# Asssignment Solutions on Rest API & Flask- Theoritical Questions

1. What is a RESTful API?
- A RESTful API is a way for different systems to communicate over the internet using the HTTP protocol. REST stands for Representational State Transfer. REST APIs follow certain principles like statelessness, use of standard HTTP methods (GET, POST, etc.), and structured responses usually in JSON or XML format.

>>In simple words, it’s a system that lets two applications talk to each other – for example, your app talking to a weather service to get temperature data.

2. Explain the concept of API specification.
- An API specification is like a guidebook or blueprint that tells us how the API will behave. It defines:

- What endpoints are available

- What parameters to pass

- What response format to expect

- Which HTTP methods to use

>> Tools like OpenAPI (Swagger) are used to write API specifications. It helps developers understand how to use or build the API.

3. What is Flask, and why is it popular for building APIs?
- Flask is a lightweight web framework in Python that makes it easy to create web applications and APIs. It’s popular because:

- It’s simple and minimal

- Easy to learn for beginners

- Offers flexibility and extensions

- Great for small to medium-sized projects

>>Since Flask doesn’t force a particular project structure, developers have more control.

4. What is routing in Flask?

- Routing means deciding what should happen when a user goes to a specific URL.

- In Flask, we use the @app.route() decorator to create routes. For example:

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/hello')
def hello():
    return "Hello from Flask!"


Here, when a user visits /hello, the hello() function will be executed.

5. How do you create a simple Flask application?
- To create a basic Flask application, we first need to install Flask. Since I am using Google Colab for this assignment, and Flask apps don’t run normally in Colab like they do on local machines, I used the flask-ngrok package. It helps us run Flask inside Colab by giving a temporary web link using ngrok.

In [None]:
!pip install flask-ngrok

from flask import Flask
from flask_ngrok import run_with_ngrok

app = Flask(__name__)
run_with_ngrok(app)  # This line makes Flask run with ngrok in Colab

@app.route('/')
def home():
    return "Welcome to my first Flask App (Colab version)!"

if __name__ == '__main__':
    app.run()



Collecting flask-ngrok
  Downloading flask_ngrok-0.0.25-py3-none-any.whl.metadata (1.8 kB)
Downloading flask_ngrok-0.0.25-py3-none-any.whl (3.1 kB)
Installing collected packages: flask-ngrok
Successfully installed flask-ngrok-0.0.25
 * Serving Flask app '__main__'
 * Debug mode: off


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
Exception in thread Thread-8:
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/urllib3/connection.py", line 198, in _new_conn
    sock = connection.create_connection(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/urllib3/util/connection.py", line 85, in create_connection
    raise err
  File "/usr/local/lib/python3.11/dist-packages/urllib3/util/connection.py", line 73, in create_connection
    sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/urllib3/connectionpool.py", line 787, in urlopen
    response = self._make_request(
               ^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/urllib3/connectionpool.py", line 493, in _make_reques

6. What are HTTP methods used in RESTful APIs?

- RESTful APIs commonly use the following HTTP methods:

- GET – To read or fetch data

- POST – To create new data

- PUT – To update existing data completely

- PATCH – To update partially

- DELETE – To remove data

>>Each method has a specific purpose in the CRUD operations.

7. What is the purpose of the @app.route() decorator in Flask?
- The @app.route() decorator in Flask maps a URL path to a specific Python function.

Example:



In [None]:
@app.route('/about')
def about():
    return "About page"


When a user visits /about, the about() function will be executed and its return value shown.

8. What is the difference between GET and POST HTTP methods?

| GET                           | POST                                |
| ----------------------------- | ----------------------------------- |
| Used to **fetch** data        | Used to **send** or **create** data |
| Parameters appear in the URL  | Parameters are in the request body  |
| Not secure for sensitive data | More secure for forms and passwords |
| Can be bookmarked             | Cannot be bookmarked                |


Example:

In [None]:
@app.route('/data', methods=['GET'])
def get_data():
    return "This is GET"

@app.route('/data', methods=['POST'])
def post_data():
    return "This is POST"

9. How do you handle errors in Flask APIs?
- Flask provides the @app.errorhandler() decorator to handle errors. You can create custom error messages for different error codes.

Example:

In [None]:
@app.errorhandler(404)
def not_found(error):
    return "Oops! Page not found.", 404


You can also handle errors like bad requests, internal server errors, etc.
10. How do you connect Flask to a SQL database?

- You can connect Flask to a SQL database using Flask-SQLAlchemy, which is an ORM (Object Relational Mapper).

>>Steps:

- Install the package:
- pip install flask_sqlalchemy

Code Example:

In [None]:
from flask import Flask
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///students.db'
db = SQLAlchemy(app)

class Student(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(50))

with app.app_context():
    db.create_all()


This creates a SQLite database with a Student table.

11. What is the role of Flask-SQLAlchemy?

- Flask-SQLAlchemy is an extension that helps us connect Flask with a SQL database like SQLite, MySQL, etc. It uses SQLAlchemy, which is a powerful ORM (Object Relational Mapper). Instead of writing raw SQL queries, we can work with Python classes and objects.

>>Example:

In [None]:
from flask_sqlalchemy import SQLAlchemy
db = SQLAlchemy(app)


With this, we can easily create tables and interact with databases in an object-oriented way.

12. What are Flask blueprints, and how are they useful?

- Flask Blueprints help us organize large Flask apps into smaller parts or modules. Instead of writing everything in one file, we divide the app using blueprints.

>> It’s like creating sections for different features — such as auth, admin, or user.

>>Why useful:

- Keeps code clean and maintainable

- Makes teamwork easier

- Reusable components

13. What is the purpose of Flask's request object?

- Flask’s request object helps us access incoming request data. For example, when someone submits a form or sends JSON data to our API, we can access it using:

In [None]:
from flask import request

data = request.form['name']  # For form data


It also supports request.args (for query parameters), request.json, request.method, etc.

14. How do you create a RESTful API endpoint using Flask?
- We can create RESTful endpoints using Flask by defining a route with HTTP methods.

Example:

In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/api/data', methods=['GET'])
def get_data():
    return jsonify({"message": "Data fetched successfully"})


15. What is the purpose of Flask's jsonify() function?

- The jsonify() function is used to convert Python data (like dicts or lists) into a JSON response, which is the standard format for APIs.

Example:

In [None]:
from flask import jsonify

data = {"name": "Suraj", "age": 28}
return jsonify(data)


This will return a proper JSON response:
{"name": "Suraj", "age": 28}

16. Explain Flask's url_for() function.

- The url_for() function dynamically generates the URL for a given function name. Instead of hardcoding URLs, we use url_for() so the app is more flexible and avoids errors.

Example:



In [None]:
@app.route('/profile')
def profile():
    return "User Profile"

url_for('profile')  # Returns "/profile"


17. How does Flask handle static files (CSS, JavaScript, etc.)?

- Flask automatically looks for static files in the static/ folder. To use them in HTML, we refer them using the url_for('static', filename='...') method.

Example HTML:

<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">

Put my CSS, JS, or image files inside the static folder.

18. What is an API specification, and how does it help in building a Flask API?
- An API specification defines how the API behaves:

- What routes/endpoints exist

- What input is expected

-What output will be returned

- What methods (GET, POST, etc.) are used

>>It helps in:

- Planning the API

- Avoiding confusion between backend/frontend teams

- Writing clean documentation

- Tools like Swagger/OpenAPI help define specifications clearly.


19. What are HTTP status codes, and why are they important in a Flask API?
- HTTP status codes tell us whether a request was successful or failed.

Some common codes:

- 200 – OK (Success)

- 201 – Created (for POST)

- 400 – Bad Request

- 404 – Not Found

- 500 – Server Error

In Flask:




In [None]:
return jsonify({"message": "Not Found"}), 404


Status codes improve API communication and debugging.

20. How do you handle POST requests in Flask?
- To handle a POST request, we use methods=['POST'] in the route, and then extract data using request.form or request.json.

Example:




In [None]:
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/submit', methods=['POST'])
def submit():
    data = request.json
    name = data.get('name')
    return jsonify({"message": f"Hello {name}!"})


This code reads JSON data sent in a POST request and returns a custom response.

21. How would you secure a Flask API?
>>Securing a Flask API is important to prevent unauthorized access or misuse of data. Here are some common ways to secure it:

- Authentication: Make sure only authorized users can access certain endpoints. Use token-based systems like JWT (JSON Web Token) or API keys.

- Authorization: Control what different users can access or modify.

- HTTPS: Run the app over HTTPS instead of HTTP to keep data encrypted during transfer.

- Input validation: Always check user inputs to prevent injection attacks.

- CORS management: Use Flask-CORS to control which frontend domains can access the API.

- Rate limiting: Prevent abuse by limiting the number of requests a user can make.

Example (JWT simplified):


In [None]:
# Check for token in headers before allowing access
token = request.headers.get('Authorization')
if not token:
    return jsonify({"error": "Unauthorized"}), 401


22. What is the significance of the Flask-RESTful extension?
>>Flask-RESTful is an extension that helps us build REST APIs quickly and neatly in Flask. It provides tools that make our code cleaner and better organized.

Benefits:

- Makes it easier to manage HTTP methods like GET, POST, PUT, DELETE

- Encourages class-based APIs (like Resource classes)

- Supports input parsing and error handling

- Example:

In [None]:
from flask_restful import Resource

class Hello(Resource):
    def get(self):
        return {"message": "Hello from RESTful API"}


In short, it makes building APIs more efficient and professional.

23. What is the role of Flask's session object?

>>The session object in Flask is used to store user-specific data temporarily — like login status or user preferences — across multiple requests. It uses cookies under the hood but keeps the data secure with encryption.

Why it’s useful:

- Helps in login systems

- Tracks user activity (like cart items in a shopping site)

Example:




In [None]:
from flask import session

# Set session data
session['username'] = 'Suraj'

# Get session data
user = session.get('username')


To use sessions, we must set a SECRET_KEY in the Flask app for security.

# Practical Questions Solutions

1. How do you create a basic Flask application?

- To create a basic Flask app, you first need to install Flask using pip install flask. Then create a file (say app.py) with the following code:

In [None]:
from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)


 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
INFO:werkzeug:[33mPress CTRL+C to quit[0m
INFO:werkzeug: * Restarting with stat


2. How do you serve static files like images or CSS in Flask?
- Flask automatically serves static files placed inside a folder called static. For example:

Folder structure:

In [None]:
/static/css/style.css
/static/images/logo.png


In HTML:
<link rel="stylesheet" href="{{ url_for('static', filename='css/style.css') }}">
<img src="{{ url_for('static', filename='images/logo.png') }}" alt="Logo">


3. How do you define different routes with different HTTP methods in Flask?
- We can specify HTTP methods using the methods argument in the route decorator:

In [None]:
@app.route('/submit', methods=['GET', 'POST'])
def submit():
    if request.method == 'POST':
        return "Data submitted"
    else:
        return "Send the data using POST"


4. How do you render HTML templates in Flask?

- Templates are kept in a folder named templates. To render them, use render_template().

In [None]:
from flask import render_template

@app.route('/')
def index():
    return render_template('index.html')


Making sure index.html is in the templates folder.

5. How can you generate URLs for routes in Flask using url_for?
- url_for helps generate URLs dynamically:

In [None]:
@app.route('/about')
def about():
    return "About Page"

# Usage in Python:
url_for('about')  # Output: /about

# Usage in HTML:
<a href="{{ url_for('about') }}">Go to About</a>


6. How do you handle forms in Flask?
- We can use the request object to handle form data:

In [None]:
from flask import request

@app.route('/form', methods=['GET', 'POST'])
def form():
    if request.method == 'POST':
        name = request.form['name']
        return f"Hello, {name}!"
    return '''
        <form method="POST">
            <input name="name">
            <input type="submit">
        </form>
    '''


7. How can you validate form data in Flask?

- Basic validation can be done manually, or you can use Flask-WTF:

In [None]:
@app.route('/form', methods=['POST'])
def form():
    name = request.form.get('name')
    if not name:
        return "Name is required"
    return f"Welcome, {name}"


8. How do you manage sessions in Flask?

-Sessions let you store user-specific data:

In [None]:
from flask import session

app.secret_key = 'your_secret_key'

@app.route('/login')
def login():
    session['user'] = 'Suraj'
    return "User logged in"

@app.route('/profile')
def profile():
    user = session.get('user')
    return f"Welcome {user}"


9. How do you redirect to a different route in Flask?
- Use redirect() along with url_for():

In [None]:
from flask import redirect, url_for

@app.route('/go')
def go():
    return redirect(url_for('home'))


10. How do you handle errors in Flask (e.g., 404)?

- We can use error handlers for this:

In [None]:
@app.errorhandler(404)
def page_not_found(e):
    return "Page Not Found", 404


11. How do you structure a Flask app using Blueprints?
- Blueprints help in modularizing the code.
- Example:

main.py

In [None]:
from flask import Flask
from myroutes import app_routes

app = Flask(__name__)
app.register_blueprint(app_routes)


myroutes.py


In [None]:
from flask import Blueprint

app_routes = Blueprint('app_routes', __name__)

@app_routes.route('/hello')
def hello():
    return "Hello from Blueprint!"


12. How do you define a custom Jinja filter in Flask?
- We can create your own filter like this:

In [None]:
@app.template_filter('reverse')
def reverse_filter(s):
    return s[::-1]

# In template:
{{ 'hello' | reverse }}  <!-- Output: 'olleh' -->


13. How can you redirect with query parameters in Flask?
- Using url_for with query parameters:


In [None]:
@app.route('/search')
def search():
    return redirect(url_for('results', q='flask'))

@app.route('/results')
def results():
    query = request.args.get('q')
    return f"Results for {query}"


14. How do you return JSON responses in Flask?

- Using jsonify():


In [None]:
from flask import jsonify

@app.route('/api/data')
def data():
    return jsonify({"name": "Suraj", "age": 28})


15. How do you capture URL parameters in Flask?
- Use angle brackets in route definition:

In [None]:
@app.route('/user/<username>')
def show_user(username):
    return f"User: {username}"
