Siksha Sarovar

Siksha Sarovar (sikshasarovar.com) is a free educational web application that helps students in India learn programming and prepare for academic and competitive exams. The platform offers structured coding courses (C, C++, Python, Java, HTML, CSS, PHP, Power BI, AI, Machine Learning, Data Science), complete university curriculum notes for BCA/MCA students with previous year question papers, Class 10 and Class 12 CBSE/HBSE school notes, and dedicated preparation material for SSC, UPSC, Banking, Railway and other government exams. Browsing the site is completely free and requires no account. Users may optionally sign in with Google solely to save their learning progress, quiz scores and personal preferences across devices.

Privacy Policy | Terms of Service | Contact Siksha Sarovar | About Siksha Sarovar

v4.0.9 · PWA
Siksha Sarovar logo
Siksha Sarovar
Your Learning Universe

Siksha Sarovar is a free e-learning platform for coding courses, BCA university notes and competitive exam preparation. Optional Google sign-in saves your learning progress across devices.

Initializing knowledge base…
Compiling modules 0%

1. Major Components of Backend Development

Lesson 1 of 23 in the free Backend Development notes on Siksha Sarovar, written by Rohit Jangra.

What is Backend Development?

Backend development is the server-side of a web application — everything the user does not see directly but relies upon for data, business logic, authentication, and communication. While the frontend (React, HTML/CSS/JS) is what users interact with in the browser, the backend powers every action: validating inputs, querying databases, enforcing security rules, and returning responses.

Think of a food-delivery app like Swiggy or Zomato. When you place an order, the backend checks restaurant availability, calculates delivery time, processes your payment securely, updates the order status in real time, and notifies both the restaurant and the delivery partner — all within milliseconds, all invisible to you.

---

Major Components of a Backend System

1. Web Server / Application Server

The server receives HTTP requests from clients and returns HTTP responses. In the MERN stack, Node.js provides the JavaScript runtime and Express.js is the framework that defines routes, handles middleware, and manages the request-response flow. Other popular choices include Fastify (schema-based, fast), Koa (minimalist, async-first), and NestJS (TypeScript-first with decorators).

2. Database

Stores all persistent data — user accounts, products, orders, messages, analytics. MongoDB is a NoSQL document database storing data as JSON-like BSON documents. Alternatives: PostgreSQL (relational, ACID-compliant), MySQL (widely adopted), Redis (in-memory, used for caching).

3. API (Application Programming Interface)

An API defines the communication contract between frontend and backend. REST APIs use HTTP verbs (GET, POST, PUT, PATCH, DELETE) with resource URLs like /api/users or /api/products/:id. GraphQL lets the client query exactly the data it needs.

FeatureRESTGraphQL
Data fetchingFixed endpoints, fixed shapeClient queries only needed fields
OverfetchingCommonEliminated by design
Multiple resourcesMultiple round tripsSingle query
Learning curveLowMedium
VersioningURL-based (/v1, /v2)Schema deprecation

4. Authentication and Authorization

Authentication verifies who the user is (login, signup). Authorization verifies what they can do (admin vs user). Common implementations: JWT for stateless auth, sessions for server-side storage, OAuth 2.0 for third-party logins (Google, GitHub).

5. Caching

Caching stores frequently accessed or expensive-to-compute data in fast memory to reduce database load. Redis is the industry standard — key-value pairs in memory with optional TTL. Use cases: user sessions, popular product listings, OTPs with 10-minute expiry, rate-limit counters.

6. Message Queues

Queues handle async tasks that must not block the request-response cycle: sending emails after signup, resizing uploaded images, sending SMS, generating PDF reports. Popular solutions: Bull (Node.js, Redis-backed), RabbitMQ, Apache Kafka. The main server pushes jobs; worker processes consume them.

7. File Storage

Files (images, videos, documents) must NOT be stored in the database or on the application server. Use cloud storage: Cloudinary (images and videos with transformations), AWS S3 (general object storage), Firebase Storage. The backend uploads the file, receives a URL, and stores only the URL in the database.

---

The MERN Stack

MongoDB → Express.js → React.js → Node.js

LayerTechnologyRole
RuntimeNode.jsExecute JavaScript on the server
FrameworkExpress.jsRouting, middleware, HTTP handling
DatabaseMongoDBPersistent JSON-like document storage
ODMMongooseSchema validation and query building
FrontendReact.jsUser interface and state management
HTTP ClientAxios / FetchFrontend-to-backend communication

---

The Request-Response Cycle

  1. User clicks "Login" in the React frontend
  2. React sends POST /api/auth/login with { email, password } in the request body
  3. Request travels over the internet to your server (via Nginx reverse proxy on port 80/443)
  4. Express router matches /api/auth/login to the login controller function
  5. Controller validates inputs, queries MongoDB for the user document by email
  6. Compares the submitted password to the stored bcrypt hash using bcrypt.compare()
  7. On success: generates JWT access token (15 min expiry) + refresh token (7 days)
  8. Sends 200 OK response with { accessToken, refreshToken, user: { id, email, name } }
  9. React stores the token and redirects the user to the dashboard

---

Environment Variables

Sensitive values — DB passwords, JWT secrets, API keys — must never be hardcoded in source code. Store them in a .env file and load with the dotenv package:

MONGODB_URI=mongodb+srv://user:pass@cluster.mongodb.net/myapp
JWT_SECRET=your_super_secret_key
JWT_REFRESH_SECRET=another_refresh_secret
PORT=5000
CLOUDINARY_CLOUD_NAME=mycloud
NODE_ENV=development
Never commit .env to Git. Add it to .gitignore before the first commit. Once a secret is pushed to GitHub, treat it as compromised and rotate it immediately.
Commit a .env.example file with placeholder values. Other developers cloning your repo will know exactly which variables to configure.

---

Backend Engineering Roles in Production Companies

RoleResponsibility
Backend DeveloperAPI design, business logic, database queries
DevOps EngineerDeployment pipelines, CI/CD, server management
Database AdministratorSchema optimisation, query performance, backups
Security EngineerAuth flows, vulnerability assessment
Solutions ArchitectSystem design, technology decisions, scalability
Full-Stack DeveloperBoth frontend and backend responsibilities

Understanding all these components gives you the complete mental model of how production applications work. As you progress through this course, you will implement every component — authentication, file uploads, caching patterns, and more — while building a complete YouTube-like backend.