Basic Interaction Between Frontend and Backend

1. Basic Interaction Between Frontend and Backend

At the core of frontend and backend interaction is the exchange of HTTP requests and responses. Typically, data is exchanged through the following flow:

Basic Flow:

The frontend triggers a request to the server based on user actions (e.g., form submission or button click).
The backend receives the request, retrieves necessary information from the database, or processes the request.
The backend sends the result back as a response.
The frontend displays the received data on the screen.

This request-response exchange often uses JSON format.

2. API Design

An API (Application Programming Interface) is the interface that handles data communication between the frontend and backend. Typically, REST APIs or GraphQL are used.

Basics of REST API:

Endpoint: The URL provided by the backend (e.g., /api/users)
HTTP Methods: Indicate the operation to be performed (e.g., GET, POST, PUT, DELETE)
- GET: Retrieve data
- POST: Create new data
- PUT: Update existing data
- DELETE: Remove data
Request Parameters: Data sent from the frontend (e.g., query parameters or JSON in the body)

REST APIs handle resources via endpoints, allowing for a simple and scalable design. In cases where multiple data types need to be fetched simultaneously, GraphQL can be more convenient, allowing for multiple resources to be retrieved with a single query.

3. Basics of Data Exchange

When exchanging data between the frontend and backend, JSON or XML is commonly used as the data format. In recent years, lightweight JSON has become the standard.

Example: Request from Frontend to Backend

javascript
fetch('https://api.example.com/data', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    name: 'John Doe',
    age: 30
  })
})
.then(response => response.json())
.then(data => console.log(data));

Example Response from Backend to Frontend (in JSON format)

json
{
  "status": "success",
  "message": "Data received successfully",
  "data": {
    "name": "John Doe",
    "age": 30
  }
}

4. Security Considerations

Security is a key concern when exchanging data between the frontend and backend. Here are some basic security points to consider:

1. Authentication and Authorization

When accessing the backend, API requests often require authentication. Typically, JWT (JSON Web Token) or OAuth is used to verify that the user has the appropriate permissions.

2. Using HTTPS

Always use HTTPS to encrypt communication. Plain HTTP sends data in plaintext, which makes it vulnerable to eavesdropping and tampering by third parties.

3. CORS (Cross-Origin Resource Sharing)

The backend can impose security restrictions on requests from different origins (domains). This is controlled by CORS, which ensures that only specific origins are allowed to access the resources.

4. Input Validation

Data received from the frontend must be validated for safety. To prevent attacks like SQL injection and cross-site scripting (XSS), always sanitize the incoming data.

Conclusion

The interaction between frontend and backend forms the fundamental structure of a web application. Through APIs, data exchange and processing can be performed efficiently, and security measures must be taken into account. By understanding these basics, smooth system design and secure data communication can be achieved.