• What is MERN stack?

    “MERN stack is a popular full-stack JavaScript framework used for building modern web applications. The term ‘MERN’ comes from the four technologies it comprises: MongoDB, Express.js, React.js, and Node.js.

    • MongoDB is a NoSQL database used to store data in flexible, JSON-like documents.
    • Express.js is a backend web framework that runs on Node.js and helps in building APIs and handling HTTP requests easily.
    • React.js is a frontend library for building interactive and dynamic user interfaces using components.
    • Node.js is a JavaScript runtime environment that allows running JavaScript on the server-side.

    The main advantage of the MERN stack is that all layers of the application use JavaScript, which makes development faster and more efficient. It allows developers to build scalable, maintainable, and high-performance applications from the frontend to the backend using a single language.”

  • Why MERN is popular in startups?

    • MERN uses JavaScript for both frontend and backend, so development is faster.
    • React.js allows creating interactive and dynamic user interfaces easily.
    • Node.js and Express.js make the backend lightweight and scalable.
    • MongoDB is flexible and schema-less, ideal for changing requirements.
    • It helps startups build prototypes quickly and iterate faster with fewer resources.

  • Monolith vs Microservices

    • Monolith is a single, unified application where all modules and components are tightly coupled and run as one process. Any change or update affects the entire system. It’s simpler to develop initially but can become hard to scale and maintain as the application grows.
    • Microservices is an architecture where the application is divided into small, independent services, each handling a specific functionality. Services communicate through APIs. This makes the system more scalable, easier to maintain, and allows different teams to work on services independently, though it adds complexity in deployment and communication.
    • In short, Monolith = simple but less scalable, Microservices = scalable and maintainable but more complex.

  • REST API vs GraphQL

    • REST API is an architectural style where the server exposes multiple endpoints for different resources. Each endpoint returns fixed data, and clients may need to make multiple requests to get all required data. It’s simple and widely used but can lead to over-fetching or under-fetching of data.
    • GraphQL is a query language for APIs where the client specifies exactly what data it needs in a single request. This reduces over-fetching and under-fetching, allows more flexibility, and can improve performance, though it’s slightly more complex to set up compared to REST.
    • In short, REST = simpler, multiple endpoints, GraphQL = flexible, single query, precise data fetching.

  • What is API?

    An API, or Application Programming Interface, is a set of rules and protocols that allows different software applications to communicate with each other. It defines how requests and responses should be made, so one application can use the functionality or data of another without knowing its internal code. Essentially, an API acts as a bridge between systems, enabling integration and interaction between different software components.

  • HTTP vs HTTPS

    • HTTP (HyperText Transfer Protocol) is used to transfer data between a client and a server in plain text. It’s faster but not secure, so data can be intercepted by attackers.
    • HTTPS (HyperText Transfer Protocol Secure) adds a layer of encryption using SSL/TLS, making the data transfer secure and protecting sensitive information like passwords or payment details.
    • In short, HTTP = fast but insecure, HTTPS = secure and encrypted.

  • What is CORS and why it happens?

    CORS, or Cross-Origin Resource Sharing, is a security mechanism in browsers that restricts web pages from making requests to a different domain than the one that served the page. It happens because browsers enforce the same-origin policy to prevent malicious websites from accessing sensitive data from another site.

    CORS occurs when a frontend on one origin (like http://localhost:3000) tries to request resources from a backend on a different origin (like http://localhost:5000). To allow this, the server must include specific CORS headers in its response, telling the browser that the cross-origin request is permitted.

  • What is JWT and how it works?

    JWT, or JSON Web Token, is a secure way to transmit information between a client and a server as a JSON object. It’s commonly used for authentication and authorization.

    When a user logs in, the server generates a JWT containing user information and signs it with a secret key. This token is sent to the client, which stores it (usually in local storage or cookies). For subsequent requests, the client sends the token in the request header. The server verifies the token’s signature to ensure it’s valid and grants access to protected resources.

    In short, JWT allows stateless authentication, meaning the server doesn’t need to store session information, and the token itself carries the necessary user identity and permissions securely.

  • Session vs Token authentication

    • Session Authentication: User login info is stored on the server. After login, the server creates a session and sends a session ID to the client (usually in cookies). Every request is checked against the server’s session store. Simple to implement but harder to scale for large or distributed systems.
    • Token Authentication: User info is stored in a token (like JWT) sent to the client after login. The client sends this token with each request, and the server verifies it without storing any session data. It’s stateless, scalable, and works well with mobile apps or APIs.
    • Key difference: Sessions are stateful (server keeps track), tokens are stateless (client carries info).

  • OAuth basics

    OAuth is an authorization framework that allows an application to access a user’s resources on another service without sharing the user’s credentials. It works by letting the user grant limited access through tokens.

    For example, when you use “Login with Google” on a website, OAuth allows that website to access certain Google account data (like email) without knowing your password. The process involves the client (app), authorization server, and resource server, where the client requests permission, the user authorizes, and the server issues an access token for secure access.

    In short, OAuth provides secure, token-based access to user data without exposing credentials.

  • How would you build an MVP quickly?

    To build an MVP quickly, I would focus on the core features only that solve the main user problem, avoiding extra functionalities. I’d follow these steps:

    1. Identify the core problem the product is solving and the essential features needed.
    2. Choose the right tech stack that allows fast development and easy iteration, like MERN for web apps.
    3. Design a simple UI/UX—just enough for users to interact with the product.
    4. Develop backend and frontend concurrently, using ready-made libraries or frameworks to speed up work.
    5. Test the MVP internally for functionality and basic usability.
    6. Launch to a small group of users to gather feedback quickly.
    7. Iterate based on feedback, improving features that matter most.

    The key is to deliver value fast, validate assumptions, and iterate rather than building a full-featured product from the start.

  • Tech choices for startup scalability

    For startup scalability, I would choose technologies that are flexible, widely supported, and easy to scale:

    • Frontend: React.js or Vue.js for fast, dynamic, component-based UI development.
    • Backend: Node.js with Express.js or Spring Boot for efficient, scalable server-side processing.
    • Database: MongoDB for flexible, schema-less data or PostgreSQL/MySQL for relational data with strong consistency.
    • API: REST or GraphQL depending on data needs—GraphQL reduces over-fetching for complex data.
    • Hosting & Deployment: Cloud platforms like AWS, Azure, or Render for auto-scaling and reliability.
    • Authentication: JWT or OAuth for secure, stateless authentication.
    • Caching & Queueing: Redis or RabbitMQ to handle high traffic and asynchronous tasks efficiently.

    The goal is to use technologies that grow with your user base, allow quick iteration, and keep development fast and maintainable.

  • How do you handle rapid requirement changes?

    I handle rapid requirement changes by staying flexible and organized. First, I make sure requirements are clearly documented and prioritized, so I know what’s essential. I follow an iterative approach, breaking tasks into small, manageable pieces that can be updated quickly. I also maintain clean, modular code, which makes changes easier without affecting other parts of the system. Communication is key—I regularly sync with stakeholders to understand the changes and adjust the plan. Finally, I focus on delivering the core functionality first and iterating based on feedback, which ensures the project stays on track despite frequent updates.

  • How to prioritize features?

    To prioritize features, I look at:

    • User Value: Which features solve the main user problems or provide the most benefit.
    • Business Impact: Features that help achieve key business goals or revenue quickly.
    • Effort & Resources: How much time and resources each feature will take; low-effort, high-impact features go first.
    • Dependencies: Features that other parts of the system depend on are prioritized earlier.
    • Feedback & Data: Inputs from users or analytics that show what’s needed most.

  • How to reduce development cost?

    To reduce development cost, I focus on:

    • Prioritizing core features first, building only what’s essential for the MVP.
    • Using open-source tools and frameworks like MERN stack, which reduces licensing costs.
    • Reusing existing components or libraries instead of building everything from scratch.
    • Following agile development to iterate quickly and avoid wasted effort on unnecessary features.
    • Automating repetitive tasks like testing, deployment, and CI/CD pipelines.
    • Keeping the architecture simple and modular, so future changes or scaling don’t require major rewrites.

    This approach helps deliver a functional product efficiently while saving both time and money.

  • How to optimize performance early?

  • How to handle user feedback?

  • How to deploy fast?

  • CI/CD basics

  • How to handle production bugs?