Vault 📚

1.Backend_overview

3 min read

What is Backend and how it works?

  • Backend is a computer which is listning for HTTP, websockets, GRPC or any other kind of requests through an open port which is accessible over the internet. so the client and other frontends connects to it, send data or receving data depends on the kind of requests and we call it server because it serves some kind of contents.

  • The backend talks to clients through:

    • HTTPs APIs (most common REST or GraphQL)
    • Websockets (for realtime communications)
    • GRPC (Binary Protocol for high-performance microservices communications)
    • Message Queues (RabbitMQ, Kafka, SQS for async jobs)

  • Generally, a s/w applications has two parts: Frontend and Backend. The backend consist of a server logic, database and APIs. It processes user requests, applied logic, retrive data and ensure security. The frontend communicates with the backend through APIs, the backend is essentials for dynamic, data driven applications.

Why we don't put all the backend logic in frontend?

  • we dont put all functionality and BD logic in frontend because it would lead to security risks, performance issues and data inconsistency. the frontend runs on the user device, meaning any sensitive logic, authentications, payment or DB operations would be exposed and vulnerable.
  • Storing large amounts of data in frontend would also down performance, making application inefficient. if multiple users interact with shared data then there wouldn’t be a centralized control which leading to inconsistency.
  1. Security: Because the security of browsers are so restrictive & often times a backend needs to access underlying file systems weather it write a log file or access enviorment variables & browser wont allow that, it is a huge restrictions for a backedn system.
  2. CORS: By default, browsers block requests made from one domain to another unless the target server explicitly allows it using CORS headers. If you tried to connect directly from the frontend to multiple third-party services, many requests would fail because of these restrictions.
  • The backend solves this problem by acting as a trusted middle layer—your frontend always talks to your backend (same origin), and then the backend securely communicates with external APIs on behalf of the frontend.

  1. Database: Databases require credentials (username, password, connection strings) to access them. If these were stored in frontend code, anyone could open the browser dev tools, see the connection info, and misuse it—leading to data leaks, corruption, or even deletion.

    • Also, direct access means every user would bypass your business logic and validation rules, leading to inconsistent and insecure data.
    • That’s why the backend sits in between: it holds the database credentials securely (in environment variables), validates incoming requests, applies business rules, and then performs database operations safely.

  2. Centralized Data Management: If each user’s device handled data directly, there would be no single source of truth. Shared resources like databases need a central authority (backend) to maintain consistency.

Graph View