Flask Interview
Flask Environment Flask Jinja2 Flask Jinja2 Template Filters Flask Jinja2 Control Structures Flask Handling Forms Flask Form Validation Flask Database Queries Flask Authentication Flask Authorization Flask Middleware Flask Blueprints Flask Extensions Flask Mail Flask Security Flask Deployment Flask Optimization Flask SocketIO Flask Custom CLI Commands Flask Templates Flask SqlAlchemy ORM Flask RESTful Flask Babel Flask Celery Flask Admin Flask Basics Flask Static Files Flask Error Handling Flask File Handling Flask Routing Flask RESTful APIs

Flask Interview

Flask Environment Flask Jinja2 Flask Jinja2 Template Filters Flask Jinja2 Control Structures Flask Handling Forms Flask Form Validation Flask Database Queries Flask Authentication Flask Authorization Flask Middleware Flask Blueprints Flask Extensions Flask Mail Flask Security Flask Deployment Flask Optimization Flask SocketIO Flask Custom CLI Commands Flask Templates Flask SqlAlchemy ORM Flask RESTful Flask Babel Flask Celery Flask Admin Flask Basics Flask Static Files Flask Error Handling Flask File Handling Flask Routing Flask RESTful APIs

Flask RESTful APIs

What is a RESTful API in Flask?

A RESTful API (Representational State Transfer) in Flask allows you to expose endpoints over HTTP, enabling communication between clients and the server. The API follows REST principles, where different HTTP methods like GET, POST, PUT, and DELETE are used to perform CRUD (Create, Read, Update, Delete) operations on resources.

How do you create a basic RESTful API in Flask?

To create a basic RESTful API in Flask, you define routes using Flask's @app.route() decorator and handle HTTP methods in your view functions. Each route corresponds to an API endpoint that clients can interact with.

Example of a simple RESTful API:

from flask import Flask, jsonify, request

app = Flask(__name__)

# Example data
items = [{'id': 1, 'name': 'Item 1'}, {'id': 2, 'name': 'Item 2'}]

@app.route('/items', methods=['GET'])
def get_items():
    return jsonify(items)

@app.route('/items/<int:item_id>', methods=['GET'])
def get_item(item_id):
    item = next((item for item in items if item['id'] == item_id), None)
    return jsonify(item) if item else ('Item not found', 404)

if __name__ == '__main__':
    app.run(debug=True)

In this example, the /items endpoint returns a list of items, and the /items/<item_id> endpoint returns a single item based on the item ID.

How do you handle different HTTP methods in a Flask RESTful API?

In a RESTful API, different HTTP methods are used to perform specific actions on resources. You handle these methods in Flask by specifying them in the methods argument of the @app.route() decorator.

  • GET: Retrieve data.
  • POST: Create a new resource.
  • PUT: Update an existing resource.
  • DELETE: Delete a resource.

Example of handling multiple HTTP methods:

@app.route('/items', methods=['GET', 'POST'])
def manage_items():
    if request.method == 'GET':
        return jsonify(items)
    elif request.method == 'POST':
        new_item = request.get_json()
        items.append(new_item)
        return jsonify(new_item), 201

In this example, the GET method retrieves all items, and the POST method allows clients to create a new item by sending a JSON payload.

How do you handle JSON data in Flask APIs?

Flask provides utilities to handle JSON data easily. You can use the request.get_json() method to parse incoming JSON data and the jsonify() function to send JSON responses back to the client.

Example of handling JSON data:

@app.route('/items', methods=['POST'])
def create_item():
    data = request.get_json()
    new_item = {'id': len(items) + 1, 'name': data['name']}
    items.append(new_item)
    return jsonify(new_item), 201

In this example, a new item is created by parsing the JSON payload from the request and returning the newly created item in JSON format.

How do you handle status codes in Flask APIs?

In Flask APIs, you can specify the HTTP status code in the response using a tuple with the data and the status code. By default, Flask returns a status code of 200 OK for successful responses, but you can return different codes based on the outcome of the request.

Example of handling status codes:

@app.route('/items/<int:item_id>', methods=['GET'])
def get_item(item_id):
    item = next((item for item in items if item['id'] == item_id), None)
    if item:
        return jsonify(item), 200
    return jsonify({'error': 'Item not found'}), 404

In this example, a status code of 200 OK is returned if the item is found, and 404 Not Found is returned if the item does not exist.

How do you update data in a RESTful API using Flask?

To update data in a RESTful API, you typically use the PUT or PATCH method. In Flask, you handle this by checking for a PUT or PATCH request, retrieving the data from the client, and updating the resource accordingly.

Example of updating data with a PUT request:

@app.route('/items/<int:item_id>', methods=['PUT'])
def update_item(item_id):
    item = next((item for item in items if item['id'] == item_id), None)
    if item:
        data = request.get_json()
        item['name'] = data['name']
        return jsonify(item), 200
    return jsonify({'error': 'Item not found'}), 404

In this example, the PUT request updates the name of the item based on the provided item_id.

How do you delete a resource in Flask RESTful APIs?

To delete a resource in a RESTful API, you use the DELETE method. In Flask, you handle this by defining a route that listens for DELETE requests and removes the corresponding resource from the dataset.

Example of deleting a resource:

@app.route('/items/<int:item_id>', methods=['DELETE'])
def delete_item(item_id):
    item = next((item for item in items if item['id'] == item_id), None)
    if item:
        items.remove(item)
        return '', 204
    return jsonify({'error': 'Item not found'}), 404

In this example, the DELETE request removes the item with the given item_id from the dataset and returns a 204 No Content status code to indicate successful deletion.

How do you implement pagination in a Flask RESTful API?

To implement pagination in a Flask RESTful API, you can use query parameters like page and per_page to fetch a subset of data. Pagination helps avoid loading too many records at once and improves performance for large datasets.

Example of paginating results:

@app.route('/items', methods=['GET'])
def get_items():
    page = request.args.get('page', 1, type=int)
    per_page = request.args.get('per_page', 10, type=int)
    start = (page - 1) * per_page
    end = start + per_page
    paginated_items = items[start:end]
    return jsonify(paginated_items)

In this example, the page and per_page parameters are used to paginate the items, returning only the items for the current page.

How do you handle authentication in Flask RESTful APIs?

Authentication in Flask RESTful APIs ensures that only authorized users can access certain resources. Common methods include token-based authentication (e.g., JWT) and basic authentication. Flask provides several extensions like Flask-JWT-Extended for handling JWT authentication.

Example of basic token-based authentication:

from functools import wraps
from flask import request, jsonify

def token_required(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        token = request.headers.get('x-access-token')
        if not token:
            return jsonify({'message': 'Token is missing!'}), 403
        # Here, you would verify the token
        return f(*args, **kwargs)
    return decorated_function

@app.route('/protected', methods=['GET'])
@token_required
def protected():
    return jsonify({'message': 'This is a protected route'})

In this example, a decorator token_required checks for a token in the request headers, and if a token is missing or invalid, it returns a 403 Forbidden response.

How do you handle errors and exceptions in Flask RESTful APIs?

In Flask, you can handle errors and exceptions globally using the @app.errorhandler() decorator. This allows you to return custom error messages and status codes for specific exceptions or HTTP errors.

Example of handling a 404 Not Found error:

@app.errorhandler(404)
def not_found(error):
    return jsonify({'error': 'Resource not found'}), 404

In this example, if a 404 error occurs, a custom JSON response is returned with the message "Resource not found".

How do you secure Flask RESTful APIs?

To secure Flask RESTful APIs, you can implement the following best practices:

  • Use HTTPS to encrypt communication between the client and server.
  • Implement authentication and authorization to control access to resources.
  • Validate and sanitize user input to prevent SQL injection and XSS attacks.
  • Use rate limiting to protect against DoS attacks.
  • Enable CSRF protection for non-API routes.

Example of enabling rate limiting with Flask-Limiter:

pip install Flask-Limiter

Example of adding rate limiting:

from flask_limiter import Limiter

limiter = Limiter(app, default_limits=["200 per day", "50 per hour"])

@app.route('/items', methods=['GET'])
@limiter.limit("10 per minute")
def get_items():
    return jsonify(items)

In this example, the Flask-Limiter extension is used to limit API requests to 10 per minute for the /items route.

How do you test RESTful APIs in Flask?

Flask provides a built-in testing client that allows you to simulate HTTP requests to your API endpoints. You can use this client to test your APIs in isolation and verify that they return the expected results.

Example of testing a Flask API:

import unittest
from app import app

class ApiTestCase(unittest.TestCase):
    def setUp(self):
        self.app = app.test_client()
        self.app.testing = True

    def test_get_items(self):
        response = self.app.get('/items')
        self.assertEqual(response.status_code, 200)

if __name__ == '__main__':
    unittest.main()

In this example, the Flask testing client is used to make a GET request to the /items endpoint, and the status code is verified to be 200 OK.

Ads