purposes of jsonify():**
     1. Convert Python objects to JSON
      
       Automatically serializes Python dictionaries, lists, and other serializable objects to JSON.
     2. Set the correct Content-Type header
       
       The response will have the header Content-Type: application/json, which tells clients that the response body is JSON.
     3. Create a proper Flask Response object
       
       Returns a Flask Response object that is ready to be sent to the client.

     **Why Use jsonify() Instead of json.dumps()?**
       * jsonify() handles response headers automatically.
       * It works seamlessly with Flask’s request-response cycle.
       * It supports multiple arguments and keyword arguments for convenient JSON responses.

     **Summary**

     The jsonify() function is essential in Flask APIs to:
      * Convert Python data to JSON
      * Send JSON responses with correct headers
      * Simplify API response creation

16.  Explain Flask’s url_for() functionM?
 - The url_for() function in Flask is used to generate URLs dynamically for routes defined in your application. Instead of hardcoding URLs, you use url_for() to build URLs based on the name of the view function.

      **Purpose of url_for():**
        * Generate URLs dynamically so that changes in route definitions don’t break your app.
        * Avoid hardcoding URLs, improving maintainability.
        * Helps in linking between different routes, including those with dynamic parameters.
        * Works well with different HTTP methods and blueprints.

      **How It Works:**
        * You provide the endpoint name (usually the name of the view function).
        * Optionally, provide arguments for dynamic parts of the URL.
        * Flask returns the correct URL string.
      **Why Use url_for()?**
        * If the route changes (e.g., from /user/<username> to /member/<username>), you only need to update the route once.
        * It helps generate absolute or relative URLs, including query strings.
        * Makes your code cleaner and more flexible.

      **Summary**
      
      url_for() is a Flask utility function that:
        * Creates URLs from route endpoint names
        * Accepts parameters for dynamic routes
        * Prevents hardcoding URLs, making apps easier to maintain

17. How does Flask handle static files (CSS, JavaScript, etc.)?
 - In Flask, static files such as CSS, JavaScript, images, and other assets are handled using a special folder called static/.
  
     **Default Structure:**

     /your_project
│
├── app.py
├── static/
│   ├── style.css
│   ├── script.js
├── templates/
    └── index.html

     * Flask automatically serves files placed inside the static/ folder.
     * You don’t need to define routes for static files — Flask handles them for you.

     **Summary**
     * Flask serves static files from the static/ directory by default.
     * Use url_for('static', filename='...') to safely reference static assets in templates.
     * No need to define separate routes — Flask handles static file routing internally.

18. What is an API specification, and how does it help in building a Flask API?
 - An API specification is a formal, structured description of how an API works. It defines the endpoints, request/response formats, parameters, data types, and authentication methods of the API.

     It acts like a blueprint or contract between the API developer and the API consumer (e.g., frontend developers, third-party users).

     **Common Formats of API Specifications:**
      * OpenAPI (Swagger) – Most widely used
      * RAML (RESTful API Modeling Language)
      * API Blueprint
     
     **How It Helps in Building a Flask API**
     1. Clear Design Before Coding
        
        You can plan your API routes, inputs, and outputs before writing any code.
     2. Consistency
        
        Ensures consistent naming, data formats, and status codes across your API.
     3. Communication Tool
        
        Acts as a shared reference for teams (backend, frontend, QA).
     4. Validation
        
        Tools can automatically validate requests and responses against the spec.
     5. Documentation Generation
        
        Tools like Swagger UI can auto-generate interactive API docs from a spec.
     6. Client SDK Generation
        
        You can generate client libraries (in JavaScript, Python, etc.) from the spec.

     **Flask Integration Example:**
       * Flask-RESTX and Flask-Smorest support building APIs based on OpenAPI specs.
       * These tools let you define specs using decorators or YAML/JSON files and automatically generate documentation.
    
     **Summary**
      
      An API specification is a detailed plan that defines how your API behaves.
      
      In Flask, it helps by:
      * Guiding API design
      * Reducing errors
      * Improving collaboration
      * Enabling automatic docs and validation



19. What are HTTP status codes, and why are they important in a Flask API?
 - HTTP status codes are 3-digit numeric codes returned by a web server (like a Flask API) to indicate the result of a client’s request. They are part of the HTTP response and help clients understand whether the request was successful, failed, or needs correction.

     **Why Are Status Codes Important in a Flask API?**
      1. Communicate Outcome Clearly
        
        Let the client know what happened — success, error, or redirection.
      2. Enable Error Handling on the Client Side
        
        Clients (like frontend apps or other services) can act appropriately based on the code (e.g., retry on 500, redirect on 301, prompt login on 401).
      3. Improve Debugging and Logging
        
        Helps developers quickly diagnose problems with precise feedback.
      4. Follow RESTful Standards
         
        RESTful APIs are expected to use proper status codes to indicate outcomes.

     **Summary**
     
     HTTP status codes are essential for:
      * Signaling success or failure of API requests
      * Enabling proper client-side handling
      * Building clear and professional APIs
   
   In Flask, always return the appropriate status code with your JSON response to make your API robust and RESTful.

20.  How do you handle POST requests in Flask?
- A POST request is an HTTP method used to send data to the server, typically to create or update a resource. In Flask, handling a POST request means writing logic that receives and processes the data sent from the client (like form data or JSON).

     **Steps to Handle POST Requests in Flask:**
     1. Define a Route with methods=['POST']
     2. Access Incoming Data
       
       Flask provides the request object (from flask module) to access data sent in a POST request:

     **Summary**

     To handle POST requests in Flask:
     Step	                                        Description
     Use @app.route()	                  Define route with methods=['POST']
     Use request.form                  	For form data (HTML forms)
     Use request.get_json()	      For JSON payloads (APIs or JavaScript clients)
     Return a response	          Usually JSON or a message with a status code

21. How would you secure a Flask API?
 - Securing a Flask API is critical to protect data, users, and server resources from unauthorized access, misuse, or attacks. Flask provides flexibility to implement various security layers depending on your API's requirements.

     **Key Strategies to Secure a Flask API:**
     1. Authentication
       
       Verify the identity of users or systems making requests.
       * Token-based Authentication (e.g., JWT — JSON Web Tokens)
       * API Keys
       * OAuth2 (for third-party login or delegated access)
     2. Authorization
       
       Control what authenticated users can do.
       * Implement role-based access control (RBAC)
       * Check permissions in protected routes
     3. Input Validation & Sanitization
       
       Protect against injection attacks (e.g., SQL injection, XSS).
       * Use libraries like marshmallow, pydantic, or Flask-WTF
       * Always validate and sanitize input from users
     4. Use HTTPS
       
       Encrypt data in transit using SSL/TLS.
       * Prevents data sniffing and man-in-the-middle attacks
       * Always deploy APIs behind HTTPS in production
     5. Rate Limiting
       
       Prevent abuse and denial-of-service (DoS) attacks.
       * Use extensions like Flask-Limiter
       * Limit the number of requests per user/IP per time window
     6. Error Handling
       
       Avoid exposing internal logic or stack traces.
       * Use custom error messages for client-side errors (e.g., 400, 404)
       * Return generic messages for server errors (500)
     7. CORS Protection
       
       Enable CORS (Cross-Origin Resource Sharing) properly if your API is accessed from browsers.
       * Use Flask-CORS extension to configure allowed origins and methods.
     8. Secure Cookies & Sessions
        
        If using sessions:
       * Use secure, httponly, and samesite flags on cookies
       * Avoid storing sensitive data in cookies

     9. Logging and Monitoring
       * Log suspicious activity
       * Monitor access patterns for unusual behavior
     10. Keep Dependencies Updated
       * Regularly update Flask and all related packages
       * Use virtual environments to isolate dependencies

22. What is the significance of the Flask-RESTful extension?
 - Flask-RESTful is an extension for Flask that helps you build RESTful APIs more quickly and with cleaner code. It builds on top of Flask by adding support for:
     * resource-based routing
     * request parsing
     * automatic HTTP method handling

     It simplifies many common patterns used in REST API development.

     **Significance and Benefits of Flask-RESTful:**
     1. Resource-Based Design
       
       Instead of defining API endpoints as regular view functions, Flask-RESTful organizes them as classes called resources, which align with REST principles.
     2. Cleaner Routing with api.add_resource()
       
       Routes are connected to resources in a clean, centralized way:
     3. Built-in HTTP Method Handling
       
       Each HTTP method (GET, POST, PUT, DELETE, etc.) is implemented as a method in the resource class:
     4. Automatic Status Codes
       
       You can return data and status codes easily:
     5. Request Parsing with reqparse
       
       Flask-RESTful includes a lightweight parser for validating and extracting request data:

     **Conclusion**
     
     Flask-RESTful streamlines the process of building REST APIs by providing:
     * a structured framework,
     * reusable components,
     * and fewer lines of boilerplate code.
     
     It's ideal for developers looking to write cleaner, scalable, and REST-compliant Flask APIs.

23. What is the role of Flask’s session object?
- The session object in Flask is used to store data across multiple requests for a particular user session. It allows you to keep track of user-specific information (like login status or preferences) as they navigate your application.

     It behaves like a Python dictionary, but the data is stored securely in a cookie that is signed (not encrypted) to prevent tampering.

     **Purpose and Role of session in Flask:**
     Role	                  Description

     Session Management	    Track user activity between requests (e.g., login sessions)

     Secure Client Storage	Stores data on the client in a signed cookie (can’t be modified by user)

     User Preferences	      Store things like theme settings, language choice, etc.

     Navigation State	      Maintain context between pages (e.g., shopping cart, quiz progress)

     **Is It Secure?**
      * Flask signs session cookies using secret_key, so the client cannot tamper with the data.
      * However, the data is visible to the client — so do not store sensitive information like passwords or personal data.

      **Summary**
     
     Flask’s session object is used to:
     * Preserve user data between HTTP requests
     * Manage login sessions and user-specific context
     * Store small, non-sensitive data in signed cookies



# Practical Questions.

1.  How do you create a basic Flask application?

In [2]:
# pip install flask

In [4]:
from flask import Flask

app = Flask(__name__)  # Create the Flask app instance

@app.route('/')  # Define a route for the home page
def home():
    return "Hello, Flask! This is your first app."

if __name__ == '__main__':
    app.run(debug=True)  # Start the Flask development server

2. How do you serve static files like images or CSS in Flask?

In [None]:
from flask import Flask, send_from_directory

app = Flask(__name__)

@app.route('/static/<path:filename>')
def serve_static(filename):
    return send_from_directory('static', filename)
    if __name__ == '__main__':

3. How do you define different routes with different HTTP methods in Flask?

In [12]:
from flask import Flask, request
from flask import Flask, request

app = Flask(__name__)

@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Form submitted via POST"
    else:
        return "This is the GET request form page"


4. How do you render HTML templates in Flask?

In [13]:
#How do you render HTML templates in Flask
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('index.html')
if __name__ == '__main__':
    app.run(debug=True)
@app.route('/greet/<name>')
def greet(name):
    return render_template('index.html', user=name)


5. How can you generate URLs for routes in Flask using url_for?

In [17]:
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/home')
def home():
    return "Welcome Home"

@app.route('/profile/<username>')
def profile(username):
    return f"Hello, {username}!"

with app.test_request_context():
    print(url_for('home'))                      # Output: /home
    print(url_for('profile', username='alice')) # Output: /profile/alice
    print(url_for('profile', username='bob'))   # Output: /profile/bob

/home
/profile/alice
/profile/bob


6. How do you handle forms in Flask?

In [18]:
from flask import Flask, render_template, request

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('form.html')
if __name__ == '__main__':
    app.run(debug=True)

7.  How can you validate form data in Flask?

In [22]:
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/register', methods=['GET', 'POST'])
def register():
    error = None
    if request.method == 'POST':
        username = request.form['username']
        email = request.form['email']

        if not username or not email:
            error = "All fields are required."
        elif '@' not in email:
            error = "Invalid email address."
        else:
            return f"Welcome, {username}!"

    return render_template('register.html', error=error)

8. How do you manage sessions in Flask?

In [30]:
from flask import Flask, session
app = Flask(__name__)
app.secret_key = 'your_secret_key'  # Required for sessions
@app.route('/login')
def login():
    session['user'] = 'alice'
    return 'User logged in'
    @app.route('/protected')
    def protected():
        if 'user' in session:
            return f'Welcome, {session["user"]}!'
        else:
            return 'Access denied'
        if __name__ == '__main__':
            app.run(debug=True)

9. How do you redirect to a different route in Flask?

In [33]:
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/login')
def login():
    return redirect(url_for('home'))
if __name__ == '__main__':
    app.run(debug=True)
    @app.route('/home')
    def home():
        return "Welcome Home"
        @app.route('/profile/<username>')
        def profile(username):
            return f"Hello, {username}!"
            with app.test_request_context():
                print(url_for('home'))                      # Output: /home
                print(url_for('profile', username='alice')) # Output: /profile/alice
                print(url_for('profile', username='bob'))   # Output: /profile/bob
                print(url_for('login'))                     # Output: /login
                print(url_for('static', filename='style.css'))


10. How do you handle errors in Flask (e.g., 404)?

In [34]:
from flask import Flask, render_template, abort

app = Flask(__name__)

@app.route('/')
def index():
    return "Welcome to the Home Page"
    @app.route('/about')
    def about():
        return "This is the About Page"
        @app.route('/user/<username>')
        def user_profile(username):
            return f"Welcome, {username}!"
            @app.errorhandler(404)
            def page_not_found(error):
                return render_template('404.html'), 404
                if __name__ == '__main__':
                    app.run(debug=True)
                    @app.errorhandler(404)
                    def page_not_found(error):
                        return render_template('404.html'), 404
                        if __name__ == '__main__':
                            app.run(debug=True)

11.  How do you structure a Flask app using Blueprints?

In [42]:
from flask import Blueprint

auth_bp = Blueprint('auth', __name__, url_prefix='/auth')

@auth_bp.route('/login')
def login():
    return "Login Page"

@auth_bp.route('/logout')
def logout():
    return "Logout Page"

    from flask import Flask
    from auth.routes import auth_bp  # Import the Blueprint

app = Flask(__name__)
app.register_blueprint(auth_bp)  # Register the Blueprint

@app.route('/')
def home():
    return "Home Page"

if __name__ == '__main__':
    app.run(debug=True)

12.  How do you define a custom Jinja filter in Flask?

In [58]:
from flask import Flask

app = Flask(__name__)

# Define the custom filter
def reverse_string(value):
    return value[::-1]
    # Register the filter with a name (e.g., 'reverse')
app.jinja_env.filters['reverse'] = reverse_string
from flask import render_template

@app.route('/')
def index():
    return render_template('index.html', name='Flask')

13.  How can you redirect with query parameters in Flask?

In [47]:
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Search results for: {query}"

@app.route('/go-to-search')
def go_to_search():
    return redirect(url_for('search', q='flask tutorial'))
    return redirect(url_for('search', q='flask', page=2, sort='recent'))
# Redirects to: /search?q=flask&page=2&sort=recent


14. How do you return JSON responses in Flask?

In [56]:
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/api/data')
def get_data():
    data = {
        "name": "Flask",
        "type": "web framework",
        "version": 2.3
    }
    return jsonify(data)
{
  "name": "Flask",
  "type": "web framework",
  "version": 2.3
}
@app.route('/api/items')
def get_items():
    items = ["apple", "banana", "cherry"]
    return jsonify(items)
    @app.route('/api/status')
    def get_status():
        status = {
            "status": "success",
            "message": "Data retrieved successfully"
        }
        return jsonify(status)
        if __name__ == '__main__':
            app.run(debug=True)
            response.status_code = 201
            response.headers['X-Custom-Header'] = 'Hello'
        return response


15. How do you capture URL parameters in Flask?

In [57]:
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def show_user(username):
    return f"Hello, {username}!"
    @app.route('/post/<int:post_id>')
    def show_post(post_id):
     return f"Post ID: {post_id}"