Fris
Posted on September 3, 2018
Chosing the language:
If you're already familiar with a particular language then just go with it, but what i recommend is Go, because Go was built for this purpose and you don't need any framework when using Go.
Other language you can use:
- PHP (Laravel/Symfony/Zend)
- Java/Kotlin (Play/Spring)
- Ruby (Ruby on rails)
- Python (Django)
- Javascript (Node.js)
- C# (.NET)
Database:
There are multipule choice, i recommend maria-db which is basically mysql but whatever you chose, don't use SQLite3 for this purpose because you'll find yourself trapped when you want to host your back-end in multiple servers.
To manipulate it there are two choices, Whether you use an ORM (i recommend GORM for Go) or raw sql which is faster but harder for beginners.
Security:
If you're planning to do explicit stuff like editing database or returning private data, you should use a private key that is passed throw header. Examples of errors that beginners usually do:
1)
When making the "forget password" request, never return the key to front-end and just store it in the database.
2)
When making the "login" request, make the front-end send the email/username and password to the back-end and in the back-end check if the user has made too many login attempts and then return as less informations as possible if the login is wrong.
3)
Use jwt. It's super important to check if the token is right or not when manipulating the logged-in user's data.
Data:
It's important to return a data that can be read by the front-end, most used are JSON (recommended) and YAML.
But you can simply all this query stuff for the user and the owner by using a query language like GraphQL which is trusted by many entreprises.
Contribution:
Make you sure to give advices in the comments too!
Posted on September 3, 2018
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.
Related
November 20, 2024