DEV Community: Ilyas Abdisalam

The Future of Backend Development: How AI, Edge Computing, and Serverless Are Reshaping the Modern API Stack

Ilyas Abdisalam — Sat, 08 Nov 2025 17:00:31 +0000

1. Introduction: The New Era of Backend Development

Backend development has evolved through several defining stages. In the early days, most applications were built on monolithic servers—large, tightly coupled systems that handled everything from business logic to database management in one place. As projects grew more complex, developers shifted toward microservices, splitting applications into smaller, independent components that could be developed and deployed separately. This change improved scalability and made teams more agile. The next big leap came with cloud functions and serverless architectures, where developers could deploy individual functions on-demand without worrying about server maintenance or scaling.

Now, a new transformation is underway. With artificial intelligence reshaping how systems operate, one question stands out:

What’s next for backend developers in the AI-driven era?

2. AI in the Backend: From Automation to Smart APIs

Discuss how generative AI is changing backend design:

Auto-documentation (e.g., Swagger generated via AI).
Code assistants (GitHub Copilot, ChatGPT o1 models) reducing boilerplate.
AI middleware: smart recommendation APIs, real-time personalization, etc.

Example: an Express middleware that uses an AI model to classify incoming requests (e.g., spam detection or fraud scoring).

3. Serverless Computing: From Deployment to Automation

Explain how developers now skip full-stack setup and use:

AWS Lambda, Google Cloud Functions, or Vercel Functions.
Benefits: scalability, cost-efficiency, no manual server management.

Show a short code example:

export default async function handler(req, res) {
  const data = await fetch("https://api.openai.com/...");
  res.json({ result: await data.json() });
}

Mention pitfalls (cold starts, vendor lock-in) and strategies to mitigate them.

4. Edge Computing: Bringing APIs Closer to Users

Explain what edge computing is (running code near the user’s location).
Show how frameworks like Cloudflare Workers or Vercel Edge Functions improve response times.
Use a comparison diagram (traditional vs edge requests).
Example: “An Istanbul user’s API call no longer travels to Virginia—runs on a data center nearby.”

5. The Convergence: AI + Serverless + Edge

Show how modern startups combine all three:

Serverless for compute.
Edge for latency.
AI for intelligence

Example workflow: user uploads data → serverless triggers AI model → result served from edge cache.
Mention open-source projects like LangChain, Supabase Edge Functions, Vercel AI SDK, or Cloudflare Workers AI.

6. Security and API Evolution

Explain how JWT and OAuth2 remain key but new models (like fine-grained API keys and AI-auth layers) are emerging.
Mention how rate limiting, bot detection, and zero-trust architectures are blending with AI.

7. Tools to Watch in 2025

Vercel AI SDK
Cloudflare Workers AI
Supabase Edge Functions
LangGraph / LangServe for AI pipelines
Bun.js (fast Node.js alternative)

8. Practical Example

Create a short end-to-end demo idea: “An intelligent API that detects spam reviews using OpenAI and runs on Vercel Edge Functions.”
You can show setup, code, and how latency improves — readers love this blend of concept + code.

9. The Developer Mindset Shift

Discuss how backend developers must now think like system architects—balancing AI, data, performance, and user experience.
Emphasize the importance of learning cloud tools, AI integration, and distributed systems.

10. Conclusion: The Backend Developer of 2025

Summarize the transition: from REST APIs to intelligent, distributed, self-healing systems.
Encourage readers to learn incrementally:

Build a REST API.
Deploy serverless.
Experiment with AI integrations.
Move toward edge deployments.

Close with an inspiring note: “In 2025, backend development is not about managing servers—it’s about designing intelligence at scale.”

Understanding Deadlocks in Multithreaded Systems

Ilyas Abdisalam — Thu, 26 Jun 2025 21:17:24 +0000

Deadlocks are one of the most notorious issues in multithreaded programming. They freeze applications, frustrate developers, and often require intricate debugging. In this guide, we’ll break down deadlocks into digestible parts—with code examples, visuals, and solutions.

What Is a Deadlock?

A deadlock occurs when two or more threads are blocked forever, each waiting for the other to release a resource.

The 4 Necessary Conditions for Deadlocks

For a deadlock to happen, all four of these conditions must hold:

Mutual Exclusion: Only one thread can hold a resource at a time.
Hold and Wait: A thread holds a resource while waiting for another.
No Preemption: Resources cannot be forcibly taken from threads.
Circular Wait: Threads form a cycle waiting for each other.

A Classic Deadlock Example in Code

Here’s a simple Java deadlock scenario:

public class DeadlockDemo {  
    private static final Object lock1 = new Object();  
    private static final Object lock2 = new Object();  

    public static void main(String[] args) {  
        Thread threadA = new Thread(() -> {  
            synchronized (lock1) {  
                System.out.println("Thread A: Holding lock 1...");  
                try { Thread.sleep(100); } catch (InterruptedException e) {}  
                synchronized (lock2) {  
                    System.out.println("Thread A: Acquired lock 2!");  
                }  
            }  
        });  

        Thread threadB = new Thread(() -> {  
            synchronized (lock2) {  
                System.out.println("Thread B: Holding lock 2...");  
                synchronized (lock1) {  
                    System.out.println("Thread B: Acquired lock 1!");  
                }  
            }  
        });  

        threadA.start();  
        threadB.start();  
    }  
}

Output Analysis

When you run this:

Both threads will print their first message ("Holding lock...").
Neither will progress further—deadlock achieved!

How to Detect Deadlocks

Tools & Techniques

Method	Description	Example Tool
Thread Dump	Analyzes thread states and locks.	jstack (Java)
Static Analysis	Code reviews for circular waits.	SonarQube
Runtime Monitoring	Alerts on long-held locks.	VisualVM

Preventing Deadlocks

1.Lock Ordering

Always acquire locks in a consistent global order (e.g., always lock1 before lock2).

2.Timeouts

Use tryLock(timeout) to avoid indefinite waits:

if (lock1.tryLock(100, TimeUnit.MILLISECONDS)) {  
    // Proceed if lock acquired  
}

3.Deadlock Detection Algorithms

Advanced systems (e.g., databases) use wait-for graphs to detect cycles.

Key Takeaways

✅ Deadlocks require all 4 conditions—break any one to prevent them.
✅ Tooling (thread dumps, analyzers) is critical for debugging.
✅ Prevention > Cure: Design systems to avoid circular waits.

Prevent API Abuse with Rate Limiting in Express.js

Ilyas Abdisalam — Sat, 21 Jun 2025 17:10:57 +0000

1. Introduction

As your API grows in popularity, it's essential to protect it from overuse and abuse. One of the simplest and most effective strategies is rate limiting, which controls how many requests a user can make to your API in a given time window.

This tutorial will walk you through:

What rate limiting is
Why it's important
How to implement it in an Express.js application
Best practices and options for production systems

2. What is Rate Limiting?

Rate limiting sets a restriction on how many requests a client (usually identified by IP address or user token) can make in a given period.

For example:

Max 100 requests per user per 15 minutes
Only 10 login attempts per hour

🔒 Why Use Rate Limiting?

✅ Prevents DDoS attacks

✅ Stops brute-force login attempts

✅ Protects backend resources

✅ Creates fair usage among users

3. Setting Up Express Rate Limiting

We'll use the open-source express-rate-limit middleware to set up basic limits.

3.1 Project Setup

mkdir express-rate-limit-demo && cd express-rate-limit-demo
npm init -y
npm install express express-rate-limit dotenv

3.2 Basic Server Example

// app.js
const express = require('express');
const rateLimit = require('express-rate-limit');
const app = express();
const PORT = process.env.PORT || 3000;

// Apply to all requests
const limiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 100, // Limit each IP to 100 requests per windowMs
  message: 'Too many requests from this IP, please try again later.'
});

app.use(limiter);

app.get('/', (req, res) => {
  res.send('Hello, this is a rate-limited API.');
});

app.listen(PORT, () => console.log(`Server running on port ${PORT}`));

4. Advanced Use Cases

4.1 Rate Limit Specific Routes Only

const loginLimiter = rateLimit({
  windowMs: 60 * 60 * 1000, // 1 hour
  max: 5,
  message: 'Too many login attempts. Try again after an hour.'
});

app.post('/login', loginLimiter, (req, res) => {
  res.send('Login endpoint.');
});

4.2 Use a Custom Handler

const limiterWithHandler = rateLimit({
  windowMs: 15 * 60 * 1000,
  max: 10,
  handler: (req, res) => {
    res.status(429).json({
      status: 'fail',
      message: 'Rate limit exceeded. Please try again later.'
    });
  }
});

5. Visualization: Rate Limiting Flow

6. Best Practices

Practice	Reason
Limit sensitive endpoints	Login, signup, and search are attack targets
Adjust limits per user role	Admins may need higher thresholds
Use distributed stores (Redis)	For multi-server rate limiting
Return informative error messages	Helps users understand what's happening
Log rate-limited requests	Useful for security auditing and analytics

7. Bonus: Rate Limiting with Redis (for production)

In production, especially with multiple servers or containers, you need to share rate-limit state. This is usually done with Redis.

You can use the package:

npm install rate-limit-redis

Then use it as the store:

const RedisStore = require('rate-limit-redis');
const limiter = rateLimit({
  store: new RedisStore({
    sendCommand: (...args) => redisClient.call(...args)
  }),
  windowMs: 60 * 1000,
  max: 100
});

8. Conclusion

Rate limiting is a simple but powerful tool for protecting your API. In just a few lines of code, you can dramatically reduce abuse, make your services more stable, and provide a better experience for your users.

You’ve now learned:

What rate limiting is and why it matters
How to implement it with express-rate-limit
Best practices and how to scale with Redis

Secure Your REST API with JWT Authentication (Beginner Friendly)

Ilyas Abdisalam — Fri, 20 Jun 2025 14:04:15 +0000

1. Introduction

As APIs become more central to modern web apps, securing them is critical. One common and powerful method is JWT (JSON Web Token) authentication. It allows secure, stateless communication between client and server.

In this guide, we’ll walk through the core concepts, the authentication flow, and how to implement JWT in a Node.js + Express API.

2. What is JWT?

JWT (JSON Web Token) is a compact, URL-safe way of representing claims between two parties. It’s widely used for authentication.
A JWT has three parts:

HEADER.PAYLOAD.SIGNATURE

Example Token:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsImlhdCI6MTY3Nzg0NTM1Nn0.vPObNvSaNfrqzuhRRYtNnmlbRrFYP7oowC_NWkpiW1k

Part	purpose
Header	Algorithm + Token type
Payload	Claims (user ID, role, etc.)
Signature	Verifies token integrity (signed)

3. JWT Authentication Flow

4. Example Project Structure (Node.js + Express)

project/
├── controllers/
│   └── auth.js
├── middleware/
│   └── authMiddleware.js
├── routes/
│   └── authRoutes.js
├── app.js
├── .env
└── package.json

5. Code Breakdown

5.1 Install Required Packages

npm install express jsonwebtoken dotenv

5.2 Generate Token (Login Route)

const jwt = require('jsonwebtoken');
const SECRET = process.env.JWT_SECRET;

function login(req, res) {
  const user = { id: 1, username: 'ilyas' }; // dummy user
  const token = jwt.sign({ userId: user.id }, SECRET, { expiresIn: '1h' });
  res.json({ token });
}

5.3 Protect Routes with Middleware

function verifyToken(req, res, next) {
  const token = req.headers['authorization']?.split(' ')[1];
  if (!token) return res.sendStatus(401);

  jwt.verify(token, process.env.JWT_SECRET, (err, decoded) => {
    if (err) return res.sendStatus(403);
    req.userId = decoded.userId;
    next();
  });
}

5.4 Secure Endpoint Example

app.get('/profile', verifyToken, (req, res) => {
  res.send(`This is a protected route for user ${req.userId}`);
});

6. Best Practices for JWT

Tip	Why It Matters
Use short expiration times	Limits damage from stolen tokens
Store tokens securely	Avoid localStorage for sensitive data
Rotate tokens periodically	Increase security
Never store JWT secret in code	Use environment variables

7. Conclusion

JWT is a powerful way to secure RESTful APIs in a stateless and scalable manner. You now understand the structure, flow, and implementation of JWT authentication in a Node.js Express app.

Understanding RESTful APIs

Ilyas Abdisalam — Thu, 19 Jun 2025 16:10:04 +0000

1. Introduction

In modern software development, APIs (Application Programming Interfaces) allow different software systems to communicate with each other. One of the most popular types of APIs is the RESTful API, which follows the principles of REST (Representational State Transfer).

A RESTful API is stateless, resource-based, and communicates over HTTP. It's widely used in web applications, mobile apps, and even IoT devices.

2. Core Concepts

2.1 Client and Server

In REST architecture, the client sends a request, and the server processes it and returns a response. They are independent: the client doesn't need to know how the server stores data, and the server doesn't need to know how the client uses it.

2.2 Resources and URIs

A resource is anything that can be named and manipulated via the API, such as a user, a book, or a product. Each resource is identified by a URI (Uniform Resource Identifier).

Example:

GET /books/1

This retrieves the book with ID 1.

2.3 HTTP Methods

RESTful APIs use HTTP methods to define actions:

Method	Action	Description
GET	Read	Retrieve a resource
POST	Create	Add a new resource
PUT	Update	Replace a resource
PATCH	Partial Update	Update part of a resource
DELETE	Delete	Remove a resource

2.4 HTTP Status Codes

Responses include status codes to indicate success or failure:

Code	Meaning
200	Ok
201	Created
400	Bad Request
401	Unauthorized
404	Not Found
500	Internal Server Error

3. Example Use Case: Book API

Suppose we want to build a RESTful API to manage books in a library system. Here are the main endpoints:

Method	Endpoint	Description
GET	/books	Get a list of books
GET	/books/{id}	Get details of a specific book
POST	/books	Create a new book
PUT	/books/{id}	Update a book completely
Delete	/books/{id}	Delete a book

Example JSON for creating a book (POST /books):

{
  "title": "Clean Code",
  "author": "Geedi Osman",
  "year": 2008
}

4. How Requests and Responses Work

4.1 Request Structure

A typical HTTP request includes:

Method (e.g., GET, POST)
URL (e.g., /books/1)
Headers (e.g., Content-Type, Authorization)
Body (only for POST, PUT, PATCH)

4.2 Response Structure

A response includes:

Status Code (e.g., 200 OK)
Headers (e.g., Content-Type)
Body (JSON or other format)

Example Response:

{
  "id": 1,
  "title": "Clean Code",
  "author": "Geedi Osman",
  "year": 2008
}

5. Best Practices for REST APIs

5.1 Use Proper Status Codes

Use 201 for resource creation, 404 for missing resources, etc.

5.2 Use JSON as the Default Format

It's lightweight, readable, and widely supported.

5.3 Implement Pagination for Large Results

Example: /books?page=2&limit=10

5.4 Version Your API

Example: /api/v1/books

5.5 Secure Your API

Use authentication (e.g., JWT tokens), validate inputs, and enforce HTTPS.

6. Conclusion

RESTful APIs are a foundational part of web development. By understanding the principles behind REST—such as statelessness, resource orientation, and HTTP standards—you can build and consume APIs effectively.

To continue learning, explore tools like Postman (for testing APIs), Swagger (for documenting APIs), and frameworks like Express (Node.js) or Flask (Python) to build your own REST APIs.

7. What’s Next?

If you understood this guide, try building a simple REST API using:

Node.js with Express (https://expressjs.com/)
Python with Flask (https://flask.palletsprojects.com/)
Use Postman to test your endpoints
Document your own mini API and share it online!

✅ How to Use MongoDB with Express.js

Ilyas Abdisalam — Tue, 17 Jun 2025 16:42:22 +0000

📘 Overview

This guide shows you how to connect a MongoDB database to an Express.js application using the official mongodb driver. This is useful for developers building full-stack JavaScript applications that need to store and retrieve data.

🧠 Prerequisites

Before you begin, make sure you have:

Node.js and npm installed
MongoDB installed locally or a MongoDB Atlas cloud database
Basic knowledge of JavaScript and Express.js

🛠️ Step 1: Create a New Express App

A. Create a new project folder:

mkdir express-mongo-app
cd express-mongo-app

B. Initialize a Node.js project:

npm init -y
npm install express mongodb

C. Create an index.js file with this boilerplate:

// CommonJS (used in Node.js by default, not ES6 module)
const express = require('express');
const app = express();
const port = 3000;

app.use(express.json());

app.listen(port, () => {
  console.log(`Server is running on http://localhost:${port}`);
});

🔌 Step 2: Connect to MongoDB

A. At the top of index.js, import the MongoDB client:

const { MongoClient } = require('mongodb');

B. Define your connection URL and database name:

const uri = 'mongodb://localhost:27017'; // Replace with your MongoDB Atlas URI if using cloud
const client = new MongoClient(uri);
const dbName = 'myDatabase';

C. Create an async function to connect:

async function run() {
  try {
    await client.connect();
    console.log('Connected successfully to MongoDB');

    const db = client.db(dbName);
    const collection = db.collection('users');

    // Sample route to insert a user
    app.post('/users', async (req, res) => {
      const user = req.body;
      const result = await collection.insertOne(user);
      res.send(result);
    });

    // Sample route to get all users
    app.get('/users', async (req, res) => {
      const users = await collection.find({}).toArray();
      res.send(users);
    });

  } catch (err) {
    console.error(err);
  }
}

run();

▶️ Step 3: Test the App

A. Start the server:

node index.js

B. Use Postman or curl to test endpoints:

Insert a user:

curl -X POST http://localhost:3000/users -H "Content-Type: application/json" -d '{"name": "Mohamed", "email": "Mohamed@gmail.com"}'

Get all users:

curl http://localhost:3000/users

🧼 Step 4: Clean Up and Best Practices

Store your MongoDB URI in an environment variable (e.g., .env)
Handle connection errors and cleanup with process.on('SIGINT')
Use async/await consistently for clarity

✅ Summary

You’ve learned how to:

Set up a Node.js + Express.js app
Connect to MongoDB (local or Atlas)
Insert and retrieve data with API endpoints

How to Deploy a Node.js App to Vercel

Ilyas Abdisalam — Mon, 16 Jun 2025 16:02:22 +0000

This tutorial will show you how to deploy a simple Node.js (Express) app to Vercel. It’s perfect for beginners who want to get their API online fast — without worrying about infrastructure.

🧰 Prerequisites

Before you start, make sure you have the following installed:

✅ Node.js and npm on your system
✅ Git installed
✅ GitHub account
✅ Basic knowledge of JavaScript and Node.js

🛠️ Step 1: Create a Simple Node.js App

Open your terminal and run the following commands:

mkdir my-app
cd my-app
npm init -y
npm install express

This creates a new folder, initializes a Node.js project, and installs Express.js.

📝 Step 2: Create index.js

Inside your project folder, create a file called index.js and add the following code:

const express = require('express');
const app = express();

app.get('/', (req, res) => {
  res.send('Hello, Vercel!');
});

app.listen(3000, () => {
  console.log('Server is running on http://localhost:3000');
});

This sets up a basic Express server that responds with "Hello, Vercel!".

🧪 Step 3: Test the App Locally

Run the app locally to make sure everything works:

node index.js

Visit http://localhost:3000 in your browser — you should see:

Hello, Vercel!

🚀 Step 4: Prepare for Deployment

Create a .gitignore file and ignore node_modules:

echo node_modules > .gitignore

Initialize a git repository and push it to GitHub:

git init
git add .
git commit -m "Initial commit"
git branch -M main
git remote add origin https://github.com/YOUR_USERNAME/YOUR_REPO_NAME.git
git push -u origin main

🌐 Step 5: Deploy to Vercel

Go to https://vercel.com and sign in with your GitHub account.
Click "New Project".
Import your repository.
Leave all settings as default and click "Deploy".

Wait a few moments… and voilà! Your Node.js app is live ✨

✅ Conclusion

You’ve just built and deployed a Node.js app to the web using Express and Vercel. From here, you can:

Build APIs and connect to databases
Add frontend frameworks like React or Vue