Flask - Interview Questions and Answers

Flask is a lightweight micro web framework for Python that allows developers to build web applications quickly and efficiently. It is designed to be simple, flexible, and extensible.

• Flask is a micro-framework (minimalist), whereas Django is a full-stack framework.
• Flask gives more flexibility, while Django follows a "batteries-included" approach with built-in features.
• Flask is better for small applications, while Django is suitable for large, complex projects.

• Lightweight and modular
• Built-in development server and debugger
• RESTful request handling
• Jinja2 templating
• Extensible with plugins

Run the following command in your terminal:

pip install flask

from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello, Flask!"

if __name__ == '__main__':
    app.run(debug=True)

Run the script, and visit http://127.0.0.1:5000/ in your browser.

The @app.route() decorator is used to define URL routes that map to specific view functions.

Use dynamic route parameters:

@app.route('/user/<name>')
def user(name):
    return f"Hello, {name}!"

• GET: Used to retrieve data from the server.
• POST: Used to send data to the server.

Use request.form:

from flask import request

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form['name']
    return f"Hello, {name}!"

Blueprints allow you to organize a Flask application into reusable modules.

app.run(debug=True)

It is an ORM extension for Flask that simplifies database interactions.

from flask_sqlalchemy import SQLAlchemy

app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'
db = SQLAlchemy(app)

It is used for handling web forms in Flask with CSRF protection.

Use Flask's session object:

from flask import session

@app.route('/set_session')
def set_session():
    session['user'] = 'John'
    return "Session set!"

Use Flask’s request.files:

file = request.files['file']
file.save('uploads/' + file.filename)

Use Flask-Login or JWT for authentication.

Jinja2 is a template engine used in Flask to embed dynamic data in HTML.

from flask import jsonify

@app.route('/api/data')
def api():
    return jsonify({"message": "Hello, API!"})

Use @app.errorhandler():

@app.errorhandler(404)
def not_found(error):
    return "Page not found", 404

Use before_request and after_request hooks.

You can deploy Flask using Gunicorn, uWSGI, or Docker.

Use Flask-CORS extension.

Use Flask-SocketIO for real-time communication.

Use BluePrints, Caching, Load Balancing, and Microservices.

Use Celery for task scheduling.

Use Flask’s built-in logging module.

Use Flask-OAuthlib for third-party authentication.

It is an extension that simplifies API development.

Use pytest or Flask’s built-in test client.

Use caching, database indexing, and async processing.

Flask can be used as a backend API, serving JSON data.

Flask follows the WSGI request-response cycle.

Use parameterized queries with SQLAlchemy.

Use Flask-Limiter.

from flask_restful import Resource, Api

api = Api(app)

class HelloWorld(Resource):
    def get(self):
        return {'message': 'Hello, World!'}

api.add_resource(HelloWorld, '/')

It’s a function that creates and configures an app instance.

Use @app.before_request.

Configure Celery and Flask together for background tasks.

Use async/await with Flask 2.x or Celery for async tasks.

To integrate GraphQL with Flask, you can use the Graphene library along with Flask-GraphQL. Follow these steps:

• Install the required libraries:

pip install Flask-GraphQL graphene

Define a simple GraphQL schema:

import graphene

class Query(graphene.ObjectType):
    hello = graphene.String(default_value="Hello, Flask GraphQL!")

schema = graphene.Schema(query=Query)

Set up the Flask app and add GraphQL support:

from flask import Flask
from flask_graphql import GraphQLView

app = Flask(__name__)

app.add_url_rule(
    "/graphql",
    view_func=GraphQLView.as_view("graphql", schema=schema, graphiql=True)
)

app,run(debug=True)

• Run the Flask app and access http://127.0.0.1:5000/graphql in a browser to test queries using the GraphiQL interface.

Flask-Limiter is used to implement rate limiting in Flask applications to prevent abuse.
Example:

from flask import Flask
from flask_limiter import Limiter

app = Flask(__name__)
limiter = Limiter(app)

@app.route('/')
@limiter.limit("5 per minute")
def home():
    return "This is rate limited!"

if __name__ == '__main__':
    app.run()

This limits the route to 5 requests per minute per IP.

To secure a Flask application:

• Use HTTPS
• Sanitize user input to prevent SQL injection
• Use Flask-Talisman for security headers
• Enable CSRF protection
• Use strong authentication methods

Example using Flask-Talisman:

from flask_talisman import Talisman

app = Flask(__name__)
Talisman(app)

This enforces security headers like Content Security Policy (CSP).

You can use Flask-JWT-Extended to implement JWT authentication.
Example:

from flask import Flask, jsonify
from flask_jwt_extended import JWTManager, create_access_token, jwt_required

app = Flask(__name__)
app.config["JWT_SECRET_KEY"] = "super-secret"
jwt = JWTManager(app)

@app.route("/login", methods=["POST"])
def login():
    token = create_access_token(identity="user123")
    return jsonify(access_token=token)

@app.route("/protected", methods=["GET"])
@jwt_required()
def protected():
    return jsonify(message="You are authorized!")

if __name__ == '__main__':
    app.run()

JWT is used for secure token-based authentication.

You can use Flask-SocketIO for real-time bidirectional communication.
Example:

from flask import Flask
from flask_socketio import SocketIO

app = Flask(__name__)
socketio = SocketIO(app)

@socketio.on('message')
def handle_message(msg):
    print("Received:", msg)

if __name__ == '__main__':
    socketio.run(app)

This allows real-time data exchange without reloading the page.

Use Flask-Mail to send emails.
Example:

from flask_mail import Mail, Message

app.config['MAIL_SERVER'] = 'smtp.gmail.com'
app.config['MAIL_PORT'] = 587
app.config['MAIL_USE_TLS'] = True
app.config['MAIL_USERNAME'] = 'your_email@gmail.com'
app.config['MAIL_PASSWORD'] = 'your_password'

mail = Mail(app)

@app.route('/send_email')
def send_email():
    msg = Message("Hello!", sender="your_email@gmail.com", recipients=["recipient@gmail.com"])
    msg.body = "This is a test email!"
    mail.send(msg)
    return "Email sent!"

This allows sending emails through SMTP.

Flask-Talisman is a security extension that:

• Enforces HTTPS
• Adds security headers like CSP and X-Frame-Options
• Prevents clickjacking attacks
  Example usage:

from flask_talisman import Talisman
app = Flask(__name__)
Talisman(app)

You can use Flask-PyMongo to connect Flask with MongoDB.
Example:

from flask_pymongo import PyMongo

app.config["MONGO_URI"] = "mongodb://localhost:27017/myDatabase"
mongo = PyMongo(app)

@app.route('/add')
def add_data():
    mongo.db.users.insert_one({"name": "John"})
    return "User added!"

This allows interaction with MongoDB collections.

Flask-Caching is used for caching responses and reducing database queries.
Example using simple cache:

from flask_caching import Cache

app.config['CACHE_TYPE'] = 'simple'
cache = Cache(app)

@app.route('/data')
@cache.cached(timeout=50)
def get_data():
    return "Cached Data"

This caches the /data endpoint for 50 seconds.

Celery allows running background tasks asynchronously.
Example:

from celery import Celery

app = Flask(__name__)
celery = Celery(app.name, broker='redis://localhost:6379/0')

@celery.task
def async_task():
    return "Task Complete!"

This runs background jobs without blocking the main application.

Use Flask’s built-in Flask-Script.
Example:

from flask import Flask
import click

app = Flask(__name__)

@app.cli.command("greet")
@click.argument("name")
def greet(name):
    print(f"Hello, {name}!")

if __name__ == '__main__':
    app.run()

Run in terminal:

flask greet Kartik

Use the following structure for a large-scale Flask project:

/my_flask_app
    /app
        /static
        /templates
        /models
        /routes
        /views
    /config.py
    /run.py
    /requirements.txt

This follows the MVC pattern.

Flask-Migrate is an extension that helps manage database migrations.
Example:

flask db init
flask db migrate -m "Initial Migration"
flask db upgrade

Use Flask’s built-in logging module.
Example:

import logging

logging.basicConfig(filename="app.log", level=logging.DEBUG)

@app.route('/')
def home():
    app.logger.info("Home page accessed")
    return "Logging Enabled!"

Use Flask-Uploads or chunked uploads.
Example:

@app.route('/upload', methods=['POST'])
def upload():
    file = request.files['file']
    file.save(f"./uploads/{file.filename}")
    return "File uploaded!"