Smarter developers than me have spent much time and effort hammering into my thick skull the following idea: one of the most important aspects of a senior developer is the ability to choose the correct tool for the job.
Flask is indeed much simpler, and serves the needs of smaller apps very well. The reason I've stopped using it is because I'm now familiar enough with Django's substantial, problematic learning curve that building a Django project is now just as easy for me as spinning up a Flask app (django-cookie-cutter and wagtail's project init help with this, but they're no replacement for several years of smashing your head against bad Django code). While I love Django, and have derived much utility from the tools it gives me, it's not the solution to all problems, and there are times when Flask makes total sense.
But once Flask's simplicity advantage is removed by experience, I find that it's immensely useful to have (largely correct) opinions on ORM<->DB interactions, templating, settings/config management, form validation, and user authentication baked into the project. For my projects, having these has never cost me anything even if they go unused, and more than once I've gotten myself into the situation of "You either use Django or build Django"
All of the above applies even more so to the specific task of producing a rest API. DRF is, by a large margin, my favorite tool for producing robust, understandable APIs, and I've been lucky enough to never encounter the scaling issues that I've been told (and believe to) exist.
Only if you need to implement simple CRUD API. But if you need filtering/ordering/authorization/complex serialization/unconvential request parsing -- you would need to implement a lot of stuff or install a lot of packages and find a way to make them work together. DRF makes all this things for you.
Sort of, but you'll have to assemble several different libraries to make it good. It doesn't handle request validation, JSON serialization/deserialization, or databases well out of the box.
If you use Flask with Flask-SQLAlchemy be sure to use apply_driver_hacks to enable the pool_pre_ping option or you'll end up in production wondering why 1/3 of your requests are getting a bad DB connection from the pool.
Honestly, it seems like many somewhat essential libraries for Flask APIs are being maintained by one person on GitHub. I wouldn't want to put my faith in that for a core part of my business. Django has a lot more resources going into it even if it's not as powerful as SQLAlchemy or as simple as Flask.
Flask-Restful seems pretty well maintained and it's very easy to use. If you use marshmallow it's very easy to get request validation with meaningful errors. There is also a package called apispec that can make a Swagger specification from your flask paths and marshmallow models. I like Django but unless I'm using it already I've not seen a reason to use it instead of these simpler libraries for APIs.
This looks great! I've been keeping my eye on APIStar but that still seems like it's undergoing a lot of breaking changes. This delivers a lot of the same benefits but it looks like it's actually production ready!
For a simple CRUD API, if you already have a cookie-cutter template of your REST API sketched out with Django Rest Framework, you can write your models and you're done.
