1. What is a RESTful API4

A RESTful API (Representational State Transfer API) is a way for two systems (like a client and a server) to communicate over the internet using HTTP methods.

It follows certain principles of REST architecture:

Key Features:

Stateless → Each request from the client to the server must contain all the information needed (the server doesn’t remember past requests).

Client-Server → The client (like a web app or mobile app) asks for resources, and the server provides them.

Uniform Interface → Resources are identified by URLs, and standard HTTP methods are used:

GET → Retrieve data

POST → Create new data

PUT → Update existing data

DELETE → Remove data

Resource-Based → Everything is treated as a resource, identified by a URL (e.g., /users/1).

Uses JSON or XML → Most RESTful APIs exchange data in JSON format.

2.Explain the concept of API specificationM

An API specification is like a blueprint or contract that describes how a client can communicate with an API.
It defines all the rules, inputs, outputs, and data formats so that developers know exactly how to use the API without looking at its internal code.

3.What is Flask, and why is it popular for building APIs4

Flask is a lightweight web framework for Python.

It helps you build web applications and APIs quickly without needing a lot of setup.

It is often called a “microframework” because it gives the basics (routing, request handling, responses) but lets you add extra tools only when you need them.

4.what is routing in Flask4

Routing in Flask means deciding which function should run when a user visits a specific URL (endpoint) in your web app or API.

In other words, a route connects a URL path to a Python function.

Each route is created using the @app.route() decorator.

The function linked to a route is called a view function.

5.How do you create a simple Flask application4

. Install Flask

Run this in your terminal (only once):

In [1]:
pip install flask



6. What are HTTP methods used in RESTful APIs4

RESTful APIs mainly use standard HTTP methods to perform actions on resources. Each method has a specific meaning:

1. GET

Purpose → Retrieve data (read-only).

Example:

GET /users → Get all users

GET /users/1 → Get user with ID = 1

2. POST

Purpose → Create a new resource.

Example:

POST /users → Create a new user (data is sent in the request body).

3. PUT

Purpose → Update an existing resource (replace it completely).

Example:

PUT /users/1 → Update user with ID = 1 (all fields replaced).

4. PATCH

Purpose → Partially update a resource.

Example:

PATCH /users/1 → Update only specific fields (e.g., just the name).

5. DELETE

Purpose → Remove a resource.

Example:

DELETE /users/1 → Delete user with ID = 1

6. OPTIONS (less common but useful)

Purpose → Tells which methods are allowed on a resource.

Example:

OPTIONS /users → Might return { "methods": ["GET", "POST"] }

7.What is the purpose of the @app.route() decorator in Flask4

The @app.route() decorator in Flask is used to map a URL (route) to a Python function.

When a user visits that URL in the browser (or calls it via API), Flask runs the function associated with that route.

The function is called a view function, and whatever it returns is sent back as the HTTP response.

8.What is the difference between GET and POST HTTP methods4

Feature	GET	POST
Purpose	Retrieve data (read-only)	Send data to create/update resource
Where data is sent	Data is sent in the URL (query string)	Data is sent in the request body
Visibility	Data is visible in the URL (e.g., /search?name=Ravi)	Data is hidden from URL (sent in body)
Data Length	Limited (URL length restrictions)	Can send large amounts of data
Caching	Can be cached, bookmarked, stored in browser history	Cannot be cached/bookmarked easily
Idempotent?	Yes (same GET request gives same result, no data change)	No (each POST can create a new resource or change data)
Use Case	Fetching data (searching, reading)	Submitting forms, login, uploading files

9.How do you handle errors in Flask APIs4

1. Using HTTP Status Codes in Responses

Return meaningful status codes with error messages.

from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/divide/<int:a>/<int:b>')
def divide(a, b):
    if b == 0:
        return jsonify({"error": "Division by zero is not allowed"}), 400
    return jsonify({"result": a / b}), 200


👉 If b = 0, it returns a 400 Bad Request with JSON error.

2. Using abort() Function

Flask’s abort() automatically sends error responses.

from flask import abort

@app.route('/secret')
def secret():
    abort(403)  # Forbidden


👉 Returns a 403 Forbidden error.

3. Custom Error Handlers

You can customize responses for specific errors using @app.errorhandler().

@app.errorhandler(404)
def not_found(error):
    return jsonify({"error": "Resource not found"}), 404

@app.errorhandler(500)
def internal_error(error):
    return jsonify({"error": "Something went wrong on our side"}), 500

4. Global Exception Handling

Catch unexpected exceptions and return a JSON response.

@app.errorhandler(Exception)
def handle_exception(e):
    return jsonify({"error": str(e)}), 500

🔹 Best Practices

Always return JSON error messages (not HTML) for APIs.

Use proper HTTP status codes (400 for bad request, 404 for not found, 500 for server error).

Log errors internally for debugging.

10.How do you connect Flask to a SQL database4

Ways to Connect Flask to a SQL Database
1. Using Flask-SQLAlchemy (Most Popular)

SQLAlchemy is an ORM (Object Relational Mapper) that lets you work with databases using Python classes instead of raw SQL.

Example: Connect Flask with SQLite
from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)

# Database Configuration
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///mydatabase.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

# Initialize Database
db = SQLAlchemy(app)

# Define a Model (Table)
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(100), nullable=False)

# Create Tables
with app.app_context():
    db.create_all()

@app.route('/add/<name>')
def add_user(name):
    new_user = User(name=name)
    db.session.add(new_user)
    db.session.commit()
    return f"User {name} added!"

@app.route('/users')
def get_users():
    users = User.query.all()
    return { "users": [u.name for u in users] }

if __name__ == '__main__':
    app.run(debug=True)


👉 This creates a SQLite database mydatabase.db and allows adding & fetching users.

2. Using Raw SQL (without ORM)

You can connect directly using libraries like sqlite3 or mysql-connector-python.

import sqlite3
from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/users')
def get_users():
    conn = sqlite3.connect("mydatabase.db")
    cursor = conn.cursor()
    cursor.execute("SELECT name FROM users")
    rows = cursor.fetchall()
    conn.close()
    return jsonify(rows)


👉 This works but is harder to maintain for large projects.

3. Using Flask-Migrate (for migrations)

When using SQLAlchemy, you can add Flask-Migrate to handle schema changes easily.

11. What is the role of Flask-SQLAlchemy4

Flask-SQLAlchemy is an extension for Flask that helps you work with SQL databases more easily by using SQLAlchemy ORM.

Instead of writing raw SQL queries, you can interact with the database using Python classes and objects.

🔑 Main Roles

Database Connection

Connects your Flask app to databases like SQLite, MySQL, PostgreSQL.

ORM (Object Relational Mapping)

Maps database tables → Python classes (Models).

Table rows → Python objects.

Schema Definition

Define tables using Python classes with columns instead of CREATE TABLE SQL.

Simplified Queries

Write queries in Python (User.query.all()) instead of raw SQL (SELECT * FROM users).

CRUD Operations

Makes adding, updating, and deleting records easy with db.session.add(), db.session.commit().

Migrations Support

Works well with Flask-Migrate to handle schema changes safely.

12.What are Flask blueprints, and how are they useful4

A Blueprint in Flask is a way to organize and structure your application into reusable components.

Think of a Blueprint as a mini-application inside your Flask app.

Instead of writing all routes, models, and logic in a single app.py file, you split them into modules using Blueprints.

Later, you register these Blueprints with the main Flask app.

13.What is the purpose of Flask's request object4

14.What is the purpose of Flask's request object4

The request object in Flask is used to access all the data that a client sends in an HTTP request (like from a browser, mobile app, or API client).

Whenever a client makes a request to your Flask app, Flask automatically creates a request object that holds details about that request.

14.How do you create a RESTful API endpoint using Flask4

1. Install Flask
pip install flask

2. Write a simple Flask API (app.py)
from flask import Flask, request, jsonify

app = Flask(__name__)

# Example in-memory data
tasks = [
    {"id": 1, "title": "Learn Flask", "done": False},
    {"id": 2, "title": "Build REST API", "done": True}
]

# ✅ GET - Fetch all tasks
@app.route('/tasks', methods=['GET'])
def get_tasks():
    return jsonify(tasks)

# ✅ GET - Fetch single task by ID
@app.route('/tasks/<int:task_id>', methods=['GET'])
def get_task(task_id):
    task = next((t for t in tasks if t["id"] == task_id), None)
    if task:
        return jsonify(task)
    return jsonify({"error": "Task not found"}), 404

# ✅ POST - Create a new task
@app.route('/tasks', methods=['POST'])
def create_task():
    data = request.json
    new_task = {"id": len(tasks) + 1, "title": data["title"], "done": False}
    tasks.append(new_task)
    return jsonify(new_task), 201

# ✅ PUT - Update an existing task
@app.route('/tasks/<int:task_id>', methods=['PUT'])
def update_task(task_id):
    data = request.json
    task = next((t for t in tasks if t["id"] == task_id), None)
    if task:
        task["title"] = data.get("title", task["title"])
        task["done"] = data.get("done", task["done"])
        return jsonify(task)
    return jsonify({"error": "Task not found"}), 404

# ✅ DELETE - Remove a task
@app.route('/tasks/<int:task_id>', methods=['DELETE'])
def delete_task(task_id):
    global tasks
    tasks = [t for t in tasks if t["id"] != task_id]
    return jsonify({"message": "Task deleted"}), 200

if __name__ == '__main__':
    app.run(debug=True)

3. Run the API
python app.py

4. Test Endpoints

GET /tasks → list all tasks

GET /tasks/1 → fetch one task

POST /tasks → create a new task

{ "title": "Study REST APIs" }


PUT /tasks/1 → update a task

{ "done": true }


DELETE /tasks/2 → delete a task

15.What is the purpose of Flask's jsonify() function4

he jsonify() function in Flask is used to convert Python data (like dictionaries or lists) into JSON format and return it as an HTTP response.

Since RESTful APIs mostly send and receive JSON, jsonify() makes sure your data is:

Properly converted to JSON

Sent with the correct Content-Type: application/json header


16.Explain Flask’s url_for() function

The url_for() function in Flask is used to build dynamic URLs for routes (endpoints) in your application.
Instead of hardcoding URLs, you pass the function name of the route, and Flask generates the correct URL.

This is useful because if you ever change the route path, you don’t have to update it everywhere—url_for() updates it automatically.

17.How does Flask handle static files (CSS, JavaScript, etc.)

Flask automatically serves static files (like CSS, JavaScript, images) from a special folder named static/ in your project.

Any file inside static/ is accessible via:

http://localhost:5000/static/<filename>

🔹 Example Project Structure
my_flask_app/
│── app.py
│── static/
│     ├── style.css
│     └── script.js
│── templates/
      └── index.html

🔹 Example Code

app.py

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template("index.html")

if __name__ == "__main__":
    app.run(debug=True)


templates/index.html

<!DOCTYPE html>
<html>
<head>
    <title>Flask Static Example</title>
    <!-- Link to CSS -->
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
    <h1>Hello Flask!</h1>
    <!-- Link to JS -->
    <script src="{{ url_for('static', filename='script.js') }}"></script>
</body>
</html>


static/style.css

body {
    background-color: lightblue;
    font-family: Arial, sans-serif;
}


static/script.js

console.log("JavaScript loaded successfully!");

🔹 Key Points

Default folder → Flask looks in static/ by default.

Use url_for → Always use url_for('static', filename='...') to reference files.

Custom static folder → You can change it:

app = Flask(__name__, static_folder="assets")


✅ In short:
Flask serves static files from the static/ folder and you include them in HTML templates using url_for('static', filename='...'), ensuring proper paths and maintainability.

Do you want me to also explain serving uploaded files dynamically along with static files in Flask?

Flask automatically serves static files (like CSS, JavaScript, images) from a special folder named static/ in your project.

Any file inside static/ is accessible via:

http://localhost:5000/static/<filename>

🔹 Example Project Structure
my_flask_app/
│── app.py
│── static/
│     ├── style.css
│     └── script.js
│── templates/
      └── index.html

🔹 Example Code

app.py

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template("index.html")

if __name__ == "__main__":
    app.run(debug=True)


templates/index.html

<!DOCTYPE html>
<html>
<head>
    <title>Flask Static Example</title>
    <!-- Link to CSS -->
    <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
    <h1>Hello Flask!</h1>
    <!-- Link to JS -->
    <script src="{{ url_for('static', filename='script.js') }}"></script>
</body>
</html>


static/style.css

body {
    background-color: lightblue;
    font-family: Arial, sans-serif;
}


static/script.js

console.log("JavaScript loaded successfully!");

🔹 Key Points

Default folder → Flask looks in static/ by default.

Use url_for → Always use url_for('static', filename='...') to reference files.

Custom static folder → You can change it:

app = Flask(__name__, static_folder="assets")


✅ In short:
Flask serves static files from the static/ folder and you include them in HTML templates using url_for('static', filename='...'), ensuring proper paths and maintainability.

Do you want me to also explain serving uploaded files dynamically along with static files in Flask?

18.What is an API specification, and how does it help in building a Flask API4

What is an API Specification?

An API specification is a document or blueprint that describes:

What endpoints your API will have (/users, /login, etc.)

What HTTP methods each endpoint uses (GET, POST, PUT, DELETE)

What data the endpoints accept (parameters, request body)

What responses the endpoints return (status codes, JSON structure)

Any authentication or headers required

19.What are HTTP status codes, and why are they important in a Flask API4

HTTP status codes are three-digit numbers sent by a server in response to a client’s request.

They indicate whether the request was successful, failed, or needs further action.

🔹 Categories of Status Codes
Range	Category	Meaning
1xx	Informational	Request received, continuing process
2xx	Success	Request was successful
3xx	Redirection	Further action needed (redirect)
4xx	Client Error	Client request has errors
5xx	Server Error	Server failed to fulfill the request

20. How do you handle POST requests in Flask4

A POST request is used to send data from the client to the server, usually to create a resource.

In Flask, you handle POST requests using:

methods=['POST'] in the route decorator

request object to access incoming data

21.How would you secure a Flask API

. Use HTTPS

Always serve your API over HTTPS to encrypt data in transit.

Prevents attackers from eavesdropping or tampering with requests.

2. Authentication

Verify the identity of the user or client.

Common methods:

API Keys – Simple tokens sent in headers.

JWT (JSON Web Tokens) – Secure, stateless token-based authentication.

OAuth2 – Standard for third-party authentication.

22.What is the significance of the Flask-RESTful extension4

Flask-RESTful is an extension for Flask that makes it easier to build RESTful APIs.

While plain Flask is flexible, building REST APIs with many endpoints can get repetitive. Flask-RESTful provides tools and abstractions to simplify the process.

🔹 Significance of Flask-RESTful

Resource-Based Approach

Allows you to define API endpoints as resources (classes) instead of individual functions.

Each resource can handle multiple HTTP methods (GET, POST, PUT, DELETE).

Simplified Routing

Automatically maps resources to URLs using api.add_resource().

Avoids writing multiple route decorators for each method.

Request Parsing & Validation

Includes reqparse to extract and validate parameters easily.

Built-in Error Handling

Makes it easier to return consistent JSON error responses.

Cleaner & Scalable Code

Organizes code for large APIs by grouping logic into resource classes.

23.What is the role of Flask’s session object?

The session object in Flask is used to store data specific to a user’s session across multiple requests.

A session is a way to remember information between requests from the same user.

Flask sessions are stored on the client-side (in a cookie) but are signed to prevent tampering.

🔹 Key Features of session

Stores user-specific data

Example: user ID, login status, shopping cart items.

Data persists across requests

Unlike local variables, session data is preserved until the browser closes or the session expires.

Secure

Data is stored in a signed cookie using SECRET_KEY.

Prevents users from modifying session data.