### How do Web Apps Work?

**Web Applications**
- is a computer program that performs tasks over the internet by making use of web servers.

**Web development**
- involves the process and tasks undertaken to develop web applications or websites. It includes web design, content development, and more.

**Front-end**
- refers to the parts that users can interact with when using a website or web application. This includes HTML, CSS, JavaScipt.

**Back-end**
- includes functions and data processing that takes place berhind the scenes.

**Web server**
- offers web pages to browsers and resources to web-based applications using the HTTP protocol.

**Protocol**
- is the specific format of a request.

**Database**
- is where information is contained and can be accessed, viewed, updated, and modified.

**API (Application Programming Interface)**
- provides a set of rules for how the web applications data should be interacted with.




### What is HTTP?

**HTTP (HypperText Transfer Protocol)**
- is a protocol that allows web applications to communicate, retrieve resources, and exchange data.

**TCP (Transmission Control Protocol)**
- is the intermediary between the client and server; in charge of disassembling the data into smaller parts before sending it over the network, and then reassembling it once it reaches its destination.

**IP**
-is in charge of the computer's communication, addresses, sends, and receives the data over the internet.


**GET**
- is used to request data from a specified resource.

**HTTPS**
- is an extension of HTPP in charge of protecting data exchanged by encrypting it.


### Getting Started with Flask

**Web framework**
- A web framework is designed to provide a standard way to build and deploy web applications; provides libraries for databases, which allows programmers to reuse code.

**Flask**
- is a microframework that is simple yet extendable; can also be used for complex programs.

**__name__**
- The __name__ evaluates to the name of the current module.

sample: 
``` 
app = Flask(__name__)
```

**view_function**
- The view function is used to respond to requests made by users to an application.

**route() decorator**
- The route() decorator binds a function to a URL.

sample:
```
@app.route('/')
```

1. Create new project and create new python file
```
app.py
```
2. Install flask
```
(venv) pip3 install flask
```
3. Set flask
```
(venv) set FLASK_APP=app.py
```
4. Edit app.py file

In [3]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
@app.route('/home')
def home():
    return "<h1>Hello World!</h1>"

@app.route('/animal')
def animal():
    return """
    <h1>"Fun Animal Facts!"</h1>
    <p>Sea otters hold each other's paws when they slepp so they don't drift apart
    in the water.</p>
    """

5. Run flask
```
(venv) flask run
```
6. Set Environment to development
```
(venv) export FLASK_ENV=development
```


### Templates


1. Crete pythone file name "app.py"

app.py
``` python
from flask import Flask, render_template
app = Flask(__name__)

posts = [
    {"author": "Barbara Go",
     "title": "Jumpin' Fun",
     "content": "Lots of frogs can leap more than 20 times their body length.",
     "date_posted": "April 3, 2021"},
    {"author": "Jake Daza",
     "title": "Grizzly Jaws",
     "content": "The bite of a grizzly bear is strong enough to crush a bowling ball ",
     "date_posted": "April 4, 2021"}
]


@app.route('/')
@app.route('/home')
def home():
    return render_template('home.html')

@app.route('/animal')
def animal():
    return render_template('animal.html', posts=posts, title="Fun Animal Facts")
```
2. Create directory named "templates"
3. Create html file named "home and animal"

home.html
``` html
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
    <h1>Hello World!</h1>
</body>
</html>
```
animal.html
``` html
{% extends "layout.html" %}
{% block content %}
    {% for posts in posts %}
    <h1>{{ posts.title }}</h1>
    <p>By {{posts.author}} on {{posts.date_posted}}</p>
    <p>{{ posts.content }}</p>
    {% endfor %}
{% endblock content %}
```

layout.html
```html
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
    {% block content %} {% endblock content %}
</body>
</html>
```


#### Templates
- are HTML files with a uniform functionality and structure.

#### Template inheritance
- is made possible by the **extends** keyword.
- If a lot of pages are involved, it's a good practice to keep a base HTML file that the other HTML files could inherit from.

sample:
```html
{% extends layout.html %}
```

#### Jinja2 Templates
- is the template engine used by Flask whick allows programmers to code within HTML files.

#### render_template() function
- is used to generate output from a template (or HTML) file.
- allows us to generate output from an HTML file which will be displayed on our webpage.



### Coding Exercise 2.4

**app.py**
```python
from flask import Flask, render_template
app = Flask(__name__)

characters = [
    {"name": "Arthurius",
     "power": "Telepathy",
     "weapon": "Sword",
     "description": "Really smart but grades are pretty low, "
                    "which is surprising because he should be "
                    "able to read his professors’ minds during a test. "
                    "Maybe he chooses not to. He’s also super-friendly and "
                    "kind."},
    {"name": "Fantasia",
     "power": "Telekenesis",
     "weapon": "Crossbow",
     "description": "Shy and likes to play with talking raccoons."},
    {"name": "Obsidian",
     "power": "Invinsibility",
     "weapon": "Spear",
     "description": "No one knows for sure who Obsidian really is. "
                    "This boy just popped out of nowhere one day. "
                    "Many people suspect that he’s always been around, "
                    "silently staring at everyone."}
]


@app.route('/')
@app.route('/home')
def home():
    return render_template('home.html')

@app.route('/character')
def character():
    return render_template('character.html', characters=characters)

if __name__=="__main__":
    app.run()
```

**character.html**
```html
{% extends "layout.html"%}
{% block content %}
    {% for characters in characters %}
    <h1>{{ characters.name }}</h1>
    <p>Power: {{characters.power}}</p>
    <p>Weapon: {{ characters.weapon }}</p>
    <p>Description: {{ characters.description }}</p>
    {% endfor %}
{% endblock content %}
```

**layout.html**
```html
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Characters</title>
</head>
<body>
    {% block content %} {% endblock content %}
</body>
</html>
```

### Forms

#### WTForms
- is a library that allows for flexible forms validation and rendering. By using Flask-WTF, we get to have validation techniques and security features.


**Install WTForms**
```bash
pip install Flask-WTF
```

**SECRET KEY**
- The purpose of secret key is to protect our app.

**Post**
- is used to send data to a server and create or update a resource.

1. Install WTForms
2. Write down a "SECRET_KEY"

```
app.config["SECRET_KEY"] = "secret"
```
3. Create pythion file "forms.py"

**forms.py**
```python
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, SubmitField

class SignUpForm(FlaskForm):
    username = StringField('Username')
    password = PasswordField('Password')
    submit = SubmitField('Sign up')
```
4. Add codes to file "app.py"

**app.py**
```python
from flask import Flask, render_template, request
from forms import SignUpForm
app = Flask(__name__)
app.config["SECRET_KEY"] = "secret"

characters = [
    {"name": "Arthurius",
     "power": "Telepathy",
     "weapon": "Sword",
     "description": "Really smart but grades are pretty low, "
                    "which is surprising because he should be "
                    "able to read his professors’ minds during a test. "
                    "Maybe he chooses not to. He’s also super-friendly and "
                    "kind."},
    {"name": "Fantasia",
     "power": "Telekenesis",
     "weapon": "Crossbow",
     "description": "Shy and likes to play with talking raccoons."},
    {"name": "Obsidian",
     "power": "Invinsibility",
     "weapon": "Spear",
     "description": "No one knows for sure who Obsidian really is. "
                    "This boy just popped out of nowhere one day. "
                    "Many people suspect that he’s always been around, "
                    "silently staring at everyone."}
]


@app.route('/')
@app.route('/home')
def home():
    return render_template('home.html')

@app.route('/animal')
def animal():
    return render_template('animal.html')

@app.route('/character')
def character():
    return render_template('character.html', characters=characters)

@app.route('/signup', methods=["GET", "POST"])
def signup():
    form = SignUpForm()
    if form.is_submitted():
        result = request.form
        return render_template("userdata.html", result=result)
    return render_template('signup.html',form=form)

if __name__=="__main__":
    app.run()
```

5. Create file "signup.html"

**signup.html**
```html
{% extends "layout.html" %}

 {% block content %}
 <h2>Sign Up</h2>
 <form action="" method="post">
   <p>
     {{form.username.label}}<br>
     {{form.username(size=30)}}
   </p>
   <p>
     {{form.password.label}}<br>
     {{form.password(size=30)}}
   </p>
   <p>
     {{form.submit}}
   </p>
 </form>
 {% endblock %}
```
6. Create file "userdata.html"

**userdata.html**
```html
{% extends "layout.html" %}

{% block content %}
<table border="1">
    {% for key, value in result.items() %}
    <tr>
        <th>
            {{key}}
        </th>
        <td>
            {{value}}
        </td>
    </tr>
    {% endfor %}
</table>

{% endblock %}
```
7. Edit signup route in app.py

```python
@app.route('/signup', methods=["GET", "POST"])
def signup():
    form = SignUpForm()
    if form.is_submitted():
        result = request.form
        return render_template("userdata.html", result=result)
    return render_template('signup.html',form=form)
```




### Web form
- is a web page that lets users input information in particular fields; rendered in browsers using HTML.

### WTForms
- is a library that allows for flexible forms validation and rendering. By using Flask-WTF, we get to have validation techniques and security features.

### form fields
- Form field are spaces provided for users to input information; other examples include BooleanField, DecimalField, IntegerField, RadioField, SelectField, TextAreaField.

### POST request
- A POST request is used to send data to a server and create or update a resource; often used when uploading a file or submitting a completed web form.

### CSRF
- CSRF or Cross Site Request Forgery is an attack that tricks users into unknowingly performing unwanted actions on web applications.

### Secret key
- A secret key is a string used to encrypt data stored in the server. It's used as a protection from CSRF attacks.

![image-20211204082037037](images/image-20211204082037037.png)

![image-20211204082129277](images/image-20211204082129277.png)

![image-20211204082229714](images/image-20211204082229714.png)

### Coding Challenge 2.9

**forms.py**
```python
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, SubmitField, IntegerField, RadioField, SelectField, TextAreaField
from wtforms.validators import DataRequired

class SignUpForm(FlaskForm):
    username = StringField('Username')
    password = PasswordField('Password')
    age = IntegerField('Age')
    gender = RadioField('Gender', choices=[('M', 'Male'), ('F', 'Female')])
    team = SelectField('Team', choices=[('red', 'Red Team'), ('blue', 'Blue Team'), ('yellow', 'Yellow Team')])
    submit = SubmitField('Sign up')
```

**signup.html**
```html
{% extends "layout.html" %}

 {% block content %}
 <h2>Sign Up</h2>
 <form action="" method="post">
   <p>
     {{form.username.label}}<br>
     {{form.username(size=30)}}
   </p>
   <p>
     {{form.password.label}}<br>
     {{form.password(size=30)}}
   </p>
   <p>
     {{form.age.label}}<br>
     {{form.age(size=30)}}
   </p>
   <p>
     {{form.gender.label}}<br>
     {{form.gender(size=30)}}
   </p>
   <p>
     {{form.team.label}}<br>
     {{form.team}}
   </p>
   <p>
     {{form.submit}}
   </p>
 </form>
 {% endblock %}
```

**userdata.html**
```html
{% extends "layout.html" %}

{% block content %}
<table border="1">
    {% for key, value in result.items() %}
    <tr>
        <th>
            {{key}}
        </th>
        <td>
            {{value}}
        </td>
    </tr>
    {% endfor %}
</table>

{% endblock %}
```
