Mind~G
NodeJs

Interview Questions

1. Explain what is HTTP request is and list the common HTTP methods?

An HTTP(Hypertext Transfer Protocol) request is a message sent by a web browser or app to a server to ask for data or perform an action.

Common HTTP methods are:

GET – Get data from the server

POST – Send data to the server

PUT – Update existing data

DELETE – Remove data

PATCH – Partly update data

2. Explain the difference between authantication and authorization with a simpla example.

Authentication - means checking who you are.

Authorization - means checking what you can do.

Example:

When you log in to a website with your username and password — that’s authentication.

When the website lets you access your profile but not the admin page — that’s authorization.

3. What's the purpose of middleware in a backend application, and how might you use it?

Middleware is code that runs between a request and a response in a backend app. It helps handle common tasks.

Purpose:

Check or change requests before they reach main logic.

Add extra features like logging, authentication, or error handling.

Example: In Express.js, you can use middleware to check if a user is logged in before letting them access certain routes.

4. How would you prevent a backend API from crashing if a database connection fails?

To prevent a backend API from crashing when the database fails:

  • Use try-catch blocks – Catch database errors and handle them safely.
  • Show error messages – Send a clear error response instead of stopping the app.
  • Use connection retries – Try to reconnect to the database automatically.
  • Check connection on startup – Make sure the database is working before handling requests.
  • Log errors – Save error details for debugging without breaking the app.

5. What is the difference between threading and concurrency?

Threading means using multiple threads to do tasks at the same time within one program.

Concurrency means a system can handle many tasks at once, but not always running at the same exact time it switches between them quickly.

Example

  • When a Node.js server reads a file and makes a database call at the same time, it doesn’t wait it handles both “concurrently” using async functions.
  • Threading means running tasks in parallel on separate CPU threads. Node.js can do this using Worker Threads for CPU-heavy tasks like image processing or calculations.

6. What is Caching and How It Improves Performance

Caching means storing data in ram memory for quick access. When the same data is needed again, Node.js can read it from cache instead of asking the database or API again.

  • It reduces time and CPU work.
  • Your app becomes faster and handles more users easily.

7. Difference Between process.nextTick, setImmediate, and setTimeout

FunctionWhen it runs
process.nextTick()Runs after current function but before next event loop
setImmediate()Runs after I/O events in the next event loop
setTimeout(fn, 0)Runs after a small delay (timers phase)

Example:

console.log("Start");
 
process.nextTick(() => console.log("nextTick"));
setImmediate(() => console.log("setImmediate"));
setTimeout(() => console.log("setTimeout"), 0);
 
console.log("End");

Output:

Start
End
nextTick
setTimeout
setImmediate

nextTick -> Before I/O

setImmediate -> After I/O

setTimeout -> After Timer

8. How Garbage Collection Works in Node.js

Garbage Collection (GC) removes objects from memory that are no longer used.

Node.js uses the V8 engine for this.

How it works:

V8 marks objects that can still be reached.

If an object cannot be reached anymore, GC deletes it from memory.

Example:

let user = { name: "Tom" };
user = null; // old object can be removed by GC
Memory:
[user] ---> reachable --> keep
[old data] ---> no reference --> delete by GC

9. How Streams Work in Node.js and When to Use Them

Streams let you read or write data piece by piece instead of all at once.

Useful for big files or network data.

Types of streams:

  • Readable (read data)
  • Writable (write data)
  • Duplex (both)
  • Transform (change data while reading or writing)
File -----> [Chunk1][Chunk2][Chunk3] -----> Console

When to use:

  • Reading large files
  • Sending data to client in parts (like video streaming)

10. Purpose of Cluster Module and How It Handles Scaling

By default, Node.js runs in one CPU core.

The cluster module lets you use all CPU cores to handle more users.

How it works:

  • Cluster creates multiple worker processes.
  • Each worker runs your app code.
  • The main process (master) balances requests between workers.
        +-----------+
        |  Master   |
        +-----------+
         /    |    \
 Worker1 Worker2 Worker3 ...
   |        |        |
 handle   handle   handle
 request  request  request

Your app uses all cores → better performance and faster response.

11. How Would You Handle a Memory Leak in a Node.js Application

A memory leak happens when your app keeps using memory and never frees it.

This can make your app slow or crash.

Steps to fix:

  • Use tools like process.memoryUsage() or Chrome DevTools to check memory.
  • Look for unused variables or global objects.
  • Restart the app using a tool like PM2 if memory grows too high.
Memory Leak:
[Old Data] -> not deleted -> memory full -> crash

12. How Do You Optimize a High-Throughput API Built with Node.js

High-throughput means many requests per second.

You want to make your API fast and handle many users.

Methods:

  • Use caching (in-memory or Redis).
  • Use async I/O instead of blocking code.
  • Use connection pooling for databases.
  • Use pagination and limit heavy data.
Client --> Load Balancer --> Cluster Workers --> DB (with cache)

13. How Would You Monitor and Profile a Node.js Application in Production

Monitoring means watching app performance.

Profiling means finding which part of code is slow.

Tools:

  • PM2 – shows CPU, memory, restart app if crash.
  • Use console.time() and console.timeEnd() for simple code timing.

14. Ways to Prevent Blocking the Event Loop

The event loop lets Node.js handle many users at once.

Blocking means a long task stops other requests.

How to prevent:

  • Avoid heavy loops or CPU work in main thread.
  • Use async functions for I/O tasks.
  • Move CPU work to Worker Threads.
  • Use streaming for big files.
  • Break large loops using setImmediate().
Without Worker:
[Main Loop] --> long job --> block requests
 
With Worker:
[Main Loop] --> send job to worker --> keep serving

15. What Security Risks Does eval() Pose in a Node.js App

eval() runs any JavaScript code given to it as a string.

If that string comes from a user, the attacker can run their own code on your server.

Example

const input = "console.log(process.env)";
eval(input); // user can access secret info

Risks:

  • Attacker can read or delete files.
  • Can access database or tokens.
  • Hard to control or debug.

Safe alternative:

  • Never use eval() for user input.
  • Use JSON parsing or real functions instead.
eval("bad code") --> Executes attacker code --> Security breach

Previous

Cluster

Next

Design Requirements

On this page

1. Explain what is HTTP request is and list the common HTTP methods?2. Explain the difference between authantication and authorization with a simpla example.3. What's the purpose of middleware in a backend application, and how might you use it?4. How would you prevent a backend API from crashing if a database connection fails?5. What is the difference between threading and concurrency?6. What is Caching and How It Improves Performance7. Difference Between process.nextTick, setImmediate, and setTimeout8. How Garbage Collection Works in Node.js9. How Streams Work in Node.js and When to Use Them10. Purpose of Cluster Module and How It Handles Scaling11. How Would You Handle a Memory Leak in a Node.js Application12. How Do You Optimize a High-Throughput API Built with Node.js13. How Would You Monitor and Profile a Node.js Application in Production14. Ways to Prevent Blocking the Event Loop15. What Security Risks Does eval() Pose in a Node.js App