Flask is a microframework for Python based on Werkzeug, Jinja 2 and good intentions.
Flask is a microframework for Python that you can use to quickly create API’s and websites. It’s a great and easy to use platform, let’s create a simple API, but first we will go through the basics.
We’re going to install Flask in our virtual environment to later import it into our code.
pipenv install flask
Ok, now that we have installed Flask in our virtual environment, we will create the main page, let’s create a file named
api.py and input the following code snippet.
That’s enough to lift our API and return It Works! in the main page.
Let’s create a function to our, let’s add a
salute(name) method that accepts one argument as a name and returns
You can also define if a variable should be Integer, String, etc, like this:
Here’s a reference table:
|string||Accepts a string without slashes|
|float||For floating point value|
|path||Accept strings with slashe|
|any||Accepts one of the provided item|
|UUID||Accepts UUID strings|
We can Jsonify a dictionary and return it to the browser as a JSON serialized data, let’s input our dog data into a dictionary and serialize it:
# -- SNIP --
And when we go to
/mydog URL we can see our serialized dictionary:
Let’s create a little Flask project to warm up, shall we? We’re going to do an API that scans localhost with Nmap and return its open ports with only one method.
"""An Nmap Scanner and Parser."""
So, what are we doing here?
- Firstly, we import the libraries Flask for our API of course, we also import run from the package subprocess which allows us to run subprocesses from Python, the library xmltodict to parse XML data and convert it into a dictionary so we can return it later as a Jsonified data.
- Now we defined our route
"""Scan a host with Nmap."""
- Spawn a Nmap subprocess that scan our localhost looking for open ports only, we designate our XML output to
# run nmap scan from another proccess
run(['nmap', '-T5', '--open', '-oX', 'scan.xml', 'localhost'])
- We open our report
scan.xml, convert it to a dictionary with
xmltodict.parse(raw_xml.read())and store it into
# parse Nmap XML report and covert it to a dictionary
with open('scan.xml') as raw_xml:
nmap_scan = xmltodict.parse(raw_xml.read())
- Last, but not least, we return the dictionary into a Jsonified data.
# Jsonify the dictionary and return it
And when we visit https://localhost/openports we can successfully see our API in action:
Of course that our code could be way, waaaaay better, but a simple example will suffice.
Remember to checkout the Flask documentation, it is immensely useful and we only scratched the surface here.