<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Rohit Sharma</title>
    <description>The latest articles on DEV Community by Rohit Sharma (@rohitsharmaj7).</description>
    <link>https://dev.to/rohitsharmaj7</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F306487%2F3f0d8a44-3842-438f-a522-6b5b2a12773d.jpeg</url>
      <title>DEV Community: Rohit Sharma</title>
      <link>https://dev.to/rohitsharmaj7</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/rohitsharmaj7"/>
    <language>en</language>
    <item>
      <title>Forward Proxy vs Reverse Proxy vs API Gateways</title>
      <dc:creator>Rohit Sharma</dc:creator>
      <pubDate>Tue, 23 Jun 2026 10:05:28 +0000</pubDate>
      <link>https://dev.to/rohitsharmaj7/forward-proxy-vs-reverse-proxy-vs-api-gateways-3afo</link>
      <guid>https://dev.to/rohitsharmaj7/forward-proxy-vs-reverse-proxy-vs-api-gateways-3afo</guid>
      <description>&lt;p&gt;This is a very common confusion because Forward Proxy, Reverse Proxy, and API Gateway all sit "in the middle" of communication. The difference is who they represent and what additional functionality they provide.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. Forward Proxy:&lt;/strong&gt; A Forward Proxy sits in front of the client and acts on behalf of the client.&lt;/p&gt;

&lt;p&gt;&lt;code&gt;Client --&amp;gt; Forward Proxy --&amp;gt; Internet Server&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;The server thinks: "This request came from the proxy."&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Example:&lt;/strong&gt; Suppose your company blocks access to social media.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The company proxy can:&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Allow/block websites&lt;/li&gt;
&lt;li&gt;Cache responses&lt;/li&gt;
&lt;li&gt;Hide your IP address&lt;/li&gt;
&lt;li&gt;Log your traffic&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Real-world examples:&lt;/strong&gt; Company Proxies and VPN Servers&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Reverse Proxy:&lt;/strong&gt; A Reverse Proxy sits in front of the servers and acts on behalf of the servers.&lt;/p&gt;

&lt;p&gt;&lt;code&gt;Client --&amp;gt; Reverse Proxy --&amp;gt; Backend Servers&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;The client thinks: "I am talking to one server."&lt;/p&gt;

&lt;p&gt;But behind the proxy, there may be many servers.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Example&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Internet
    |
    v
NGINX
    |
    +--&amp;gt; App Server 1
    +--&amp;gt; App Server 2
    +--&amp;gt; App Server 3
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Responsibilities:&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Load balancing&lt;/li&gt;
&lt;li&gt;SSL termination&lt;/li&gt;
&lt;li&gt;Caching&lt;/li&gt;
&lt;li&gt;Compression&lt;/li&gt;
&lt;li&gt;Routing&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Examples:&lt;/strong&gt; Nginx&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. API Gateway:&lt;/strong&gt; An API Gateway is a specialized reverse proxy for APIs and microservices.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client
   |
   v
API Gateway
   |
   +--&amp;gt; User Service
   +--&amp;gt; Order Service
   +--&amp;gt; Payment Service
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;It does everything a reverse proxy does plus:&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Authentication&lt;/li&gt;
&lt;li&gt;Authorization&lt;/li&gt;
&lt;li&gt;Rate limiting&lt;/li&gt;
&lt;li&gt;API versioning&lt;/li&gt;
&lt;li&gt;Request transformation&lt;/li&gt;
&lt;li&gt;Response aggregation&lt;/li&gt;
&lt;li&gt;Monitoring&lt;/li&gt;
&lt;li&gt;API keys&lt;/li&gt;
&lt;li&gt;Quotas&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Why Definitions Sound Similar?&lt;/strong&gt; Because all of them:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Receive requests&lt;/li&gt;
&lt;li&gt;Forward requests&lt;/li&gt;
&lt;li&gt;Return responses
&lt;/li&gt;
&lt;/ul&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;The real difference is:

Question            Forward Proxy   Reverse Proxy   API Gateway
Represents whom?    Client          Server          Server/API
Sits in front of?   Clients         Servers         APIs/Microservices
Used by?            Internal users  Backend systems Microservices
Authentication?     Rare            Sometimes       Yes
Rate limiting?      Rare            Sometimes       Yes
Aggregation?        No              No              Yes
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;One-line way to remember&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Forward Proxy → protects and represents clients.&lt;br&gt;
Reverse Proxy → protects and represents servers.&lt;br&gt;
API Gateway → a smart reverse proxy specifically for APIs and microservices.&lt;/p&gt;

</description>
      <category>proxy</category>
      <category>forwardproxy</category>
      <category>reverseproxy</category>
      <category>apigateway</category>
    </item>
    <item>
      <title>API Gateway in System Design</title>
      <dc:creator>Rohit Sharma</dc:creator>
      <pubDate>Tue, 23 Jun 2026 09:50:48 +0000</pubDate>
      <link>https://dev.to/rohitsharmaj7/api-gateway-in-system-design-3k39</link>
      <guid>https://dev.to/rohitsharmaj7/api-gateway-in-system-design-3k39</guid>
      <description>&lt;p&gt;&lt;strong&gt;What is API Gateway?&lt;/strong&gt;&lt;br&gt;
An API Gateway is a server that sits between the client (web app, mobile app, frontend) and your backend services (microservices).&lt;/p&gt;

&lt;p&gt;Instead of the client directly calling multiple services, it sends all requests to the API Gateway, and the gateway routes the request to the appropriate service.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Without API Gateway&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client
  |
  |-----&amp;gt; User Service
  |
  |-----&amp;gt; Product Service
  |
  |-----&amp;gt; Order Service
  |
  |-----&amp;gt; Payment Service
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The client needs to know:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;URLs of all services&lt;/li&gt;
&lt;li&gt;Authentication mechanism of all services&lt;/li&gt;
&lt;li&gt;Error handling of all services&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;This becomes difficult to manage.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;With API Gateway&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client
   |
   |
API Gateway
   |
   |------&amp;gt; User Service
   |
   |------&amp;gt; Product Service
   |
   |------&amp;gt; Order Service
   |
   |------&amp;gt; Payment Service

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Now the client only knows one URL: &lt;code&gt;https://api.mycompany.com&lt;/code&gt;&lt;br&gt;
Everything else is handled by the gateway.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Real-world Example&lt;/strong&gt; Suppose you're building an e-commerce application.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Frontend needs:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Login&lt;br&gt;
Product details&lt;br&gt;
Place order&lt;br&gt;
Make payment&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Without Gateway&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;https://user.mycompany.com/login
https://product.mycompany.com/products
https://order.mycompany.com/orders
https://payment.mycompany.com/pay
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;With Gateway&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;https://api.mycompany.com/login
https://api.mycompany.com/products
https://api.mycompany.com/orders
https://api.mycompany.com/pay
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;The gateway routes internally.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Responsibilities of API Gateway&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. Request Routing&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;/api/users/*      -&amp;gt; User Service
/api/orders/*     -&amp;gt; Order Service
/api/products/*   -&amp;gt; Product Service
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;2. Authentication:&lt;/strong&gt; Instead of every service validating JWT, only API Gateway does that.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client
   |
 JWT Token
   |
API Gateway
   |
Valid Token?
   |
Yes -&amp;gt; Forward
No  -&amp;gt; Return 401
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;3. Authorization&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;4. Rate Limiting&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;5. Load Balancing&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;6. Caching&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;7. Logging&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;8. SSL Termination&lt;/strong&gt;&lt;br&gt;
&lt;strong&gt;9. Response Aggregation&lt;/strong&gt;&lt;/p&gt;

</description>
      <category>api</category>
      <category>architecture</category>
      <category>microservices</category>
      <category>systemdesign</category>
    </item>
    <item>
      <title>Trailing and Non Trailing Slash in Nginx</title>
      <dc:creator>Rohit Sharma</dc:creator>
      <pubDate>Tue, 23 Jun 2026 07:22:42 +0000</pubDate>
      <link>https://dev.to/rohitsharmaj7/trailing-and-non-trailing-slash-in-nginx-1ghp</link>
      <guid>https://dev.to/rohitsharmaj7/trailing-and-non-trailing-slash-in-nginx-1ghp</guid>
      <description>&lt;p&gt;&lt;em&gt;&lt;strong&gt;Most tricky part of Nginx:&lt;/strong&gt; The trailing slash behavior in proxy_pass is one of the most confusing parts of Nginx. Once you understand one rule, it becomes easy&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;There are 2 Cases:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;CASE 1: proxy_pass WITHOUT trailing slash&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight nginx"&gt;&lt;code&gt;&lt;span class="k"&gt;location&lt;/span&gt; &lt;span class="n"&gt;/api/&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="kn"&gt;proxy_pass&lt;/span&gt; &lt;span class="s"&gt;http://localhost:3000&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;notice&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost:3000
                     ↑
                 no slash
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;request&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost/api/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;What Nginx sends to backend&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost:3000/api/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;The entire original URI is preserved.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;CASE 2: proxy_pass WITH trailing slash&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight nginx"&gt;&lt;code&gt;&lt;span class="k"&gt;location&lt;/span&gt; &lt;span class="n"&gt;/api/&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="kn"&gt;proxy_pass&lt;/span&gt; &lt;span class="s"&gt;http://localhost:3000/&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;notice&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost:3000/
                     ↑
                  slash
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;request&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost/api/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;what backend receives&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost:3000/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Nginx removes the matched location (/api/) and replaces it with /&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;VISUAL REPRESENTATION (Without Slash)&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client:
    /api/users

location:
    /api/

proxy_pass:
    http://localhost:3000

Result:
    http://localhost:3000/api/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;VISUAL REPRESENTATION (With Slash)&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client:
    /api/users

location:
    /api/

proxy_pass:
    http://localhost:3000/

Result:
    http://localhost:3000/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Why? Because internally Nginx does:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;NO SLASH&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;backend_url + original_uri

http://localhost:3000
+
/api/users

=
http://localhost:3000/api/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;WITH SLASH&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;replace(location_prefix, proxy_pass_uri)

/api/users
↓ remove /api/
/users

prepend /
↓

http://localhost:3000/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;In simpler words, think of it as:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;No slash (Keep the original URI)&lt;br&gt;
Slash (Replace the matched prefix)&lt;/p&gt;

&lt;p&gt;Nginx does NOT look at whether /api/ exists in the request and remove it automatically.&lt;/p&gt;

&lt;p&gt;It only removes the matched location prefix when proxy_pass contains a URI part (a trailing slash or some path).&lt;/p&gt;

&lt;p&gt;Understanding the both cases carefully&lt;br&gt;
&lt;strong&gt;Case 1: No trailing slash&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight nginx"&gt;&lt;code&gt;&lt;span class="k"&gt;location&lt;/span&gt; &lt;span class="n"&gt;/api/&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="kn"&gt;proxy_pass&lt;/span&gt; &lt;span class="s"&gt;http://localhost:3000&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;notice&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;proxy_pass = http://localhost:3000
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;There is:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;scheme → http
host → localhost
port → 3000
URI part → ❌ NONE
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Because there is no URI part, Nginx simply forwards the entire original URI.&lt;/p&gt;

&lt;p&gt;&lt;code&gt;Request : /api/users&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;Nginx does&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;http://localhost:3000
+
/api/users
=
http://localhost:3000/api/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;No replacement happens.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;CASE 2: TRAILING SLASH&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight nginx"&gt;&lt;code&gt;&lt;span class="k"&gt;location&lt;/span&gt; &lt;span class="n"&gt;/api/&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="kn"&gt;proxy_pass&lt;/span&gt; &lt;span class="s"&gt;http://localhost:3000/&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;notice&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;proxy_pass = http://localhost:3000/
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;There is / at end which is a URI part&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;/
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;As there is / in the URI part&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="s"&gt;scheme → http&lt;/span&gt;
&lt;span class="s"&gt;host → localhost&lt;/span&gt;
&lt;span class="s"&gt;port → &lt;/span&gt;&lt;span class="m"&gt;3000&lt;/span&gt;
&lt;span class="s"&gt;URI part → /&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Now Nginx switches to replacement mode.&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Request: /api/users
Matched location: /api/
Remaining: users
Result: http://localhost:3000/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Why does / count as a URI?&lt;/p&gt;

&lt;p&gt;Because internally Nginx parses:&lt;/p&gt;

&lt;p&gt;&lt;code&gt;http://localhost:3000&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;as:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;host = localhost
port = 3000
uri = NULL

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;but&lt;/p&gt;

&lt;p&gt;&lt;code&gt;http://localhost:3000/&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;as:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;host = localhost
port = 3000
uri = /
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;That tiny / changes the algorithm completely.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Internal logic (simplified). Nginx does something like:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="k"&gt;if &lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;proxy_pass_contains_uri&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="nf"&gt;replace_location_prefix&lt;/span&gt;&lt;span class="p"&gt;();&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;span class="k"&gt;else&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
    &lt;span class="nf"&gt;append_original_uri&lt;/span&gt;&lt;span class="p"&gt;();&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;OR IN SOME SIMPLE WORDS, How Nginx actually thinks&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Did proxy_pass contain a URI part?
            |
      +-----+-----+
      |           |
     NO          YES
      |           |
Keep URI      Replace matched location prefix
as-is         with proxy_pass URI
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



</description>
      <category>backend</category>
      <category>devops</category>
      <category>tutorial</category>
      <category>webdev</category>
    </item>
    <item>
      <title>Foward Proxy / Reverse Proxy / SSL TLS Termination</title>
      <dc:creator>Rohit Sharma</dc:creator>
      <pubDate>Tue, 23 Jun 2026 02:23:49 +0000</pubDate>
      <link>https://dev.to/rohitsharmaj7/foward-proxy-reverse-proxy-ssl-tls-termination-mfh</link>
      <guid>https://dev.to/rohitsharmaj7/foward-proxy-reverse-proxy-ssl-tls-termination-mfh</guid>
      <description>&lt;p&gt;&lt;strong&gt;What is a proxy?&lt;/strong&gt;&lt;br&gt;
A proxy is an intermediary server that receives a request, forwards it elsewhere, receives the response, and sends it back.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Forward Proxy (Represents the Client)&lt;/strong&gt; &lt;br&gt;
Sits in front of client and hides the client from servers. Server cannot see the real client&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt; Client ---&amp;gt; Forward Proxy ---&amp;gt; Server
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Imagine your company blocks access to YouTube.&lt;/p&gt;

&lt;p&gt;Instead of&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Laptop ---&amp;gt; youtube.com
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;You do&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Laptop ---&amp;gt; Corporate Proxy ---&amp;gt; youtube.com
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The proxy makes the request on your behalf. The server sees request coming from Proxy IP not from your laptop.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Real Example&lt;/strong&gt; School/college proxy, Corporate internet proxy, VPNs.&lt;/p&gt;

&lt;p&gt;When you connect to a VPN:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Your PC ---&amp;gt; VPN Server ---&amp;gt; Google
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Google sees VPN IP instead of of your original IP.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why use forward proxy?&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Privacy:&lt;/strong&gt; Hides the Client IP due to which Websites can't directly identify the client.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Content Filtering:&lt;/strong&gt; companies block some websites at the office network&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Caching:&lt;/strong&gt; 100 employees request same file, without proxy 100 requests would go to internet. With proxy first request would go to internet and next 99 would be server from proxy cache.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Reverse Proxy (Represents the Server)&lt;/strong&gt; &lt;br&gt;
Sits in front of server and hides the server from client. Client Cannot see the real server&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client ---&amp;gt; Reverse Proxy ---&amp;gt; Server
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Suppose you have multiple servers i.e. Server 1, Server 2, Server 3 etc and you don't want clients to know about these servers. In this case we need to setup reverse proxy and, proxy decides which server gets the request.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Client
   |
   v
Reverse Proxy
   |
   +----&amp;gt; Server1
   |
   +----&amp;gt; Server2
   |
   +----&amp;gt; Server3
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Example:&lt;/strong&gt; When you open amazon.com your request doesn't directly hit an application server. It usually go to&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Browser
   |
Load Balancer / Reverse Proxy
   |
Backend Servers
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real Example:&lt;/strong&gt; Nginx in front of Node.js servers&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why use Reverse Proxy?&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;strong&gt;Load Balancing&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;SSL/TLS Termination:&lt;/strong&gt; Without reverse proxy every backend server, decrypts https, with reverse proxy setted up, it handles the encryption while backend focus upon the business logic. &lt;em&gt;Don't worry if SSL/TLS is not clear to you, at end of this article we have detailed explanation of SSL/TLS.&lt;/em&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Hides Internal Servers:&lt;/strong&gt; Client never knows the servers, which eventually improves the security&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Caching:&lt;/strong&gt; For expensive endpoints, Reverse proxy stores response for the future requests.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;Now Let's Boost your understanding of SSL(Secure Socket Layer) and TLS(Transport layer Security):&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;SSL and TLS both are same terms, name SSL was used in earlier days and now its new name TLS is being used.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Detailed flow of TLS&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Step 1:&lt;/strong&gt; Browser sends a request&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;https://api.company.com/users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Step 2:&lt;/strong&gt; Reverse proxy i.e. Nginx here, receives HTTPS.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Browser
   |
HTTPS
   |
Nginx
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Step 3:&lt;/strong&gt; Nginx decrypts request.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Encrypted Request
       ↓
Decrypt
       ↓
Plain HTTP Request
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Step 4:&lt;/strong&gt; Nginx forwards request.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;GET /users
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;to backend&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Browser
   |
HTTPS
   |
Nginx
   |
HTTP
   |
Node Server
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Step 5:&lt;/strong&gt; Backend processes business logic.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="nx"&gt;app&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;get&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;/users&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="p"&gt;()&lt;/span&gt; &lt;span class="o"&gt;=&amp;gt;&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
   &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="nx"&gt;users&lt;/span&gt;&lt;span class="p"&gt;;&lt;/span&gt;
&lt;span class="p"&gt;});&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Step 6:&lt;/strong&gt; Response returns. Nginx encrypts before sending to browser.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Node
   |
HTTP
   |
Nginx
   |
HTTPS
   |
Browser
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Why Do This?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. Less CPU Usage:&lt;/strong&gt; As Encryption/decryption is expensive.&lt;/p&gt;

&lt;p&gt;Without termination:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;100 servers
100 TLS handshakes
100 certificate configs
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;With termination: Reverse proxy handles TLS. Backend servers focus on business logic.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Easier Certificate Management&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Without reverse proxy: Nightmare to maintain certificates.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Certificate on Server 1
Certificate on Server 2
Certificate on Server 3
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;With reverse proxy: Certificate to be maintained only on Nginx. Renew once.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Simpler Backend Code:&lt;/strong&gt; Backend doesn't care about HTTPS. It Just process requests.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="nx"&gt;app&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;get&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;/users&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="p"&gt;...)&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Real MAANG Architecture&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;User
  |
HTTPS
  |
Load Balancer
  |
HTTPS
  |
Reverse Proxy
  |
HTTP/gRPC
  |
Microservices
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;or&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;User
  |
HTTPS
  |
Load Balancer (TLS Termination)
  |
HTTP
  |
Services
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Often the cloud load balancer itself performs TLS termination.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;&lt;strong&gt;Important note on SSL/TLS termination:&lt;/strong&gt; SSL/TLS termination means a reverse proxy or load balancer handles HTTPS encryption/decryption on behalf of backend servers. The client communicates securely with the proxy using HTTPS, the proxy decrypts the request and forwards it to backend services, typically over HTTP or an internal secure network. This reduces CPU overhead on application servers and centralizes certificate management.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The benefit of TLS termination is that:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;1,000 Clients
      |
      v
Reverse Proxy
      |
      v
100 Backend Servers
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The 100 backend servers do not perform those 1,000 TLS handshakes.&lt;br&gt;
The reverse proxy performs them and forwards the already-decrypted requests internally.&lt;strong&gt;That's where the CPU savings come from.&lt;/strong&gt; As "TLS connection terminates at the reverse proxy instead of the application server so its termed as TLS termination.&lt;/p&gt;

</description>
      <category>architecture</category>
      <category>beginners</category>
      <category>networking</category>
      <category>systemdesign</category>
    </item>
    <item>
      <title>Rest &amp; Restfulness API Design Principles</title>
      <dc:creator>Rohit Sharma</dc:creator>
      <pubDate>Thu, 18 Jun 2026 01:43:54 +0000</pubDate>
      <link>https://dev.to/rohitsharmaj7/rest-restfulness-api-design-principles-3if4</link>
      <guid>https://dev.to/rohitsharmaj7/rest-restfulness-api-design-principles-3if4</guid>
      <description>&lt;p&gt;&lt;strong&gt;Re&lt;/strong&gt;presentational &lt;strong&gt;S&lt;/strong&gt;tate &lt;strong&gt;T&lt;/strong&gt;ransfer is an architectural style used for designing the network applications. Instead of relying on complex protocols REST relies on standard web protocols like HTTP to enable communication between clients and server.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;If Definition seems complex to you, no worries let's breakdown the word &lt;br&gt;
REST = Representation State Transfer&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Suppose you have a user resource:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;/users/7
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This actual resource, exists on the server i.e. database row containing all the information about user with id 7.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;REPRESENTATION&lt;/strong&gt; The server doesn't send the actual database row. It sends just a representation of the resource.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
 &lt;/span&gt;&lt;span class="nl"&gt;"id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="mi"&gt;7&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
 &lt;/span&gt;&lt;span class="nl"&gt;"name"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="s2"&gt;"Rohit"&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This JSON is a representation of the user's current state.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;STATE TRANSFER&lt;/strong&gt; When the client requests&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight http"&gt;&lt;code&gt;&lt;span class="err"&gt;GET users/7
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The server transfers representation of this resource's state to the client.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;   Server State
        ⬇️
JSON Representation
        ⬇️
Transferred over HTTP
        ⬇️
      Client
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That's where the term &lt;strong&gt;Representational state transfer&lt;/strong&gt; comes from.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Main Idea behind REST:&lt;/strong&gt; It operates on stateless communication which means that each request from client contains all the necessary information and server does not store any session data between requests. This makes REST very scalable, reliable and easy to implement.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why REST matters?&lt;/strong&gt;&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Simplicity &amp;amp; Scalability:&lt;/strong&gt; Rest is build on standard HTTP protocols like GET, PUT, POST and DELETE making it easy to understand and implement. Because REST follow stateless architecture it scales efficiently, allowing multiple servers to handle requests without maintaining session data.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Interoperability:&lt;/strong&gt; REST APIs are platform independent which means they can be consumed by clients running on different devices, different Operating Systems and implemented in different programming languages. Whether its a mobile application or web application, REST can be used everywhere.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Efficiency:&lt;/strong&gt; By leveraging caching REST can introduce lower latency which contribute towards enhancing performance.&lt;br&gt;
&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="nx"&gt;app&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;get&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="sr"&gt;/product/&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="nx"&gt;id&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="k"&gt;async&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;req&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="nx"&gt;res&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="o"&gt;=&amp;gt;&lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="nx"&gt;product&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nx"&gt;productService&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;getProduct&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;req&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;params&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;id&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
  &lt;span class="nx"&gt;res&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;set&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;Cache-Control&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;public, max-age=300&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;  &lt;span class="c1"&gt;//this tells clients, browsers, CDNs, reverse proxies &amp;amp; API Gateways: You may cache this response for 300 seconds&lt;/span&gt;
  &lt;span class="nx"&gt;res&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;json&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;product&lt;/span&gt;&lt;span class="p"&gt;);&lt;/span&gt;
&lt;span class="p"&gt;})&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;REST's cachebility constraint is typically implemented by sending HTTP cache headers such as Cache-Control, ETag or expires. These headers allow clients to cache responses, reducing the latency and backend loads.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;RESTful API Design Principles&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Not every API using HTTP is RESTful, A RESTful API is an API that follows REST principles correctly. So, below are the design principles of a perfect REST API:&lt;/p&gt;

&lt;p&gt;1.&lt;strong&gt;Resource-Based URLs:&lt;/strong&gt; Resources should be nouns, not verbs.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;em&gt;❌BAD&lt;/em&gt;&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;GET /getUsers
POST /createUser
DELETE /deleteUser/101
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;&lt;em&gt;✅GOOD&lt;/em&gt;&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;GET /users
POST /users
DELETE /users/101
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;2.&lt;strong&gt;Use HTTP methods properly&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;GET    /users       -&amp;gt; Fetch users
POST   /users       -&amp;gt; Create user
PUT    /users/101   -&amp;gt; Replace user
PATCH  /users/101   -&amp;gt; Update user
DELETE /users/101   -&amp;gt; Delete user
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;3.&lt;strong&gt;Statelessness:&lt;/strong&gt; Every request should contain all information needed. Server should not remember previous requests.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight http"&gt;&lt;code&gt;&lt;span class="err"&gt;GET /orders
Authorization: Bearer JWT_TOKEN

//The JWT carries user identity. Server doesn't need session memory.
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;4.&lt;strong&gt;Client-Server Separation:&lt;/strong&gt; Frontend and backend are independent. Frontend can change without changing backend&lt;br&gt;
5.&lt;strong&gt;Cacheable Responses:&lt;/strong&gt; Frequently accessed data can be cached, which eventually reduces latency and improves performance.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Example of perfect RESTful User API&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;GET    /users
GET    /users/101
POST   /users
PUT    /users/101
PATCH  /users/101
DELETE /users/101
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This is considered RESTful because:&lt;/p&gt;

&lt;p&gt;✅ Resources are nouns&lt;br&gt;
✅ Correct HTTP methods used&lt;br&gt;
✅ Stateless&lt;br&gt;
✅ Consistent URL design&lt;/p&gt;

</description>
      <category>restapi</category>
      <category>restfulness</category>
      <category>api</category>
      <category>rest</category>
    </item>
  </channel>
</rss>
