Hello!
Microservices, multiplatform applications, and the creation of scalable architectures are in high demand. You may be wondering: What does this have to do with a mobile app?
If you need to have a mobile application that competes in the market and is capable of attracting public and generating traffic that later translates into conversions for your business, you need to consume and use external services.
What is an app backend
Traditionally, a backend has always been considered to go hand in hand with the frontend, that is, that once a web, a mobile application, or any other system was ready, there would not have to be constant requests to external systems. This is because they could slow down the user experience.
This is fine for systems that only intend to display static content (little or no changing static information), but when developing an advanced application with push notifications, location-based recommendations, constant interactions with the user, updated information and that is capable of reacting to external actions; This is where modern paradigms come in, the use of REST APIs and the reuse of systems that can offer data to many different applications.
Factors to consider when creating the backend of your app
In any case, the success of a backend (regardless of which application will be used later) depends mainly on its response speed. Although, other factors must be taken into account so as not to damage the basic principles of security, scalability, and stability.
Authentication and security
Today, two authentication systems are generally used: a traditional login/registration, or one that relies on the use of social networks (Google, Facebook, Twitter, etc.).
If we opt for the second option, we can rely on the infrastructure that these external systems already have, but we will not have full control of what is being saved, and the modifications depending on the needs of the business can end up being expensive. On the other hand, opting for the first option (as long as it is implemented correctly) is usually the most scalable form in the long term, since we will have total control over the data and structure.
This translates into something very concrete, widely used, and very robust: OAuth 2.0 and an authentication system based on JSON Web Tokens (JWT).
This mechanism allows us to have a scalable, fast, and secure system, but be careful: the information stored in a JWT (if no additional measures are taken) can be easily read, and, for that reason, you should never store sensitive information in them.
If you want to increase the security of this mechanism, perhaps it would be a good idea to encrypt it with some type of key that both backend and frontend knew. Although, it would have to be rotated often to avoid brute force attacks.
Scalability and speed
Although it may seem that these two concepts do not go hand in hand, it is quite the opposite. A backend that takes a long time to respond will not scale correctly. Additional measures will have to be taken on the speed to get good scalability.
The first step to achieve these objectives is the concept that the backend must be “stateless.” In each request, the necessary information must be included to be able to resolve the said request. The server does not have to save any information necessary to resolve consecutive requests.
This helps in that the requests will be resolved quickly and the processing capacity on multiple machines can be scaled up without additional configuration.
Another interesting idea would be the separation of logic in different microservices. For example: if we have a party in charge of registering a user to receive push notifications and send them, it would be interesting to separate all this logic in a microservice (even if we use cloud services such as AWS or Firebase).
In any case, all these interactions should be transparent for the application. An application would not have to know how many services a backend has behind. This is why, although there are external services, the backend should act as a “middleware” for them. In this way, any type of modification of the service or extension of this will be made transparently to the user.
Stability and future-proofing
All the aforementioned issues are very necessary if we want to be able to respond to requests from mobile applications, websites, or other platforms. But what happens when we suffer from a bug, an attack, or simply external services stop responding?
In that case, the main thing is to find out the cause of the problem, solve it and put our backend back into operation, but for this, we need monitoring tools, continuous integration, automatic deployments, and, above all, a code that will minimize the risk of the appearance of these questions.
In any case, what is clear is that a backend either for a mobile application, web or any other platform, is something that must begin with a good structure and must be designed to scale on various devices (which they don’t have to be physically located in the same location).
Also, it has to be constantly monitored to solve the problems that will appear sooner or later. App developers must put all these into consideration.
Thank you!
Join us on social networks!
See you!