Nodejs and ExpressJS are Server-side. Nodejs handle your code logic and execution like chrome would do client-side. And ExpressJS read every HTTP request sent to him and can send back information (HTTP basic response, a file, a stream, or an HTML page...).
But you can do all that Client-Side without really the needs of Nodejs and Express.
For example, you can configure a routing system with React, VueJS or vanilla Javascript, it work exactly like ExpressJS but Client-side. If you still need to communicate with a Database and perform some authentication or other stuff, you can create an API (with express js and Nodejs for example).
I personally prefer handling my routes server-side (the ExpressJS way), it's simpler to verify the permissions of your user like so. But it's good to know both way exist !
Just be careful about everything you send to your clients, Anyone can modify client-side code and grant themselve higher permissions or send false information, always have some back-end verification somewhere for sensible action or data access.
Nice to hear that !
Nodejs and ExpressJS are Server-side. Nodejs handle your code logic and execution like chrome would do client-side. And ExpressJS read every HTTP request sent to him and can send back information (HTTP basic response, a file, a stream, or an HTML page...).
But you can do all that Client-Side without really the needs of Nodejs and Express.
For example, you can configure a routing system with React, VueJS or vanilla Javascript, it work exactly like ExpressJS but Client-side. If you still need to communicate with a Database and perform some authentication or other stuff, you can create an API (with express js and Nodejs for example).
I personally prefer handling my routes server-side (the ExpressJS way), it's simpler to verify the permissions of your user like so. But it's good to know both way exist !
Just be careful about everything you send to your clients, Anyone can modify client-side code and grant themselve higher permissions or send false information, always have some back-end verification somewhere for sensible action or data access.
That's great, thanks for this! Many of the concepts I had an ok understanding of, but it's making more sense now.