Back-End and Full Stack Questions Flashcards
(27 cards)
How do you set up communication between a React front-end and a Node.js back-end?
By making HTTP requests from the React front-end to the back-end. The back-end listens to the requests and sends responses back in JSON format.
Common libraries for making requests include fetch and Axios.
What is the difference between RESTful APIs and GraphQL?
RESTful APIs use HTTP methods and fixed endpoints while GraphQL allows clients to request only the data they need with a custom response shape.
GraphQL helps reduce over-fetching and under-fetching issues.
What are some strategies to secure a REST API?
- Using HTTPS for secure communication
- Authenticating requests using OAuth or JWT
- Validating inputs to prevent injection attacks
- Implementing rate-limiting to avoid DDoS attacks
- Using role-based access control (RBAC) to limit access
These strategies help protect APIs from unauthorized access and attacks.
What are the advantages of using JWT (JSON Web Tokens) for authentication?
- Stateless, requiring no server-side storage
- Can be sent as part of HTTP headers
- Self-contained, storing user’s information
- Compact and easy to use across different domains
- Can be securely signed
JWTs enhance scalability and simplify authentication across services.
What is CORS (Cross-Origin Resource Sharing)?
CORS is a security feature that allows or restricts web pages from making requests to domains other than their own.
It helps protect against cross-origin attacks.
How do you handle CORS in a Node.js application?
By setting appropriate headers in server responses, typically using middleware like cors in Express.
This middleware simplifies CORS configuration.
How would you deploy a full-stack application (React + Node.js)?
By using services like Heroku, AWS, or DigitalOcean. The React front-end is built and served as static files, while the Node.js back-end is deployed as a server.
Considerations include environment variables, API security, build process for React, and proper routing.
What is the difference between REST and GraphQL?
In REST, data is requested from multiple predefined endpoints, with each endpoint returning a fixed set of data. In GraphQL, clients define a single query, specifying exactly which data fields they need, reducing over-fetching and under-fetching of data.
What are HTTP methods (GET, POST, PUT, DELETE), and when would you use each?
Discuss the purpose of each HTTP method and how they map to CRUD operations.
Explain the concept of a “microservice” architecture.
Microservice Architecture: A system design where applications are divided into small, independent services, each focused on a specific business function and communicated through APIs.
Advantages:
Scalability Independent deployment Technology flexibility Fault isolation Faster development cycles Enhanced maintainability Continuous delivery Flexibility in team structure
Disadvantages:
Complexity Inter-service communication overhead Data consistency challenges Increased resource consumption Requires sophisticated monitoring tools
What is CORS (Cross-Origin Resource Sharing), and how do you handle it in an API?
Explain the issue of cross-origin requests and how to handle CORS using server-side headers or libraries.
What is JWT (JSON Web Token), and how is it used for authentication?
Describe how JWT works for secure authentication and authorization, including tokens and expiration.
What are the key differences between SQL and NoSQL databases?
Compare relational databases (SQL) and non-relational databases (NoSQL), focusing on data structure, scalability, and use cases.
What is the role of an ORM (Object-Relational Mapping) library in full-stack development?
Explain what ORM libraries do and give examples like Sequelize (Node.js), TypeORM, and Mongoose (MongoDB).
What is the difference between a server-side and a client-side rendering?
Discuss the pros and cons of server-side rendering (SSR) vs. client-side rendering (CSR) in terms of performance and SEO.
How do you ensure security in a full-stack application?
Explain common security practices such as input validation, password hashing, OAuth, preventing XSS and CSRF attacks, and using HTTPS.
What is a RESTful API, and what are its key principles?
Describe the core principles of REST (Representational State Transfer), such as statelessness, resource-based URIs, and the use of HTTP methods.
What is the role of WebSockets in full-stack development?
Explain how WebSockets provide real-time communication between the client and server and its use cases in applications like chat or live notifications.
What is the purpose of version control systems like Git in full-stack development?
Discuss the importance of using version control systems (e.g., Git) for managing codebases, collaboration, and tracking changes.
What are environment variables, and why are they important in a full-stack application?
Explain the concept of environment variables and how they store sensitive configuration like API keys, database credentials, etc.
How do you handle error handling in both client-side and server-side code?
Discuss strategies for managing errors in JavaScript (e.g., try/catch) and how to return proper error messages from the server (e.g., HTTP status codes).
What is MVC (Model-View-Controller) architecture?
Explain the MVC design pattern and how it’s used to organize code in both the front-end and back-end parts of an application.
What is AJAX, and how does it work in full-stack applications?
Describe how AJAX allows you to make asynchronous requests to the server without reloading the page, improving the user experience.
What is a Content Delivery Network (CDN), and why is it important in web development?
Explain the concept of a CDN, its role in caching and speeding up static assets (images, CSS, JavaScript), and its impact on performance.
