Shared educational content for common backend topics. Language-agnostic concepts with per-language code snippets where relevant.
- RESTful Conventions — REST principles, resource naming, HTTP methods, status codes
- Versioning — URL, header, and query param versioning trade-offs
- Pagination — Offset vs cursor pagination
- Error Responses — Consistent error format, RFC 7807
- Frontend Integration — SPA auth flow, BFF pattern, API client generation, real-time
- Auth Concepts — Authentication vs authorization, sessions, JWT
- OAuth Basics — OAuth 2.0 roles and flows
- Input Validation — SQL injection, XSS, CSRF, OWASP
- Security Best Practices — HTTPS, secrets, rate limiting, logging
- CORS and Security Headers — Same-origin policy, preflight, CSP, HSTS, X-Frame-Options
- Logging — Structured logging, log levels, centralized logging
- Monitoring — RED method, Prometheus, Grafana, alerting
- Configuration — 12-factor app config, env vars, feature flags
- Health Checks — Liveness vs readiness, graceful shutdown
- Rate Limiting — Token bucket, sliding window, implementation
- Caching — Cache-aside, write-through, TTL, invalidation, stampede
- Background Jobs — Worker pattern, scheduling, retry, idempotency
- Three Pillars — Metrics, logs, traces
- Distributed Tracing — Trace ID, span ID, OpenTelemetry
- Thread Pool — Pool sizing, rejection policies, tuning
- Reactive — Reactive manifesto, backpressure, event loop
- Actor Model — Actors, mailboxes, supervision, distributed systems
- Communication Patterns — Sync vs async, request-reply vs pub-sub
- Event-Driven — Event sourcing, CQRS, Kafka
- Saga Pattern — Distributed transactions, choreography vs orchestration
- Failure Modes — Cascading failures, bulkhead, chaos engineering
- Workflow Orchestration — Temporal, durable execution
- Message Reliability — Outbox pattern, idempotent consumers, DLQ, ordering
- Compute Models — VM vs container vs serverless
- Storage & Databases — Storage types, database selection
- Infrastructure as Code — Terraform concepts, why IaC
- Cloud Security — IAM, encryption, shared responsibility
- Well-Architected — 5 pillars, cost optimization
- CI/CD — Pipeline stages, artifact management, release strategies
- Kubernetes — Core concepts, when you need K8s
- Monitoring & Logging — Prometheus, Grafana, ELK/Loki
- What is AI — Pattern recognition at scale, realistic expectations
- Prompting — Thinking framework, not magic prompts
- AI Writing — Draft, review, edit workflow
- AI Research — AI-assisted research with fact-checking
- AI Decide — AI as brainstorming partner
- AI Learn — Learning anything with AI
- AI Toolkit — Evaluating AI tools
- AI Privacy — What data to never put into AI
- AI Mindset — AI augments judgment
- How the Internet Works — Request/response, no jargon
- Frontend vs Backend — Dining room vs kitchen
- What is an API — Waiter analogy
- Data Basics — Filing cabinet analogy
- Cybersecurity — What every business person should know
- AI for Business — Evaluating vendor claims
- Working with Tech Teams — Communication and requirements
- Tech Decisions — Build vs buy, trade-offs
- Workshop Projects — TODO