AskAPython.com

The go-to resource for upgrading Python, Django, Flask, and your dependencies.

Flask Framework: Python Microframework Complete Beginner Tutorial 2026

flaskflask-frameworkpython-webtutorialmicroframeworkjinja2sqlalchemywtformsdeploymentbeginner

Flask is Python’s most popular lightweight web framework for building web applications and APIs quickly. Searches like “Flask framework tutorial”, “what is Flask Python”, “Flask hello world” spike monthly. This guide covers installation, core concepts, advanced features like databases/forms, and deployment—optimized for beginners to production-ready apps.

What is Flask Framework?

Flask is a micro web framework written in Python. Unlike full-stack frameworks (Django), Flask provides core tools (routing, templating) without batteries-included. Key features:

  • Minimalist: Start small, add extensions (Flask-SQLAlchemy, Flask-WTF).
  • Werkzeug/ Jinja2: Powers request handling and HTML templating.
  • Flexible: REST APIs, web apps, microservices.
  • Production-ready: Used by Netflix, LinkedIn, Pinterest.
FrameworkSizeBatteriesLearning CurveBest For
Flask20KBMinimalEasyAPIs, Prototypes
Django10MBFullSteeperEnterprise Apps
FastAPI1MBAsyncMediumHigh-perf APIs

Official Docs

Flask Installation (Python 3.12+)

# Virtual env (recommended)
python -m venv flask-env
source flask-env/bin/activate  # Linux/Mac
# flask-env\\Scripts\\activate  # Windows

pip install flask
flask --version  # Verify: Flask 3.0.x

Hello World: First Flask App

Create app.py:

from flask import Flask

app = Flask(__name__)

@app.route('/')
def hello():
    return '<h1>Hello, Flask Framework!</h1>'

if __name__ == '__main__':
    app.run(debug=True)

Run: flask run or python app.py

Visit http://127.0.0.1:5000/ → Hello World!

Dynamic Routes & Templates (Jinja2)

Add /user/<name>:

@app.route('/user/<name>')
def user(name):
    return f'<h1>Hello, {name}!</h1>'

Jinja templates: Create templates/index.html:

<!DOCTYPE html>
<html>
<head><title>Flask App</title></head>
<body>
    <h1>{{ message }}</h1>
    <p>Welcome to {{ framework }} framework!</p>
</body>
</html>

Update route:

from flask import render_template

@app.route('/')
def index():
    return render_template('index.html', message='Hello Flask', framework='Flask')

Static files: static/style.css auto-served.

Forms with Flask-WTF

pip install flask-wtf

config.py:

WTF_CSRF_ENABLED = True
SECRET_KEY = 'dev'  # Production: os.urandom(24)

Form class:

from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired

class NameForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired()])
    submit = SubmitField('Submit')

Template & route:

<form method="POST">
    {{ form.hidden_tag() }}
    {{ form.name.label }} {{ form.name() }}
    {{ form.submit() }}
</form>
from flask import flash, redirect, url_for
# ...
@app.route('/', methods=['GET', 'POST'])
def index():
    form = NameForm()
    if form.validate_on_submit():
        flash(f'Hello, {form.name.data}!')
        return redirect(url_for('index'))
    return render_template('index.html', form=form)

Database: Flask-SQLAlchemy

pip install flask-sqlalchemy

models.py:

from flask_sqlalchemy import SQLAlchemy
db = SQLAlchemy()

class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(80), nullable=False)

# Init: db.create_all()

app.py: app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db' ; db.init_app(app)

CLI: flask shelldb.create_all()

Blueprints: Modular Apps

Large apps use Blueprints:

# auth_bp.py
from flask import Blueprint
auth_bp = Blueprint('auth', __name__)

@auth_bp.route('/login')
def login(): ...
# app.py: app.register_blueprint(auth_bp, url_prefix='/auth')

Deployment: Production

Heroku:

pip install gunicorn
echo "web: gunicorn app:app" > Procfile
git init; git add .; git commit -m "init"
heroku create; git push heroku main

Vercel (serverless):

  • vercel.json: {"builds": [{"src": "app.py", "use": "@vercel/python"}]}
  • vercel deploy

Nginx + Gunicorn (VPS):

gunicorn -w 4 -b 0.0.0.0:8000 app:app

Security: app.run(host='0.0.0.0', debug=False)

Common Extensions

  • REST API: Flask-RESTful/Flask-RESTX
  • Auth: Flask-Login, Flask-JWT-Extended
  • Admin: Flask-Admin
  • Testing: pytest-flask

Best Practices & SEO Tips

  • Use flask-cli extensions.
  • Environment vars: dotenv.
  • Logging: app.logger.
  • Error handlers: @app.errorhandler(404)
  • SEO: Meta tags in Jinja, sitemap.xml.

Next: Flask Security Audit

Flask scales from prototypes to production. Start coding—questions in comments!

Sponsored by Durable Programming

Need help maintaining or upgrading your Python application? Durable Programming specializes in keeping Python apps secure, performant, and up-to-date.

Hire Durable Programming