5

Been thinking about taking up server-side programming (I'm mobile).

Any tips?

Should I go with something like node.js, which I'm a bit familiar with and is quite popular or should I try another language/platform? Maybe Rust (given it's similar to Swift) or even Swift itself.

Any good resources (tutorials, guides, etc.) would be much appreciated, especially if they focus on security.

Cheers!

Comments
  • 1
    Nodejs

    #bias
  • 2
    Interesting question. I know it's super cliche, but I say go with whatever you're most comfortable with if it'll get the job done. I don't know much about Swift on the server side but if it accomplishes what you're looking to do then it's fine.

    If you're looking for more marketable backend skills, then node could be a good choice but there really is a wide variety of languages used all over.

    Is there a specific type of system you're trying to develop? That might be useful for narrowing.
  • 3
    For security - there's language specific stuff but there's also a pretty standard set of rules across backend development, ex. never trust user input and always sanitize it, clean values throughly before outputting them on webpages, check for ownership when processing user actions, etc.
  • 1
    I would love to go with Swift (or Rust for that matter) for simplicity sake. But the two haven't been around for too long and frameworks may not have been battle tested yet. (I mean, the Swift compiler crashes if you start using [the perfectly legal] generics, ffs!)

    Node on the other hand is JS, which I'm comfortable with.
  • 2
    I'm looking forward to building a sort of generic CRUD-style API to power my apps and give me more freedom. However, I'm a bit concerned about the unknowns in security. For instance: I find a few tutorials, follow best practices and launch my great API. But still, users' data have been compromised because "a-ha, you forgot to run that very cryptic command on your server and your node setup is wide open, you lame developer".
  • 2
    Good points. I think it's a good sign right off the bat though that you are paying a lot of attention to security. My guess is that there's enough good articles on securing a node.js setup by now so the actual stack has a smaller chance of being exploitable than the actual API. Because even decently experienced API developers have lapses. I think it comes down to learning how to secure the API code you write but it sounds like you'll think carefully about it.
  • 2
    And when it comes to writing the API securely, like I mentioned earlier there are a few main things you want to look at. Ownership/user permissions is a concept that sometimes appears to be simple but it's easy to slip up. Ex. User makes request to delete a piece of content, and the user credentials are valid and so is the id of the piece of content, but a check is needed to make sure that user actually owns the content they are trying to delete.
  • 1
    Fair enough, good sir.

    Carefully crafted node it is!

    Thank you.
  • 1
    How are your database skills and knowledge? Are your current apps utilizing back-end databases? Are you familiar with relational and/or graph databases?
  • 3
    I understand both relational and NoSQL databases. Haven't touched Graph yet. I know redis a bit and MongoDB.
  • 1
    It just depends on what you want to do with your career too. I personally learned a language that is easy to pick up (it had training wheels) and in a lot of demand with corporations and goverment.
  • 2
    I know MEAN stack is all the rage right now but if you wanna make some cash learn .NET or Java spring. Both have a lot of documentation and free tutorials and you can get an app running in less than 30 minutes with either. I prefer C# and visual studio over Java and eclipse but that's just me 😆
  • 1
    I've had a whiff of .NET and it's pretty powerful. Plus Swift is not that far off from C# now.

    BUT, I'm on the Mac and I don't suppose you can unleash all .NET's potential on Visual Studio Code. I could install Windows on Bootcamp or a VM, but that would mean if have to buy it (another cost on top of infrastructure providers).

    I have this weird policy by which the ~free version~ of some piece of software if I'm living off of making software myself.
  • 1
    I agree nice market for .NET. Currently evaluating some expensive .NET vendor solutions ($40k U.S. per year).

    I believe FORCE will also continue to have strong demand. Built for SalesForce platform which is growing. They just took a huge location in NY.
  • 1
    If you are really serious about .NET maybe buy a laptop. You can get good prices. Maybe your company can pay for it. Probably pay off in the long run.
  • 1
    I think I'll give node a go for now. At least I can play with it locally with no extra cost.

    Appreciate the insights though!
  • 0
    Node + MongoDB all the way.
Add Comment