Skill: Flask

Best practices for Flask web development including routing, blueprints, and testing.

When to Use

Apply this skill when building Flask web applications or APIs — routing, blueprints, extensions, and testing.

Project Structure

• Use the application factory pattern (create_app()) to avoid global state and enable testing.
• Organize features into Blueprints; register them in the factory.
• Keep configuration in a config.py with classes like DevelopmentConfig, ProductionConfig.

Routing and Views

• Prefer explicit HTTP method decorators (@app.get, @app.post) over generic @app.route with methods=[...].
• Validate request data early; return 400 errors for malformed input before processing.
• Use flask.abort() with appropriate HTTP codes rather than returning error responses manually.

Extensions

• Initialize extensions lazily with ext.init_app(app) inside the factory, not at module level.
• Common extensions: Flask-SQLAlchemy, Flask-Migrate, Flask-Login, Flask-WTF, Flask-CORS.

Testing

• Use app.test_client() for HTTP-level tests and app.test_request_context() for unit tests.
• Use pytest fixtures to create the app and client; scope appropriately (session for the app, function for the client).
• Set TESTING=True and use a separate test database.

Pitfalls

• Never use the development server (app.run()) in production — use Gunicorn or uWSGI.
• Avoid storing mutable state on the app object; use g for request-scoped data.
• Never hardcode SECRET_KEY — load from environment variables.