The BEST Node.js Backend Tutorial You'll Ever Need (Full Project + Clean Code) Quiz

Explore the core principles of clean Node.js backend development with practical scenarios covering authentication, database operations, emailing, payment, and real-time features.

1. User Authentication with JWT

   Which of the following best describes the process for securely registering a user and issuing a login token in a Node.js API?

   1. Save the password in plain text and issue a token only during registration
   2. Compare the email only; passwords do not need hashing or checking
   3. Hash the password, save the user, then issue a JWT upon successful login
   4. Assign a random token without verifying credentials

   Explanation: The correct practice is to hash the user's password before saving and issue a signed JWT upon successful login for session management. Storing passwords in plain text is insecure. Only checking email ignores password validation, and issuing tokens without credential checks creates security risks.

2. CRUD Operations in Node.js

   What is the main purpose of using model methods like 'create', 'find', 'findByIdAndUpdate', and 'findByIdAndDelete' in backend CRUD routes?

   1. They automatically validate user input without extra code
   2. They encrypt database records automatically
   3. They interact with the database to perform create, read, update, and delete operations
   4. They render frontend interfaces directly from the backend

   Explanation: These model methods execute database operations vital for CRUD functionality. Rendering frontend interfaces is unrelated. User input validation requires additional logic, and these methods do not handle data encryption by default.

3. Sending Emails with NodeMailer

   Which setup is required to send an email using Node.js and a common email-sending library?

   1. Configure a transporter with email credentials, then use sendMail with recipient, subject, and message
   2. Store outgoing emails in an array and process them later
   3. Set up a server route that responds with a confirmation message only
   4. Hash email content before sending to protect data

   Explanation: A transporter must be configured with email credentials to connect and send messages using functions like sendMail. Simply storing emails or only confirming receipt does not send email. Hashing content is unnecessary unless securing sensitive information.

4. Integrating Payments using Stripe

   When building a payment endpoint in Node.js, what vital step is necessary to create a secure payment intent?

   1. Use environment variables only for non-sensitive data
   2. Generate a random payment token on the frontend
   3. Initialize the payment provider client with a secret key and call the API to create a payment intent
   4. Store card details in the database before processing

   Explanation: Secure payment processing requires initializing the payment provider's client (like Stripe) with a private key and requesting an intent from their API. Card details should not be stored directly, sensitive keys should be kept safe, and token generation should be handled by the provider.

5. Real-time Communication with Socket.io

   How does a basic chat server using WebSockets in Node.js broadcast messages to all connected clients?

   1. It listens for a message event, then emits the message to all clients using the receive-message event
   2. It logs messages to the server console only
   3. It sends messages back only to the sender
   4. It writes each message to a file for retrieval

   Explanation: Broadcasting in real-time chat involves listening for incoming message events and emitting them to all connected clients with a new event. Logging, file writing, or sending back just to the sender do not distribute messages to other users.