System Design

Question 1

Client encryption

Answer 1

bcrypt.js (Best for Hashing)
Using CryptoJS (AES Encryption)
SHA-256 (One-Way Hashing)

Question 2

SHA-256 (One-Way Hashing) If can’t decrypt then how to use

Answer 2

Since SHA-256 is irreversible, we do not decrypt it. Instead, we:

Hash the password when the user signs up and store the hashed value.

When the user logs in, we hash the entered password and compare it with the stored hash.

If the hashes match, authentication is successful.

Question 3

Login types

Answer 3

Basic Authentication

OAuth 2.0

JWT (JSON Web Token)

Session-Based Auth

Multi-Factor Auth (MFA)

Biometric Authentication

Question 4

OAuth 2.0

Answer 4

🧑‍💻 User (Client) Actions:
1️⃣ User clicks “Login with Service” on the App.
2️⃣ App redirects User to Authorization Server (Service Login Page).
3️⃣ User logs in and approves requested permissions.

🖥️ App (Client) Actions:
4️⃣ Receives an Authorization Code from the Authorization Server.
5️⃣ Sends this code to the Token Endpoint of the Authorization Server.

🖥️ Authorization Server Actions:
6️⃣ Validates the code and issues an Access Token to the App.

🖥️ Resource Server Actions:
7️⃣ App uses the Access Token to request user data from the Resource Server.
8️⃣ Resource Server verifies the token and returns the requested data.

🔄 Final Step: User is authenticated, and the app can access the authorized resources. 🚀

Question 5

httponly ?

Answer 5

flag to keep tokens secured in browser cookie

Question 6

scaling

Answer 6

Load Balancers (Nginx, HAProxy) – Evenly distribute requests.
Read Replicas – Distribute read traffic to multiple DBs.

Sharding – Split large databases into smaller, manageable parts.

Caching – Use Redis, Memcached to reduce DB load.
API Caching – Store frequently accessed API responses.

Asynchronous Processing & Queues 📩
Message Queues (RabbitMQ, Kafka, SQS) – Handle high traffic without blocking.

Background Jobs (Celery, Sidekiq, Cron Jobs) – Process tasks asynchronously.
Service Mesh (Istio, Linkerd) – Better traffic management.
Monitoring (Prometheus, Grafana, New Relic) – Detect and handle performance issues.

Question 7

Load Balancing Methods

Answer 7

✅ Round Robin – Sends requests to each server in order.
✅ Least Connections – Sends traffic to the server with the fewest active connections.
✅ IP Hashing – Ensures the same user always reaches the same server.
✅ Weighted Load Balancing – Prioritizes servers based on their power/capacity.
✅ SSL Termination – Offloads SSL decryption to improve performance.

Question 8

Browser cache types

Answer 8

HTTP Cache (or Cache-Control Cache)
Browser Cache (Disk Cache)
Memory Cache (RAM Cache)
Service Worker Cache (Offline Cache)
Local Storage
Session Storage
IndexedDB

Question 9

HTTP Cache (or Cache-Control Cache)

Answer 9

The HTTP cache stores copies of resources (like images, stylesheets, and JavaScript files) that are fetched from web servers. The browser checks if the content is still valid or needs to be fetched again based on HTTP headers like Cache-Control or Expires.

Question 10

Memory Cache

Answer 10

Stores resources temporarily in the system’s RAM while a website is open.

Used for quick access to assets during active sessions.

Example: A webpage’s scripts and styles are cached in RAM for smoother navigation

Question 11

Service Worker Cache (Offline Cache)

Answer 11

Stores website resources to allow offline access.

Used in Progressive Web Apps (PWAs) to load pages without an internet connection.

Example: A news app stores recent articles so they remain accessible offline.

if (‘serviceWorker’ in navigator) {
navigator.serviceWorker.register(‘/service-worker.js’)
.then(() => console.log(‘Service Worker Registered’))
.catch(error => console.log(‘Service Worker Registration Failed:’, error));
}