Advanced interview questions for web application server-side/ back-end developers, Node.js – Part1

Here are some interview questions that Lead backend developers, with experience of  3+ years, usually face during interviews.

  1. What are authentication and authorization? What is OAuth?
  2. What are API gateways and advantages of using them?
  3. Which is the best place to store session_ids or access_tokens. What are the different types of client-side storages and their differences?
  4.  What are middlewares?
  5. What is CORS(Cross-origin resource sharing), what is the importance and how to handle CORS?
  6. Describe microservices, web services, and APIs?
  7. How to validate requests while building REST APIs and why it is important?
  8. Explain the difference between SQL databases and NoSQL databases?
  9. Explain callbacks
  10. We have foreach loop and in each, we will have asynchronous operations. How to handle this case?
  1. Authentication is about verifying user identity and authorization is about checking whether a resource can be accessed. Authorization is not about user identity, it is about whether a requester can be granted permission to access a resource. Authentication is about verifying a user’s identity. Authentication and authorization are used together for providing security to a system. Here is a very useful article to learn the differences between authentication and authorization. This article also explains how these two are used together for security – Authentication and Authorization. OAuth is an open standard protocol for access delegation.OAuth
  2. API gateway is an API management system that acts as an interface between a client an API. An API gateway acts as a reverse proxy to API calls. APIs are not directly called but they are published in an API gateway and the client access the API by hitting the API gateway. Enterprise applications use API gateway to provide security, limit usage and thus prevent overuse, and to monetize APIs if required. Advantage of API gateways are listed here. –  API gateways.
  3. Ideally, the best place to store these data is cookies as they get expired over time. The difference between various web storages is, the time to which they are stored in the browser, the size of data that can be stored, and the type of data that can be stored. These differences can be understood using the link – webstorages.
  4. Middlewares are functions with access to the request object ( req ), the response object ( res ), and the next middleware function in the application’s request-response cycle.Middlewares.
  5. Cross-origin resource sharing is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. CORS is the node.js package which helps in handling various CORS options. Importance of CORS and security implications can be learned using the link – CORS.
  6. Microservices are small independently deployable services that together make the application.API provides a well-defined set of protocols, routines, and rules for a system so that another system can communicate with it. An API specifies how software components should interact. Documentation on how to use the API should be available. Web service is a system that listens on a port to requests from another system in the same network/web, analyze it and provide a response. Web services are exclusive for web communication. Learn more from here – Understanding Microservices, Web services, APIs and Endpoints.
  7. Validations are important to prevent unnecessary hits to the Server from the front-end with invalid/insecure data. All inputs should be validated for the following conditions.All the validations performed in the Front-end should be repeated in the Back-end. Front-end validations just provide an additional layer of protection, better user experience, and prevent unnecessary hits to the Server from the front-end with invalid/insecure data. To make the server safe from insecure/invalid data, validations should be repeated in the Back-end too. Most used validation libraries for Node.js are express-validator and joi validator.
  8. SQL databases have schema no SQL databases do not have a schema.NoSQL database mostly stores data like JSON. DynamoDB is an example of the NoSQL database. Mysql is an SQL database. NoSQL is good for hierarchical data storage and is vertically scaled(increasing computing power). SQL databases are horizontally scaled(More machines). Differences can be leaned in detail using the link-.SQLvsNOSQL.
  9. Callbacks are functions that are provided as an argument to another function and are executed on completion of the function operation. Callbacks are important in making synchronous Javascript work asynchronously. Most Node.js APIs accept callbacks.Callbacks. 
  10. In this case, create an array,inside the loop push the promises for the asynchronous operations into the array.Use promise.all to resolve the promises together.See the promise.all documentation here. promise.all.JavaScript promise library, bluebird provide promise.each promise.each.
Some other most commonly used questions include threading of Node.js, event loop, asynchronous behavior of JavaScript with Node.js, Promises, async-await etc.
Add more topics in the comment section. If there are any mistakes/changes please comment.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *