What is the backend in web development?

The backend runs server-side code, stores data, processes requests, and exposes API endpoints for the frontend and other services.

How do requests flow from frontend to backend?

The frontend sends HTTP requests to routes/endpoints; the backend handles the request, may query a database or call external APIs, and returns a response.

How should I keep API keys safe?

Never hard-code keys in source code; use .env files or secret managers and configure CORS and access controls to limit exposure.

backend

Scanned

npx machina-cli add skill DojoCodingLabs/code-sensei/backend --openclaw

Files (1)

SKILL.md

2.9 KB

Backend Development — CodeSensei Teaching Module

What is a Backend?

Analogy: If your website is a restaurant, the frontend is the dining room (what customers see) and the backend is the kitchen (where the real work happens). The backend stores data, processes requests, handles logins, and talks to databases.
Key insight: The backend runs on a SERVER (a computer somewhere in the cloud), not in the user's browser.

Servers

Analogy: A server is like a receptionist. It sits there waiting for requests ("I want to see the homepage" or "save this form data"), then responds appropriately.
Express.js is the most common server framework in vibecoded projects. It's like a template for building that receptionist — you tell it "when someone asks for X, do Y."

Routes / Endpoints

Analogy: Routes are like departments in a company. /api/users is the Users department. /api/products is Products. Each one handles specific requests.
HTTP Methods (the verbs):
- GET — "Give me data" (reading)
- POST — "Here's new data, save it" (creating)
- PUT/PATCH — "Update this existing data" (editing)
- DELETE — "Remove this data" (deleting)
Quiz: "If someone fills out a signup form, which HTTP method sends their data to the server?"

APIs (Application Programming Interfaces)

Analogy: An API is a menu at a restaurant. It lists what you can order (available requests), what you need to provide (required data), and what you'll get back (the response). You don't need to know HOW the kitchen cooks it — you just order from the menu.
REST API — the most common style. Uses URLs as addresses and HTTP methods as actions.
Key insight: APIs are how different programs talk to each other. Your frontend talks to your backend via an API. Your backend might talk to Stripe's API for payments or Google's API for maps.

Request & Response Cycle

User clicks "Submit"
    ↓
Frontend sends HTTP request to backend
    ↓
Backend receives request, processes it
    ↓
Backend talks to database if needed
    ↓
Backend sends response back
    ↓
Frontend displays the result

Middleware

Analogy: Security checkpoints before entering a building. Before a request reaches its destination (route), it passes through middleware that can check if you're logged in, log the visit, parse the data, etc.
Common middleware: Authentication check, request body parser, error handler, CORS

Environment & Security

API Keys — passwords for using external services. NEVER put them in your code directly.
.env files — where secrets live, read by the server but never sent to users
CORS — browser security that prevents random websites from accessing your API

Source

git clone https://github.com/DojoCodingLabs/code-sensei/blob/main/skills/backend/SKILL.mdView on GitHub

Overview

Backend Development enables servers to store data, process requests, handle logins, and talk to databases. This skill trains you to design and implement server-side code, API routes, and handlers (e.g., Express, Fastify, or Next.js API routes) that power apps. Understanding the backend is essential for robust, secure, and scalable web applications.

How This Skill Works

Requests flow from the frontend to the backend: a client hits a route using HTTP methods (GET, POST, PUT/PATCH, DELETE); the server runs route handlers, often via middleware for auth, parsing, or error handling. It may read/write data from a database or call external APIs to fulfill the request.

When to Use It

Building a REST API for a web app
Implementing user authentication and session management
Creating CRUD endpoints for resources like users or products
Integrating with external services (payments, maps) via APIs
Securing APIs with environment variables and proper CORS

Quick Start

Step 1: Set up a Node.js project, install Express, and create a simple server with a /api/ping route
Step 2: Add a /api/users resource with GET and POST and wire a basic in-memory store
Step 3: Add JSON parsing middleware, error handling, and an example .env variable you reference in code (not exposed)

Best Practices

Start with a clear routing structure using a server framework like Express or Fastify
Use proper HTTP methods for CRUD operations (GET, POST, PUT/PATCH, DELETE)
Incorporate middleware for authentication, body parsing, error handling, and CORS
Keep secrets out of code with .env files and secure secret management
Validate inputs and add robust error handling and logging for observability

Example Use Cases

Build a REST API for a user resource with GET/POST/PUT/DELETE endpoints
Add authentication middleware to protect routes and manage sessions
Create product endpoints and connect them to a database
Integrate with a payment API (e.g., Stripe) or a maps API from the backend
Deploy an Express-based API server or Next.js API routes to production

Frequently Asked Questions

Add this skill to your agents