# Theory questions

1. What is a RESTful API?
- A RESTful API is an interface that allows different software applications to interact using standard HTTP methods such as GET, POST, PUT, DELETE, etc. It represents resources—such as data objects or services—using Uniform Resource Identifiers (URIs) and typically exchanges information in lightweight formats like JSON or XML.
- A RESTful API (Representational State Transfer Application Programming Interface) is a web service design pattern that follows the architectural principles of REST to enable communication between client and server over the internet.

2.  Explain the concept of API specification
- An API specification is a formal document that describes how an Application Programming Interface (API) works, detailing the rules, endpoints, data formats, and methods that developers must follow to interact with the API. It acts as a blueprint or contract between the API provider and the client (consumer), ensuring that both parties have a clear understanding of how the service can be used.
- Purpose:
  - To provide a clear and consistent guide for developers to integrate with the API.

  - To ensure compatibility and interoperability between different systems.

  - To serve as a reference for maintenance and updates.
- Key Components of an API Specification
   - Endpoints (URI/URL Paths): Define the exact locations of the resources. Example: /users, /orders/{id}.
   - HTTP Methods: Specifies which operations can be performed on each endpoint. Common methods: GET, POST, PUT, PATCH, DELETE.
   - Request Details: Input parameters, headers, query strings, and body structure that the client must provide.
   - Response Format: Data format returned by the API (e.g., JSON, XML) and examples of success and error messages.
   - Authentication & Security: Methods to verify and protect requests, such as API keys, OAuth tokens, or JWT.
   - Error Handling: Standardized error codes (e.g., 404 Not Found, 500 Internal Server Error) with descriptions.
   - Data Models/Schemas: Definition of objects and their properties (for example, a User object with fields like id, name, email).


3. What is Flask, and why is it popular for building APIs
- Flask is a lightweight, open-source web framework written in Python. It provides the basic tools to build web applications and APIs (Application Programming Interfaces) without enforcing a particular project structure or including unnecessary components. Flask follows the WSGI (Web Server Gateway Interface) standard, making it simple to run on most web servers.
- Flask Is Popular for Building APIs because:
    - Simplicity and Ease of Use: The core framework is small and easy to understand, enabling rapid development of APIs.
    - Flexibility: No rigid project structure or dependencies, allowing developers to design APIs exactly as they prefer.
    - Lightweight: Faster to set up compared to larger frameworks like Django, making it ideal for microservices and small-to-medium projects.
    - RESTful API Support: Provides straightforward routing and request/response handling to create RESTful endpoints.
    - Large Ecosystem: Numerous community extensions simplify tasks such as database integration, input validation, and authentication.
    - Active Community and Documentation: Extensive tutorials and strong community support help beginners and professionals alike.


4.  What is routing in Flask
- In Flask, routing is the process of mapping a specific URL (Uniform Resource Locator) to a particular function in the application.
- When a client (such as a web browser or a mobile app) sends a request to a certain URL, Flask uses its routing mechanism to determine which function (called a view function) should handle that request and return a response.

5.  How do you create a simple Flask application
- Creating a Simple Flask Application
   - Install Flask: Use the command pip install flask to add Flask to your Python environment.
   - Create a Python File: Make a file like app.py to hold your code.
   - Import and Initialize: Import Flask and create an app object:

             - from flask import Flask  
             - app = Flask(__name__)
   - Define a Route: A route connects a URL to a function.
             
   - Run the Server: Add this at the end:
                - if __name__ == '__main__':  
                - app.run(debug=True)
   - Start the App: In the terminal, run python app.py. Open a browser and go to http://127.0.0.1:5000/ to see the message.


6. What are HTTP methods used in RESTful APIs
- RESTful APIs use standard HTTP methods to perform actions on resources.
- The main methods and their purposes are:
  - GET
     - Purpose: Retrieve data from the server.
     - Example: GET /users → fetch a list of users.
Effect: Does not change data.
  - POST
     - Purpose: Create a new resource on the server.
     - Example: POST /users with user details → add a new user.
  - PUT
     - Purpose: Update or replace an existing resource completely.
     - Example: PUT /users/5 → replace all details of user with ID 5.
  - PATCH
     - Purpose: Partially update an existing resource.
     - Example: PATCH /users/5 → update only specific fields.
  - DELETE
     - Purpose: Remove a resource from the server.
     - Example: DELETE /users/5 → delete user with ID 5.
  - HEAD
     - Same as GET but returns only headers, not the body. Useful for checking if a resource exists.
  - OPTIONS
     - Tells which HTTP methods are allowed for a resource.


7. What is the purpose of the @app.route() decorator in Flask
- Purpose of @app.route() in Flask

  - The @app.route() decorator is used to link a URL path to a Python function in a Flask application.

  - Decorator Role: It tells Flask which URL should trigger the execution of a specific function (called a view function).

  - When a client visits that URL, Flask calls the associated function and sends its return value as the response.

8. What is the difference between GET and POST HTTP methods
- Here’s the difference between GET and POST in points:
  - GET
     - Used to retrieve data from the server.
     - Sends data via URL query string.
     - Parameters are visible in the browser.
     - Can be cached and bookmarked.
     - Limited data size (URL length limit).
     - Safe and idempotent (does not change server data).
  - POST
     - Used to send or create data on the server.
     - Sends data in the request body.
     - Parameters are hidden from the URL.
     - Not cached or bookmarked.
     - Can handle large data.
     - Changes server data; repeating may create duplicates.



9.  How do you handle errors in Flask APIs
- Use abort() to trigger standard HTTP errors.

- Use custom error handlers to return meaningful messages.

- Use try-except blocks for predictable exceptions.

- Always return appropriate HTTP status codes in API responses.

10. How do you connect Flask to a SQL database
- Install and import Flask-SQLAlchemy.

- Configure the database URI in Flask.

- Define models for tables.

- Use db.create_all() to create tables.

- Perform CRUD operations using the db.session object.

11. What is the role of Flask-SQLAlchemy
- Role of Flask-SQLAlchemy
    - Flask-SQLAlchemy is an extension for Flask that integrates the SQLAlchemy ORM (Object Relational Mapper) with Flask applications. It simplifies working with SQL databases by allowing developers to interact with the database using Python classes and objects instead of writing raw SQL queries.

12. What are Flask blueprints, and how are they useful
- Flask Blueprints are a way to organize a Flask application into modular components.
- They allow you to split the app into smaller, reusable parts, each with its own routes, templates, and static files.
- Usefulness:
   - Organize Large Applications: Instead of putting all routes in a single file, you can separate them into modules (e.g., auth, blog, admin).
   - Reusability: Blueprints can be reused across multiple applications.
   - Maintainability: Makes code cleaner and easier to manage as the project grows.
   - URL Prefixing: You can attach a common URL prefix to all routes in a blueprint. Example: All routes in the auth blueprint can start with /auth.
   - Separation of Concerns: Keeps routes, templates, and static files for different parts of the application separate.


13. What is the purpose of Flask's request object
- Purpose of Flask’s request Object:
   - The request object in Flask is used to access data sent by the client in an HTTP request.
   - It provides information about the request, such as form data, query parameters, headers, cookies, and JSON payloads.

14.  How do you create a RESTful API endpoint using Flask
- To create a RESTful API endpoint in Flask:

  - Define a route with @app.route().

  - Specify HTTP methods (GET, POST, etc.).

  - Use jsonify() to return JSON responses.

  - Use request to access incoming client data.

15. What is the purpose of Flask's jsonify() function
- The jsonify() function in Flask is used to convert Python data structures into JSON format and return them as an HTTP response.
- jsonify() is used to send JSON-formatted responses from a Flask app, ensuring the data is correctly serialized and the response has the proper content type for APIs.

16.  Explain Flask’s url_for() function
- The url_for() function in Flask is used to generate URLs for routes dynamically based on the name of the view function.
- Purpose
   - Avoid Hardcoding URLs: Instead of writing URLs manually in templates or redirects, url_for() generates them automatically. This makes the app more maintainable if URLs change later.
   - Supports Dynamic Routes: Automatically fills in variable parts of the URL.
   - Works with Templates and Redirects: Commonly used in render_template() or redirect() functions.



17.  How does Flask handle static files (CSS, JavaScript, etc.)
- Handling Static Files in Flask:
   - Static Folder
     - Place CSS, JavaScript, images, and other static files in the static folder by default.
   - Default URL Path
      - Flask serves static files at the URL path /static.
      - Example: style.css → /static/style.css.
   - Access in Templates
     - Use url_for('static', filename='filename') to generate URLs.
   - Custom Static Folder
	    - You can change the folder name when creating the app:
   - Benefits
	    - Organizes static resources separately from Python code.
	    - Provides automatic URL generation.
	    - Easy direct access to files during development.


18. What is an API specification, and how does it help in building a Flask API
- An API specification is a formal document that describes how an API works, including its endpoints, request/response formats, HTTP methods, authentication, and error handling. It acts as a contract between the API provider and clients, ensuring clarity on how the API should be used.
- It Helps in Building a Flask API:

   - Clear Blueprint: Provides a guide for developers to implement endpoints.

   - Consistency: Ensures all routes, request/response formats, and status codes follow the same standards.

   - Reduces Errors: Avoids miscommunication between frontend and backend developers.

   - Easier Testing: Enables automated testing and validation of endpoints.

   - Documentation & Maintenance: Acts as a reference for future updates or scaling the API.


19. What are HTTP status codes, and why are they important in a Flask API
- HTTP status codes are three-digit codes sent by the server in response to a client’s HTTP request. They indicate the result of the request—whether it was successful, resulted in an error, or requires further action.
   - 1xx – Informational: Request received, continuing.
   - 2xx – Success: Request succeeded. e.g., 200 OK, 201 Created
   - 3xx – Redirection: Client must take further action. e.g., 301, 302
   - 4xx – Client Errors: Client made a bad request. e.g., 400, 404
   - 5xx – Server Errors: Server failed to process request. e.g., 500, 503


- Importance in a Flask API
  - Communicates Request Outcome: Tells the client whether the request succeeded, failed, or needs action.
  - Error Handling: Helps clients handle errors gracefully using status codes.
  - API Standards: Following proper HTTP codes ensures RESTful best practices.
  - Debugging & Monitoring: Makes it easier to track issues in development or production.


20. How do you handle POST requests in Flask
- To handle POST requests in Flask:
   - Define the route with methods=['POST'].
   - Access client data via request.form or request.get_json().
   - Process the data (e.g., store in a database).
   - Return a response with jsonify() and a suitable HTTP status code.

21.  How would you secure a Flask API
- Securing a Flask API
   - Use HTTPS: Encrypt data in transit by using SSL/TLS. Prevents interception of sensitive data.
   - Authentication: Ensure only authorized users can access the API. Common methods: API Keys. Basic Auth, OAuth 2.0 / JWT (JSON Web Tokens)
   - Authorization: Control what authenticated users can do. Restrict access to certain endpoints or resources.
   - Input Validation & Sanitization: Validate incoming data to prevent SQL Injection, XSS, or other attacks.
   - Rate Limiting: Limit the number of requests per user/IP to prevent abuse or DoS attacks. Example: Use Flask-Limiter.
   - Error Handling: Avoid exposing sensitive information in error messages. Return generic messages with proper HTTP status codes.
   - CORS (Cross-Origin Resource Sharing): Use Flask-CORS to control which domains can access the API.
   - Secure Configuration: Keep secret keys and credentials safe (use environment variables). Disable debug mode in production (debug=False).
   - Logging & Monitoring: Track API access, errors, and suspicious activities for auditing.


22. What is the significance of the Flask-RESTful extension
- Flask-RESTful is an extension for Flask that simplifies the creation of RESTful APIs. It provides tools and abstractions to build APIs faster and in a structured way.
- Significance of Flask-RESTful
   - Simplifies API Development: Organizes endpoints using Resource classes and reduces boilerplate code.
   - Automatic Request Parsing: Handles JSON, form data, and query parameters easily with reqparse.
   - Standardized Responses: Returns JSON responses with proper HTTP status codes.
   - RESTful Best Practices: Encourages resource-based endpoints and correct HTTP methods.
   - Error Handling: Provides built-in error messages with appropriate status codes.
   - Maintainable & Extensible: Makes APIs easier to scale and organize.



23. What is the role of Flask’s session object
- Role of Flask’s session Object
   - Definition: The session object in Flask is used to store data specific to a user across requests. It allows data to persist between different pages during a user’s visit.
   - Key Features: Stores user-specific data like login status, preferences, or shopping cart items. Data is stored securely on the client side (in cookies) and signed to prevent tampering.
   - Requires Secret Key: Flask uses app.secret_key to encrypt and sign session data.
   - Temporary Storage: Session data persists only for the duration of the user’s session unless explicitly cleared.


# Practical Question

In [None]:
#1.	How do you create a basic Flask application

from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#2.	How do you serve static files like images or CSS in Flask

from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#3.	How do you define different routes with different HTTP methods in Flask

from flask import Flask, request

app = Flask(__name__)

@app.route('/', methods=['GET'])
def home():
    return "This is a GET request"

@app.route('/submit', methods=['POST'])
def submit():
    data = request.form.get('data')
    return f"Received POST data: {data}"

@app.route('/both', methods=['GET', 'POST'])
def both_methods():
    if request.method == 'POST':
        return "POST request received"
    else:
        return "GET request received"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#4.How do you render HTML templates in Flask
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return render_template('index.html')

if __name__ == '__main__':
    app.run(debug=True)

In [None]:
#5. How can you generate URLs for routes in Flask using url_for
from flask import Flask, url_for, redirect, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/about')
def about():
    return "About Page"

@app.route('/go-to-about')
def go_to_about():
    # Generate URL for the 'about' route
    about_url = url_for('about')
    return redirect(about_url)

@app.route('/show-link')
def show_link():
    # Generate URL and pass to template
    about_url = url_for('about')
    return render_template('link.html', about_url=about_url)

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#6.	How do you handle forms in Flask
from flask import Flask, request, render_template

app = Flask(__name__)

@app.route('/form', methods=['GET', 'POST'])
def form():
    if request.method == 'POST':
        name = request.form.get('name')
        email = request.form.get('email')
        return f"Name: {name}, Email: {email}"
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#7.	How can you validate form data in Flask
from flask import Flask, request, render_template, flash, redirect, url_for

app = Flask(__name__)
app.secret_key = "secretkey"  # Needed for flash messages

@app.route('/form', methods=['GET', 'POST'])
def form():
    if request.method == 'POST':
        name = request.form.get('name')
        email = request.form.get('email')

        # Basic validation
        if not name or not email:
            flash("All fields are required!", "error")
            return redirect(url_for('form'))
        if "@" not in email:
            flash("Invalid email address!", "error")
            return redirect(url_for('form'))

        return f"Name: {name}, Email: {email}"
    return render_template('form.html')

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#8.	How do you manage sessions in Flask
from flask import Flask, session, redirect, url_for, request, render_template

app = Flask(__name__)
app.secret_key = "secretkey"  # Required to use sessions

@app.route('/')
def home():
    if 'username' in session:
        return f"Logged in as {session['username']}"
    return "You are not logged in"

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        username = request.form.get('username')
        session['username'] = username  # Store username in session
        return redirect(url_for('home'))
    return render_template('login.html')

@app.route('/logout')
def logout():
    session.pop('username', None)  # Remove username from session
    return redirect(url_for('home'))

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#9.	How do you redirect to a different route in Flask
from flask import Flask, redirect, url_for

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/go-to-about')
def go_to_about():
    return redirect(url_for('about'))

@app.route('/about')
def about():
    return "About Page"

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#10.	How do you handle errors in Flask (e.g., 404)
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def home():
    return "Home Page"

@app.route('/about')
def about():
    return "About Page"

# Handle 404 error
@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html'), 404

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#11.	How do you structure a Flask app using Blueprints
# project/
# ├─ app.py
# ├─ main/
# │   ├─ __init__.py
# │   └─ routes.py
# └─ templates/
#     └─ index.html

# main/__init__.py
from flask import Blueprint

main = Blueprint('main', __name__)

from . import routes

# main/routes.py
from . import main
from flask import render_template

@main.route('/')
def home():
    return render_template('index.html')

@main.route('/about')
def about():
    return "About Page"

# app.py
from flask import Flask
from main import main

app = Flask(__name__)
app.register_blueprint(main)

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#12.	How do you define a custom Jinja filter in Flask
from flask import Flask, render_template

app = Flask(__name__)

# Define a custom Jinja filter
@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

@app.route('/')
def home():
    message = "Hello, Flask!"
    return render_template('index.html', message=message)

if __name__ == '__main__':
    app.run(debug=True)



In [None]:
#13.	How can you redirect with query parameters in Flask
from flask import Flask, redirect, url_for, request

app = Flask(__name__)

@app.route('/')
def home():
    # Access query parameters
    name = request.args.get('name', 'Guest')
    return f"Hello, {name}!"

@app.route('/go-home')
def go_home():
    # Redirect with query parameters
    return redirect(url_for('home', name='Vivek'))

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#14.	How do you return JSON responses in Flask
from flask import Flask, jsonify, request

app = Flask(__name__)

@app.route('/data')
def data():
    return jsonify({
        "name": "Vivek",
        "age": 25,
        "city": "Mumbai"
    })

@app.route('/echo', methods=['POST'])
def echo():
    data = request.json
    return jsonify({
        "received": data
    })

if __name__ == '__main__':
    app.run(debug=True)


In [None]:
#15.	How do you capture URL parameters in Flask
from flask import Flask

app = Flask(__name__)

@app.route('/user/<username>')
def user_profile(username):
    return f"User: {username}"

@app.route('/post/<int:post_id>')
def show_post(post_id):
    return f"Post ID: {post_id}"

@app.route('/path/<path:subpath>')
def show_subpath(subpath):
    return f"Subpath: {subpath}"

if __name__ == '__main__':
    app.run(debug=True)
