How to become a full stack developer — Backend


Articles of the series:

A server is the one who stores the code and the Database. Web browsers or any other client software interacts with a server through a series of requests. Usually, HTTP protocol used for major part of operations.


There are two basic types of requests: POST and GET..

GET — uses URL to transfer data or parameters.

POST — send data invisibly on the background. Allows sending large data sets. Also used for authorization requests.

There are four common operations used to manage server-to-client operations. Create, Read, Update, Delete or CRUD. This scheme widely used in RESTful APIs. Read operation may function for single item request or to retrieve a list of items.

For security and stability CRUD uses additional types of requests. It divides requests preventing mistakes in operations.

  • Create — Request type: POST
  • Read — Request type: GET
  • Update — Request type: PUT
  • Delete — Request type: DELETE

Http requests consist of Headers and Body. Body is a content of the request. Headers are metadata which allows to authorize and set a variety of options for each request.


Database stores data of our application which can be changed at any given time.

There two major database type: Relational and Non-Relational. One of the popular relational databases is MySQL. One of the popular non-relational databases is MongoDB. You may investigate deeper the pros and cons of each one. Knowing principles both of types could be helpful and will add bonus points to your skills.

Authentication and security

Building web applications rises a need to divide permissions of different user type. You will not want anyone being able to manage your app. Therefore the authentication used. A user enters with his own credentials or by your external account authorized through one of APIs. Such as Facebook, Twitter, Google.

PassportJs is a helpful NodeJs module which facilitates authorization operations. It has many options and modules. Accelerating development by usage of predeveloped common schemes.

JWT — Javascript Web Token scheme used in many APIs. So it is suggested to study it. JWT allows transfer secure requests. Each request has authorization headers which are validated before revealing any data.

Mentioned above gives basic knowledge. Strongly suggested to research about most common security breaches to be aware of dangers. Small mistakes in security may become expensive in the future. Some loud examples of mistakes in security by tech giants such as Facebook, Google, Amazon, etc. you meet from time to time. Suddenly one mistake reveals thousands of personal data.


Do you remember what I was talking about in previous chapters? Yes! It is critically important to use dive in the code. Only in this way, you will gain experience and understanding of internal processes. Sometimes you may think “It’s easy”, but when you start, see many obstacles.

My advice to think about something small. An app which could’ve been making your life easier. Solve some real-life problem.

Full-stack dev — Job requirements

  • Backend: NodeJs, ExpressJs, REST API
  • Front-end: Javascript, HTML, CSS, Ajax, JSON, Angular+RxJs/React+Redux/VueJs
  • Performance and caching
  • Authentication: PassportJs, JWT
  • Tools: Git, NPM, Webpack/gulp
  • Databases: MongoDb or SQL
  • Cloud server: AWS or Heroku
  • Testing: Unit tests
  • Algorithms and Data structures
  • Design Patterns
  • Bonus points: WebSockets, additional programming language


  • Chrome dev tools
  • Code editor: Visual Studio/NetBeans
  • Heroku server. Deploy and manage
  • UML and flowchart diagrams


By this, I’m finishing a series of articles “How to become a Fullstack Developer”. Hope it was helpful and will assist in planning skills acquisition path. It is a complicated path. Tech landscape changes so quickly, therefore programming is lifelong learning. Put an effort, set clear goals and you will succeed.

Please clap if you liked the article.