# **THEORY QUESTIONS**

Q1. What is a RESTful API?
- RESTful API stands for Representational State Transfer API. It allows interaction with web services using standard HTTP methods (GET, POST, PUT, DELETE).REST APIs are stateless, meaning they do not store client context on the server, enhancing scalability.They enable CRUD (Create, Read, Update, Delete) operations on resources, making them versatile for various applications.

Q2. Explain the concept of API specification?
- API specification outlines the structure and behavior of an API.It includes details about endpoints, request and response formats, and supported HTTP methods.Specifications often define authentication methods and error handling procedures.Common formats for API specifications include OpenAPI (formerly Swagger) and RAML, which help in documenting and standardizing APIs.



Q3. What is Flask, and why is it popular for building APIs?
- Flask is a micro web framework for Python, known for its lightweight and modular design.It is popular for building APIs due to its simplicity, allowing developers to quickly set up applications.Flask provides flexibility, enabling easy integration of extensions and libraries for added functionality.The built-in development server and debugger facilitate rapid development and testing.


Q4. What is routing in Flask?
- Routing in Flask refers to the process of mapping URLs to specific functions or views.It allows developers to define how different endpoints respond to HTTP requests.Flask uses decorators to associate routes with functions, making it easy to manage and organize code.Routes can include dynamic components, enabling the creation of RESTful endpoints that handle variable data.

Q5. How do you create a simple Flask application?
- Start by installing Flask using pip. Create a new Python file (e.g., app.py) and set up a basic Flask application. Run the application, and it will be accessible at http://127.0.0.1:5000/.You can expand the application by adding more routes and functionality as needed.

Q6. HTTP Methods Used in RESTful APIs.
- GET: Retrieves data from the server.

- POST: Sends data to the server for processing.

- PUT: Updates or replaces existing resources.

- DELETE: Removes resources from the server.

- PATCH: Applies partial modifications to a resource.


Q7.  What is the purpose of the @app.route() decorator in Flask?
- Define Endpoints: Maps a URL to a specific function in the Flask application.

Specify HTTP Methods: Allows the function to handle specific HTTP methods (e.g., GET, POST).

Dynamic Routing: Supports variable parts in the URL, enabling dynamic content generation.

Q8. What is the difference between GET and POST HTTP methods?
- GET:

Data is appended to the URL as query parameters.
Generally used for retrieving data.
Not suitable for sensitive information due to visibility in browser history.
- POST:

Data is sent in the request body, not visible in the URL.
Used for submitting data to be processed (e.g., form submissions).
More secure for sensitive data and larger payloads.


Q9. How do you handle errors in Flask APIs?
- Custom Error Handlers: Use @app.errorhandler to define how to respond to specific HTTP errors (e.g., 404, 500).

- Middleware: Implement middleware to catch exceptions and return appropriate error responses.

- Logging: Log errors for debugging and monitoring purposes.


Q10. How do you connect Flask to a SQL database?
- Using SQLAlchemy: Integrate SQLAlchemy as an ORM to manage database interactions.
Define models representing database tables.
Use session management for transactions.
Direct Database Connection: Use libraries like sqlite3 or psycopg2 for direct connections to databases.
Establish a connection and execute SQL queries directly.
Configuration: Set up database URI in Flask configuration to connect to the desired database.


Q11. What is the role of Flask-SQLAlchemy?
- Flask-SQLAlchemy is an extension that integrates SQLAlchemy with Flask.
It provides a high-level ORM (Object Relational Mapping) interface, simplifying database interactions.It allows for easier management of database connections and sessions.
Developers can define models as Python classes, making it intuitive to work with database records.


Q12.What are Flask blueprints, and how are they useful?
- Blueprints are a way to organize Flask applications into modular components.
They allow developers to define routes, views, and other functionalities in separate files.
Blueprints promote code reusability and cleaner project structure.
They can be registered with different URL prefixes, enabling better organization of application routes.
Blueprints support nesting, allowing for hierarchical organization of related functionalities.



Q13.What is the purpose of Flask's request object?
- The request object is used to handle incoming HTTP requests in Flask.
It provides access to various request data, including form inputs, query parameters, and headers.
Developers can use it to retrieve data sent by clients in a structured manner.
The request object also includes methods for handling file uploads and accessing cookies.



Q14.How do you create a RESTful API endpoint using Flask?
- Define a route using Flask's @app.route() decorator, specifying the desired HTTP methods (GET, POST, etc.).
Implement a function that handles the request and processes any input data.
Return data in a structured format, typically JSON, using Flask's jsonify() function.


Q15.What is the purpose of Flask's jsonify() function?
- The jsonify() function is used to convert Python dictionaries or lists into JSON responses.
It automatically sets the correct content type for the response (application/json).
The function ensures that the data is serialized correctly for JSON format.
It simplifies the process of returning JSON data from Flask views, making it more efficient and less error-prone.

Q16. Explain Flask’s url_for() function?
- The url_for() function generates a URL to a specific function based on the function's name.
It allows for dynamic URL creation, which helps avoid hardcoding URLs in the application.
This function can also accept parameters, making it easy to create URLs with query strings or path variables.





Q17. How does Flask handle static files (CSS, JavaScript, etc.)?
- Flask serves static files from a directory named static by default.
The URL for accessing static files follows the pattern /static/<filename>.
This allows easy inclusion of CSS, JavaScript, and image files in web applications.



Q18. What is an API specification, and how does it help in building a Flask API?
- An API specification defines the structure, endpoints, request/response formats, and authentication methods of an API.
It serves as a blueprint for developers, ensuring consistency and clarity in API design.
In Flask, having a clear API specification helps streamline the development process, making it easier to implement and test endpoints.
It also aids in communication between frontend and backend teams, ensuring that both sides understand the expected data formats and behaviors.



Q19. What are HTTP status codes, and why are they important in a Flask API?
- HTTP status codes indicate the result of a client's request to the server.
They provide essential feedback to clients about the success or failure of their requests.
Common status codes include:
200 OK: The request was successful.
404 Not Found: The requested resource could not be found.
500 Internal Server Error: An error occurred on the server.
Using appropriate status codes in a Flask API enhances user experience by clearly communicating the outcome of requests.

Q20. How do you handle POST requests in Flask?
- Import Flask: First, ensure you have Flask imported in your application.

- Create a Flask Application: Initialize your Flask app.

- Define a Route: Use the @app.route decorator to define a route that will handle the POST request.

- Access Request Data: Use request from flask to access the data sent in the POST request.

- Return a Response: After processing the request, return a response.



Q21.How would you secure a Flask API?
- Use HTTPS: Always serve your API over HTTPS to encrypt data in transit.

- Authentication: Implement token-based authentication (e.g., JWT) or API keys to verify user identity.

- Authorization: Use role-based access control (RBAC) to restrict access to certain endpoints based on user roles.

- Input Validation: Validate and sanitize all incoming data to prevent injection attacks.

- Rate Limiting: Implement rate limiting to prevent abuse and mitigate denial-of-service attacks.

- CORS Configuration: Set up Cross-Origin Resource Sharing (CORS) to control which domains can access your API.

- Logging and Monitoring: Log access and errors, and monitor for unusual activity to detect potential threats.

- Error Handling: Customize error messages to avoid exposing sensitive information.

- Security Headers: Set HTTP security headers (e.g., Content-Security-Policy, X-Frame-Options) to protect against common vulnerabilities.

- Keep Dependencies Updated: Regularly update Flask and its dependencies to patch known vulnerabilities.


Q22. What is the significance of the Flask-RESTful extension?
- Simplified API Development: It provides a simple and intuitive way to create RESTful APIs in Flask, reducing boilerplate code and making it easier to manage routes and resources.

- Resource-Based Approach: Flask-RESTful encourages a resource-oriented design, allowing developers to define resources as classes, which can encapsulate related functionality and data.

- Automatic Input Parsing: It automatically handles input parsing and validation, making it easier to work with JSON data and form data.

- Built-in Support for HTTP Methods: The extension provides built-in support for common HTTP methods (GET, POST, PUT, DELETE), streamlining the implementation of CRUD operations.

- Error Handling: Flask-RESTful includes mechanisms for consistent error handling and response formatting, improving the API's usability and maintainability.

- Integration with Flask: It seamlessly integrates with Flask's existing features, allowing developers to leverage Flask's capabilities while building RESTful services.


Q23. What is the role of Flask’s session object?
- User State Management: It allows you to store information about a user (e.g., login status, preferences) that persists across multiple requests during a session.

- Client-Side Storage: The session data is stored on the client side (typically in a cookie) and is signed to prevent tampering. This means the server can trust the data sent back by the client.

- Dictionary-Like Interface: The session object behaves like a dictionary, allowing you to easily set, get, and delete session variables.

- Temporary Data: It is useful for storing temporary data that should not be stored in a database, such as flash messages or form data.

- Security: Flask provides built-in mechanisms to secure session data, including signing and encryption, to protect sensitive information.

# **PRACTICAL QUESTIONS**

In [None]:
# Q1.  How do you create a basic Flask application.
from flask import Flask

# Initialize the Flask application
app = Flask(__name__)

# Define a route for the homepage
@app.route('/')
def home():
    return "Welcome to your first Flask app!"

# Run the Flask app
if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# Q2. How do you serve static files like images or CSS in Flask.
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# Q3.  How do you define different routes with different HTTP methods in Flask.
# Basic Route with a Single HTTP Method
from flask import Flask, request

app = Flask(__name__)

@app.route('/')
def home():
    return "This is a GET request"

In [None]:
# Route with Multiple HTTP Methods
@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "This is a POST request"
    else:
        return "This is a GET request"

In [None]:
# Routes for Specific HTTP Methods
@app.route('/update', methods=['PUT'])
def update():
    return "This is a PUT request"

@app.route('/delete', methods=['DELETE'])
def delete():
    return "This is a DELETE request"

In [None]:
# Handle Data in HTTP Methods
@app.route('/data', methods=['POST'])
def handle_data():
    data = request.json  # Parse JSON data from the request body
    return f"Data received: {data}", 200

In [None]:
# Q4.  How do you render HTML templates in Flask.
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')# html file is rendered

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# Q5.  How can you generate URLs for routes in Flask using url_for.
from flask import Flask, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Homepage!"

@app.route('/about')
def about():
    return "About Us Page!"

# Generating URLs
with app.test_request_context():
    print(url_for('home'))
    print(url_for('about'))

In [None]:
 # Q6. How do you handle forms in Flask
 # Create an HTML Form
# <form action="/submit" method="POST">
#     <label for="name">Name:</label>
#     <input type="text" id="name" name="name" required>
#     <button type="submit">Submit</button>
# </form>

# Define a Route to Handle the Form Data
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/form')
def form():
    return render_template('form.html')

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form['name']
    return f"Hello, {name}!"

In [None]:
# Q7. How can you validate form data in Flask?
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')
    email = request.form.get('email')


    if not name or not email:
        return jsonify({"error": "Name and email are required"}), 400
    if "@" not in email:
        return jsonify({"error": "Invalid email format"}), 400

    return jsonify({"message": f"Welcome, {name}!"})



In [None]:
# Q8. How do you manage sessions in Flask?
from flask import Flask, session, request, jsonify

app = Flask(__name__)


app.secret_key = 'your_secret_key'


@app.route('/set_session', methods=['POST'])
def set_session():
    username = request.json.get('username')
    if not username:
        return jsonify({"error": "Username is required"}), 400
    session['username'] = username
    return jsonify({"message": f"Session created for {username}!"}), 200


@app.route('/get_session', methods=['GET'])
def get_session():
    username = session.get('username')
    if not username:
        return jsonify({"error": "No active session"}), 404
    return jsonify({"username": username}), 200


@app.route('/clear_session', methods=['POST'])
def clear_session():
    session.clear()
    return jsonify({"message": "Session cleared successfully!"}), 200

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# Q9. How do you redirect to a different route in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)


@app.route('/')
def home():
    return "Welcome to the Home Page!"


@app.route('/about')
def about():
    return "This is the About Page!"


@app.route('/redirect-home')
def redirect_home():
    return redirect(url_for('home'))


@app.route('/redirect-about')
def redirect_about():
    return redirect(url_for('about'))


@app.route('/profile/<username>')
def profile(username):
    return f"Welcome to {username}'s Profile!"

@app.route('/redirect-to-profile')
def redirect_to_profile():
    return redirect(url_for('profile', username='Anuj'))

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# Q10. How do you handle errors in Flask (e.g, 404)?
from flask import Flask, render_template, jsonify

app = Flask(__name__)


@app.route('/')
def home():
    return "Welcome to the Home Page!"


@app.route('/sample')
def sample():
    return "This is the Sample Page!"


@app.errorhandler(404)
def not_found_error(e):
    return jsonify({"error": "Page not found"}), 404


@app.errorhandler(500)
def internal_server_error(e):
    return jsonify({"error": "Internal Server Error occurred"}), 500

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
# Q11. How do you structure a Flask app using Blueprints?
from flask import Blueprint, render_template


user_bp = Blueprint('user_bp', __name__, template_folder='../templates')


@user_bp.route('/<username>')
def user_profile(username):
    return render_template('user.html', username=username)

In [None]:
# Q12. How do you define a custom Jinja filter in Flask?
from flask import Flask, render_template

app = Flask(__name__)


@app.template_filter('reverse')
def reverse_string(value):
    """Reverses the given string."""
    return value[::-1]


@app.route('/')
def home():

    return render_template('example.html', message="Flask Filters")

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
# Q13. How can you redirect with query parameters in Flask?
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Welcome to the Home Page!"

@app.route('/redirect')
def redirect_with_params():

    return redirect(url_for('home', q='Flask', page=1))

@app.route('/home')
def home_with_params():

    return "Welcome with parameters!"

In [None]:
# Q14. How do you return JSON responses in Flask?
from flask import Flask, jsonify, request

app = Flask(__name__)


@app.route('/simple-json', methods=['GET'])
def simple_json():
    return jsonify({
        "message": "Hello, this is a JSON response!",
        "status": "success"
    })


@app.route('/greet', methods=['POST'])
def greet_user():
    data = request.json
    name = data.get('name', 'Guest')
    return jsonify({
        "message": f"Hello, {name}!",
        "status": "success"
    }), 200

In [None]:
# Q15. How do you capture URL parameters in Flask?
from flask import Flask

app = Flask(__name__)

# Route with a dynamic URL parameter
@app.route('/user/<username>')
def user_profile(username):

    return f"Hello, {username}! Welcome to your profile."


@app.route('/product/<category>/<int:product_id>')
def product_details(category, product_id):

    return f"Category: {category}, Product ID: {product_id}"

if __name__ == '__main__':
    app.run(debug=True)