Flexiple Logo

Hire Software Developers: Affordable, Dedicated Software Experts in 72 hours

Hire Software developers to accelerate your digital transformation. Build dynamic web applications using JavaScript, React, and Node.js.

Access 100+ expert Software developers, engineers and architects from Flexiple, handpicked through a 5-hour evaluation process.

Clients rate Flexiple Software developers 4.8 / 5 on average based on 12,752 reviews.

  1. Hire Software Developers

Calpurino Ceaser

Worked at:

React

MongoDB

Get access to 103 vetted profiles

100+ fast-growing companies love Flexiple!

Team work makes dreamwork. Flexiple helps companies build the best possible team by scouting and identifying the best fit.

“I’ve been pleased with Purab’s performance and work ethics. He is proactive in flagging any issues and communicates well. The time zone difference is huge but he provides a sufficient overlap. He and I work together very well and I appreciate his expertise.”

Paul Cikatricis

UX and Conversion Optimization Lead

“Flexiple has exceeded our expectations with their focus on customer satisfaction! The freelancers are brilliant at what they do and have made an immense impact. Highly recommended :)”

Henning Grimm avatar

Henning Grimm

Founder, Aquaplot

“Overall Flexiple brought in high-level of transparency with extremely quick turnarounds in the hiring process at a significantly lower cost than any alternate options we had considered.”

Kislay Shashwat avatar

Kislay Shashwat

VP Finance, CREO

“Todd and I are impressed with the candidates you've gathered. Thank you for your work so far. Thanks for sticking within our budget and helping us to find strong talent. Have loved Flexiple so far — highly entrepreneurial and autonomous talent.”

William Ross avatar

William Ross

Co-Founder, Reckit

“The cooperation with Christos was excellent. I can only give positive feedback about him. Besides his general coding, the way of writing tests and preparing documentation has enriched our team very much. It is a great added value in every team.”

Moritz Gruber avatar

Moritz Gruber

CTO, Caisy.io

“Flexiple spent a good amount of time understanding our requirements, resulting in accurate recommendations and quick ramp up by developers. We also found them to be much more affordable than other alternatives for the same level of quality.”

Narayan Vyas avatar

Narayan Vyas

Director PM, Plivo Inc

“It's been great working with Flexiple for hiring talented, hardworking folks. We needed a suitable back-end developer and got to know Ankur through Flexiple. We are very happy with his commitment and skills and will be working with Flexiple going forward as well.”

Neil Shah avatar

Neil Shah

Chief of Staff, Prodigal Tech

“Flexiple has been instrumental in helping us grow fast. Their vetting process is top notch and they were able to connect us with quality talent quickly. The team put great emphasis on matching us with folks who were a great fit not only technically but also culturally.”

Tanu V avatar

Tanu V

Founder, Power Router

“Flexiple has exceeded our expectations with their focus on customer satisfaction! The freelancers are brilliant at what they do and have made an immense impact. Highly recommended :)”

Henning Grimm avatar

Henning Grimm

Founder, Aquaplot

“Overall Flexiple brought in high-level of transparency with extremely quick turnarounds in the hiring process at a significantly lower cost than any alternate options we had considered.”

Kislay Shashwat avatar

Kislay Shashwat

VP Finance, CREO

“Todd and I are impressed with the candidates you've gathered. Thank you for your work so far. Thanks for sticking within our budget and helping us to find strong talent. Have loved Flexiple so far — highly entrepreneurial and autonomous talent.”

William Ross avatar

William Ross

Co-Founder, Reckit

“The cooperation with Christos was excellent. I can only give positive feedback about him. Besides his general coding, the way of writing tests and preparing documentation has enriched our team very much. It is a great added value in every team.”

Moritz Gruber avatar

Moritz Gruber

CTO, Caisy.io

“Flexiple spent a good amount of time understanding our requirements, resulting in accurate recommendations and quick ramp up by developers. We also found them to be much more affordable than other alternatives for the same level of quality.”

Narayan Vyas avatar

Narayan Vyas

Director PM, Plivo Inc

“It's been great working with Flexiple for hiring talented, hardworking folks. We needed a suitable back-end developer and got to know Ankur through Flexiple. We are very happy with his commitment and skills and will be working with Flexiple going forward as well.”

Neil Shah avatar

Neil Shah

Chief of Staff, Prodigal Tech

“Flexiple has been instrumental in helping us grow fast. Their vetting process is top notch and they were able to connect us with quality talent quickly. The team put great emphasis on matching us with folks who were a great fit not only technically but also culturally.”

Tanu V avatar

Tanu V

Founder, Power Router

Clients

Plivo logoCertify OS logoApna Klub logoCockroach Labs logoStarbourne Labs logo

Frequently Asked Questions

View all FAQs

What is Flexiple's process?

Our process is fairly straightforward. We understand your requirements in detail and recommend freelancers per your specific needs. You can interview the freelancers we recommend though they are already vetted by us rigorously. Once you like someone and decide to work with them, we draw up a tripartite agreement. You work directly with the freelancer, just the invoicing is done by Flexiple.

Is there a project manager assigned to manage the resources?

Our core strength is with freelance developers and designers. Though we do have senior engineers who can work as tech leads, project managers are not part of our offering.

What is Flexiple's model?

We typically work on an hourly model of upwards of US$30 per hour. For full-time longer term engagements, we can also work on a monthly model of upwards of US$5000 per month.The rates vary depending on the skill sets, experience level and location of the freelancer.

What are the payment terms?

- In the hourly model, the invoice is raised weekly/ fortnightly and is payable within 3 days of receipt of invoice.
- In the monthly model, the invoice is raised monthly and is payable within 7 days of receipt of invoice.

Are there any extras charges?

The hourly/ monthly rate shared is all-inclusive. No additional charges other than taxes are applicable.

How does Flexiple match you with the right freelancer?

Based on your requirements, we look for suitable freelancers based on:
- Tech fit: Proficiency in the tech stack you need, Recent work on stack, Work in a similar role
- Culture fit: Worked in similar team structure, Understanding of your company's industry, product stage.

15+ skills that Software Developers at Flexiple are skilled at

Software developers at Flexiple are skilled at JavaScript, ReactJS among others.

Languages

PythonJavaScriptJavaRubyC#GoTypeScriptPHPRustKotlinSwiftDart

Libraries

Socket.IOVelocity.JSCanvasKendoReactReduxLodashPandasNumPyThree.jsD3.js

UI Libraries/Framework

Material kitReactAntDesignBlueprintSemantic UIOnsen UIRebassGrommetReact-bootstrapChakra-UIReactStrapPrime ReactReact FoundationVue MaterialVuetifyBulmaBootstrapTailwind CSS

Framework

WordPressDrupalSpringbootNext.jsGatsbyExpress.jsSOAPReact suiteMeteor jsDjangoFlaskRuby on RailsAngularVue.jsSvelte.NET CoreLaravelPhoenix (Elixir)

Testing

JestMochaKarmaChaiJasmineEnzymeProtractorJUnitRSpecSeleniumCypressPytest

Databases

MongoDBPostgreSQLMySQLSQLiteCassandraDynamoDBRedisElasticsearchMariaDBMS SQL ServerOracle

DevOps & Infrastructure

DockerKubernetesAnsibleJenkinsCircleCITravis CIGitLab CIAWSAzureGoogle Cloud PlatformHerokuTerraform

Version Control

GitGitHubBitbucketGitLabMercurialSVN

How to hire the best Software Developers?

Software Development is the creation of software or applications using computer technologies. It involves the processes of designing, programming, testing and debugging the software. It is a collection of instructions that tells the computer what to do.

If you’re looking to hire software developers, this guide will come in handy. We’ve included everything you need to know about hiring a freelance software developer.

Let's introduce Software Development to you

  • The world's first piece of software was developed by computer scientist Tom Kilburn in 1948 at the University of Manchester in England. It was programmed to perform mathematical calculations using machine code instructions.
  • Fortran, one of the very first higher-level programming languages, was originally published in 1957 for scientific and engineering calculations.
  • The development of applications in today's industry uses the Software Development Life Cycle process to design, develop, test and maintain software.
  • Old programing languages like C,C++ are still in use and younger programming languages like Java, Python have been used to make number applications worldwide.

Why is Software Development widespread?

  • Over the years software development has become important for a company to grow its business and reach a wider customer base.
  • With technological advancement, software applications have enhanced human lives in many fields. For instance software as a service is in demand - companies can host their applications over the internet without needing users to download an app. Big companies such as Netflix , Slack and Spotify all work on the software as a service model.

What are the tools used by Software developers?

The following are some of the tools used by Software developers at various stages of development:

1. Atom

It is an open-source all-around text editor which comes with an autocomplete attribute that makes writing code easier and quicker for any developer.

2. GitHub

GitHub is the most widely used software development platform. It is a web-based Git repository that acts as a Google Drive where developers review code, manage projects and build software.

3. Buddy

Buddy is a web-based software development tool to deploy, test, and develop applications. It integrates with WordPress, Google, and AWS, among other platforms.

4. Jira

It is a project management tool that allows developers to plan, track and release the software. It helps developers to encompass all phases of the software deployment.

5. Apache NetBeans

It is a free open-source IDE written in Java that helps developers to develop world-class desktop, mobile, and web applications. It is a cross-platform that works on Windows, macOS, Linux, etc.

Writing the job description to hire software developers

Below are some key points that we at Flexiple have learned through trial and error - a process of filtering through over 15,000 developers. You can use these in your process to hire software developers.

  • Years of software development experience: Be specific about the technology you’re looking for and the number of years of experience needed. A proxy to years of experience can be the number of production-level apps worked on.
  • Type of products built in the past: Based on the type of product you are trying to build - social network, SAAS product, etc. - you can prioritize certain developers over others.
  • Exposure to specific industries: Developers who have built products in certain industries will already know key aspects of laying the foundation for a great product and will be able to predict possible problems.
  • Experience working remotely: A developer with past remote work experience is an added advantage as they would have first-hand experience of everything - right from how contracts work to streamlined communication, as well as timelines and deliverables.
  • Strong communication: An essential thing to look at when hiring a freelancer is excellent communication skills. Since all the interaction happens online, a freelancer should be able to effectively communicate to ensure a streamlined execution of all work.

You can check out a more detailed job description for software architects here.

Interview Questions to hire software developers

Now that you have made a quality JD, it can still be tricky to evaluate the skills of your applicants when you hire software developers. To help you with that, we have created a pool of questions that a good software developer should be comfortable with. You can check out some interview questions related to software here.

It is important to note that the ability to answer these questions doesn't imply that you have a top quality candidate. But it definitely is a big step in that direction.

To help you navigate through these questions, we’ve categorized the interview questions in 3 parts:

A. Basic concepts: Includes all basic concepts used across languages.This will give you an understanding of how strong their programming foundation is.

B. Advanced concepts: Includes all concepts that someone with higher expertise should know.

C. DS/Algorithm questions: To test the logical capability of the candidate.

A. Basic concepts

While installing npm modules what is the -g and –save-dev flag for?

npm stands for “node package manager”. It is one of the most popular package managers with more than 11 million developers using it worldwide. It is an online repository of Javascript packages and it is also a command-line interface to work with these packages.

-g Flag>

While installing npm modules using “npm install”, some of them are installed with a “-g” flag. This stands for global. Generally, an npm module is saved in your local project folder or repository, but in certain cases when we want to save it globally the “-g” flag is used.

One such case is when the module offers some command-line tools. Saving it globally saves its binaries in the path environment variable of the system. This enables you to use the module in your command line.

Example: Installing the package “Nodemon”. Nodemon is a package popularly used while developing Node.js applications, which helps in creating a live server. Traditionally when a node application is running and we want to incorporate changes in the app, we save the changes, stop the app from running and then re-run it. This becomes quite a tedious process especially during the initial phases of rapid development. Nodemon runs a live server which automatically listens for changes and when any change is saved it restarts the application.

If we were to run “npm install nodemon” and then try to run “nodemon node app.js”, we get the following error.

nodemon : The term 'nodemon' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the 
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ nodemon node app.js
+ ~~~~~~~
    + CategoryInfo          : ObjectNotFound: (nodemon:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

So, if we instead run “npm install nodemon -g”, and then try to run “nodemon node app.js”

[nodemon] 2.0.5
[nodemon] to restart at any time, enter `rs`
[nodemon] watching path(s): *.*
[nodemon] watching extensions: js,mjs,json
[nodemon] starting `node node app.js`
server is up
[nodemon] clean exit - waiting for changes before restart

This will start the live server for app.js file.

--save-dev Flag>

By default, npm packages which are installed are saved in node_modules as project dependencies. When someone is trying to clone or recreate your project, they would have to download your project’s dependencies. To do this “npm install” is run and all the dependencies which are listed in the package.json are installed.

But not all packages are required for the functioning of the project. Many packages such as those which help with testing aren’t required for its functioning. In such cases, we use –save-dev flag while installing these packages, as this flag adds the package to the project’s development dependencies. So, when someone runs “npm install” to download all the dependencies, the development dependencies don’t get installed.

Example: Installing the “Jest” package. Jest is a Javascript testing framework developed by Facebook, it works with Babel, Typescript, Vue, React, Node and Angular. It helps in creating test suites and automated test cases, which help in product development.

If I were to run “npm install jest”, then package.json would look like this:

"dependencies": {
    "jest": "^26.5.3"
  },
  "devDependencies": {}

If we were to run it with the --save-dev flag, like this “npm install jest --save-dev”, then package.json would look like this:

"dependencies": {},
  "devDependencies": {
    "jest": "^26.5.3"
  }

What is the popular open standard file format (like XML) used with javascript and node.js? And what are the popular commands to convert string to that and vice versa?

It is JSON which stands for Javascript Object Notation. It is a lightweight data interchange format. It is easy for humans to read. Even though it has Javascript in its full form, it is language independent.

It’s built on 2 structures:

  • Collection of key-value pairs. This is called an object, dictionary, hashmap, associative array, in different languages
  • Ordered list of values, This is called an array, list, vector, in different languages

These are universal data structures which is important for a file format which is language independent.

Example of JSON:

{
  "flexiple": {
      "top": "1%",
      "location": "remote"
  },
  "blog": {
    "topic": "engineering",
    "title": "What are stable coins and how do they work?"
  }
}

This in XML would look like this:

<?xml version="1.0" encoding="UTF-8"?>
<root>
   <blog>
      <title>What are stable coins and how do they work?</title>
      <topic>engineering</topic>
   </blog>
   <flexiple>
      <location>"remote"</location>
      <top>1%</top>
   </flexiple>
</root>

Valid JSON>

Few of the rules to remember while handling JSON are that:

  • Empty objects and arrays are okay
  • Strings can contain any unicode character, this includes object properties
  • null is a valid JSON value on its own
  • All object properties should always be double quoted
  • Object property values must be one of the following: String, Number, Boolean, Object, Array, null
  • Number values must be in decimal format, no octal or hex representations
  • Trailing commas on arrays are not allowed

These are all examples of valid JSON: -

{"name":"John Doe","age":32,"title":"Vice President of JavaScript"}

["one", "two", "three"]

// nesting valid values is okay
{"names": ["John Doe", "Jane Doe"] }

[ { "name": "John Doe"}, {"name": "Jane Doe"} ]

{} // empty hash

[] // empty list

null

{ "key": "\uFDD0" } // unicode escape codes

These are all examples of bad JSON formatting:-

{ name: "John Doe", 'age': 32 } // name and age should be in double quotes

[32, 64, 128, 0xFFF] // hex numbers are not allowed

{ "name": "John Doe", "age": undefined } // undefined is an invalid value

// functions and dates are not allowed
{ "name": "John Doe",
  "birthday": new Date('Fri, 26 Jan 2019 07:13:10 GMT'),
  "getName": function() {
      return this.name;
  }
}

Javascript provides 2 methods to encode data structures to JSON and to convert JSON to objects or arrays. These methods are JSON.stringify() and JSON.parse().

JSON.stringify()>

It takes a Javascript object or array as input and returns a serialised string form of it.

const obj = {
    name: "Flexiple",
    city: "Bengaluru"
}

const jsonStr = JSON.stringify(obj)
console.log(jsonStr)
// output is {"name":"Flexiple","city":"Bengaluru"}

JSON.stringify() can take 3 arguments in total, the first one being the data structure. The second argument, called the replacer parameter, can either be a function or an array. It is used to manipulate the properties (keys and values) in JSON.

let cost = {
    candy: 5,
    bread: 20,
    cheese: 100,
    milk: 15
}

let func = (key, value) => {
    if (value < 15) {
        return undefined
    }
    return value
}

let arr = ['candy', 'bread']

let jsonStrWithFunc = JSON.stringify(cost, func)
console.log(jsonStrWithFunc)
// Output is {"bread":20,"cheese":100,"milk":15}

let jsonStrWithArr = JSON.stringify(cost, arr)
console.log(jsonStrWithArr)
// Output is {"candy":5,"bread":20}

The third argument, called the space parameter, takes in either a number or a string. It is used to control the spacing of the final string by deciding the size of indentation.

let cost = {
    candy: 5,
    bread: 20,
    cheese: 100,
    milk: 15
}

let jsonStrWithNum = JSON.stringify(cost, null, 2)
console.log(jsonStrWithNum)
// Output is 
// {
//   "candy": 5,
//   "bread": 20,
//   "cheese": 100,
//   "milk": 15
// }

let jsonStrWithStr = JSON.stringify(cost, null, 'xx')
console.log(jsonStrWithStr)
// Output is 
// {
//     xx"candy": 5,
//     xx"bread": 20,
//     xx"cheese": 100,
//     xx"milk": 15
// }

JSON.stringify() is also popularly used for debugging, as trying to see a JSON object using console.log() isn’t always successful

const obj = {
    "nest1": {
        "ex": "ex",
        "nest2": {
            "nest3": {
                "ex": "ex",
            }
        }
    }
}
  
console.log(obj)
// Output is { nest1: { ex: 'ex', nest2: { nest3: [Object] } } }

As we can see that after a certain level of nesting the log just displays ‘[Object]’. Therefore, JSON.stringify() can be used to make debugging easier.

const obj = {
    "nest1": {
        "ex": "ex",
        "nest2": {
            "nest3": {
                "ex": "ex",
            }
        }
    }
}
  
console.log(JSON.stringify(obj,null,2))
// Output is 
// {
//     "nest1": {
//       "ex": "ex",
//       "nest2": {
//         "nest3": {
//           "ex": "ex"
//         }
//       }
//     }
// }

JSON.parse()>

It takes a JSON string and converts it into its respective data structure

 const jsonStr = '{"name":"Flexiple","city":"Bengaluru"}'
const obj = JSON.parse(jsonStr)

console.log(obj)
// output is { name: 'Flexiple', city: 'Bengaluru' }

Calling JSON.parse() on invalid JSON string will throw a SyntaxError.

Cloning Objects in Javascript>

These 2 functions of JSON can be used together to clone javascript objects.

const obj = {
    "prop1": {
        "ex": "ex",
        "prop2": {
            "ex": "ex"
        }
    }
}

const objCopy = JSON.parse(JSON.stringify(obj))
  
console.log(objCopy)
// Output is { prop1: { ex: 'ex', prop2: { ex: 'ex' } } }

But this is not recommended, because of multiple reasons:

  • It is slower than alternatives
  • This works properly only for valid JSON, but not all javascript objects fall in that category

A better alternative for deep cloning objects would be to either use an npm library called ‘lodash’ or write a custom recursive function to do the same. The spread operator can be used for shallow cloning of objects.

B. Advanced concepts

What is a lint? Have you ever worked with one before, if yes which one?

Linting is the automatic checking of source code for programmatic and stylistic errors. Programmatic errors are the errors such as compilation and run time errors. Each company decides to write their code in a certain style and format, this is done for easy maintenance and to provide further structure to the code.

Stylistic errors are those which might compile without an issue but it does not meet the standards set by the company. Apart from stylistic checks, it is able to identify certain types of bugs like those related to variable scope, undeclared variables, global variables and so on.

Linting is done using a lint tool or linter, which is basically a static code analyzer. It is important as it reduces errors and increases the standard of the code. It can greatly benefit early stages of development and can save time during code reviews and code maintenance.

ESLint>

ESLint is one the most popular lints available for Javascript. Let us go into the basics of using ESLint. This is going to the most basic version of ESLint, remember you can install it with different code style plugins as per your choice.

  • After setting up your project (that is running ‘npm init’), run ‘npm install eslint --save-dev’.
  • After that we run ‘npx eslint --init’ this is used to generate the ‘.eslintrc.json’ file which is the config file for eslint.
  • When we are generating a the config file, it asks a bunch of questions to generate it, these are what I’ve chosen:
√ How would you like to use ESLint? · style
√ What type of modules does your project use? · commonjs
√ Which framework does your project use? · none
√ Does your project use TypeScript? · No / Yes
√ Where does your code run? · node
√ How would you like to define a style for your project? · guide
√ Which style guide do you want to follow? · standard
√ What format do you want your config file to be in? · JSON 

  • It might have some peer dependencies that it wants you to install - install them too.
  • Now we come to using the linter. We run ‘npx eslint app.js’ (here app.js is the source js file).

My app.js file looks like this:

const obj = {
    "prop1": {
        "ex": "ex",
        "prop2": {
            "ex": "ex"
        }
    }
}

const objCopy = JSON.parse(JSON.stringify(obj))
  
console.log(objCopy)

And the output after running ‘npx eslint app.js’ is:

2:1   error  Expected indentation of 2 spaces but found 4   indent
   2:5   error  Strings must use singlequote                   quotes
   2:5   error  Unnecessarily quoted property 'prop1' found    quote-props
   3:1   error  Expected indentation of 4 spaces but found 8   indent
   3:9   error  Unnecessarily quoted property 'ex' found       quote-props
   3:9   error  Strings must use singlequote                   quotes
   3:15  error  Strings must use singlequote                   quotes
   4:1   error  Expected indentation of 4 spaces but found 8   indent
   4:9   error  Strings must use singlequote                   quotes
   4:9   error  Unnecessarily quoted property 'prop2' found    quote-props
   5:1   error  Expected indentation of 6 spaces but found 12  indent
   5:13  error  Strings must use singlequote                   quotes
   5:13  error  Unnecessarily quoted property 'ex' found       quote-props
   5:19  error  Strings must use singlequote                   quotes
   6:1   error  Expected indentation of 4 spaces but found 8   indent
   7:1   error  Expected indentation of 2 spaces but found 4   indent
  11:1   error  Trailing spaces not allowed                    no-trailing-spaces
  12:21  error  Newline required at end of file but not found  eol-last

✖ 18 problems (18 errors, 0 warnings)
  18 errors and 0 warnings potentially fixable with the `--fix` option.

Some of the errors can be fixed using the ‘--fix’ flag, so run ‘npx eslint app.js --fix’. This is how my app.js changed after that:

const obj = {
  prop1: {
    ex: 'ex',
    prop2: {
      ex: 'ex'
    }
  }
}

const objCopy = JSON.parse(JSON.stringify(obj))

console.log(objCopy)

Now it does not show any errors on running ‘npx eslint app.js’.

Similarly ESLint can be used to either check syntax, fix bugs, enforce code style and it has a lot of different options to choose from. It supports plugins and allows custom rules also. Apart from ESLint, some of the other popular lints for Javascript are JSLint and JSHint.

What is CORS?

CORS stands for Cross Origin Resource Sharing. It is a mechanism that uses additional HTTP headers instructing the browser to allow applications on one origin to accept resources from another origin. A different origin means either different domain, protocol or port.

This is required because browsers, as a security measure, do not allow cross origin HTTP requests initiated from scripts. This is the case with XMLHttpRequest (mostly used method for resource requests) and Fetch API. By default, they allow only same-origin requests.

For example, let’s assume that the front end is hosted on https://a-domain.com and the backend on https://b-domain.com. In such a case, if the front end makes a GET request to https://b-domain.com/posts, it will receive the following error in the console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://b-domain.com 

To prevent this CORS is utilised. Basically, additional headers need to be provided - this is the Access-Control-Allow-Origin header. This can take 2 forms of values:

  • Access-Control-Allow-Origin : [origin]
    An example of this would be ‘Access-Control-Allow-Origin: https://a-domain.com. This allows requests only from the specified origin to be able to access resources provided.
  • Access-Control-Allow-Origin : *
    Using the wildcard character (*) means that any site can access the resources provided by your application.

As standard practice, if cross origin requests are being made it is recommended to not use the wildcard character, and instead mention the origin. If the front end is not rendered by the server itself then CORS needs to be used for the client to be able to interact with the server.

In Node.js, you can either directly write the headers for each request or there exists npm packages which plug into frameworks like Express.js. One such example is the ‘cors’ npm package. It is very simple to use:

// declaring app to use express framework
let app = express()
 
// this is using wildcard character
app.use(cors()) 

// this is specifying origin
app.use(cors({
  origin: 'https://a-domain.com' 
}))

// this is specifying cors for specific route
app.get('/', cors(), (req, res) => {
    
});

In this way CORS can easily be incorporated into your backend server.

What are the vulnerabilities of using cookies? What about the usage of local storage?

Cookies and local storage are primarily used for session management in web application development. What this means is that once the user is authenticated, there needs to be a way for the application to remember the user for a period of time without asking the user to login again.

In an architecture design it is standard to keep the server stateless, but this would mean that the user information cannot be stored on the server. Therefore, the decision was taken to store it on the client. This was originally done using cookies. Cookies are basically a storage facility with the browser, which the client side javascript or the server (using headers) can interact with.

Each item stored in cookies is called a cookie, and each cookie has an expiration time which can be manually set too. The cookie persists in the browser for that duration and is not removed by page refreshes or window being shut. When a client interacts with a server using HTTP requests, then the cookies are also sent along in headers.

The data which is stored in a cookie is generally a token such as a JSON Web Token (JWT). JWT consists of a payload which is used to fetch information about the user. JWT tokens are signed on the server using a secret key. The routes allow only authorized users to check whether the token is present in the cookies. This is the outline of the architecture followed for session management.

Difference between Cookie and Local Storage >

Primarily both function in similar ways - i.e. both involve persistent storage in the browser. The differences come in slight nuances of their functioning:

  • Local storage does not have the concept of expiration time. So, the developer dealing with it needs to handle the expiration of tokens stored in it. Whereas, the expiration time for cookies can be set while storing the cookie and the browser handles the rest.
  • Local storage is not sent with every HTTP request, like a cookie is sent. This reduces load on especially those HTTP requests which are public and do not require to use the token stored.
  • The server can directly interact with cookies, whereas only the client side script can interact with local storage.
  • Local storage has a much larger storage capacity of 5mb compared to 4kb of cookie. This is primarily because cookies are meant to be read by the server, whereas local storage is meant for the client side to be able to persistently store data.

Vulnerabilities>

Local storage

Local storage is accessible only by client-side javascript code. This makes it particularly vulnerable to XSS attacks. XSS (Cross-Site Scripting) attacks are a type of injections in which malicious scripts are injected into otherwise trusted websites due to a vulnerability.

This script then executes on the client’s browser and can access the local storage quite easily. XSS attacks are mainly used to steal cookies, session tokens and other information. After obtaining session tokens they can access protected routes using it. Therefore, storing authentication tokens on local storage is very risky.

Cookies

Cookies function similarly as they can also be accessed by client-side javascript code. They are also vulnerable to XSS attacks, but there can be a further layer of protection added to prevent this.

If the ‘httpOnly’ flag is marked as true while setting cookies then client side javascript cannot access that cookie. This allows only the server side code to interact with it. So this protects it from XSS attacks. However, due to its property of sending a cookie on every request, it gets vulnerable to CSRF/XSRF attacks.

CSRF/XSRF (Cross-Site Request Forgery) attacks are when malicious web apps can influence the interaction between a client browser and a web server that trusts the browser. Therefore, further measures need to be taken like using CSRF tokens and proper use of the Same-Site cookie attribute.

C. Data Structure/ Algorithm

1. Write a program to find whether a string or number is palindrome or not.

import java.util.Scanner;
public class Palindrome {
    public static void main (String[] args) {
        String original, reverse = "";
 Scanner in = new Scanner(System.in);
       int length;
        System.out.println("Enter a number or a string");
        original = in.nextLine();
        length = original.length();
        for (int i =length -1; i>;=0; i--) {
            reverse = reverse + original.charAt(i);
        }
        System.out.println("The reverse is: " +reverse);

        if(original.equals(reverse))
            System.out.println("The string is a palindrome");
        else
            System.out.println("The stringis not a palindrome");

    }
}

2. Given a string containing just the characters '(', ')', '{', '}', '[' and ']', determine if the input string is valid. An input string is valid if: Open brackets must be closed by the same type of brackets. Open brackets must be closed in the correct order. Note that an empty string is also considered valid.

class ValidParenthesesF {
    func isValid(_ s: String) -> Bool {
        var stg = [Character]()

        for char in s {
            if char == "(" || char == "[" || char == "{" {
                stg.append(char)
            } else if char == ")" {
                guard stg.count != 0 && stg.removeLast() == "(" else {
                    return false
                }
            } else if char == "]" {
                guard stg.count != 0 && stg.removeLast() == "[" else {
                    return false
                }
            } else if char == "}" {
                guard stg.count != 0 && stg.removeLast() == "{" else {
                    return false
                }
            }
        }
        return stg.isEmpty
    }
}
The above code will input 0(false). 

3. What will the output of the following code be?

var i = 10;
var f = 5;
var g = 3;
if (i / f / g)
     document.write("hi");
else
    document.write("hello");
a) hi
b) hello
c) error
d) no output
The answer is A because the floating-point division returns a non zero value = 0.66 which evaluates
to true and outputs ‘hi’.

Hire software developers - parting thoughts

As discussed, it isn't easy to find a quality freelance software developer but this guide makes the process easier for you. To offload the entire hiring process, reach out to us at Flexiple. We've designed a high-quality screening process to find dream developers. You can find the best freelance software developers here. We've already served over a hundred clients, earning great reviews for the quality of service.

Lastly, to quickly summarize the process of hiring a freelance software developer for you:

  • Note your project requirements and hire accordingly. Do not go for the lowest or the highest-paid developer.
  • Don’t hire without vetting- consider asking questions right from the basics to advanced to logical questions.
  • Look for companies like Flexiple that help you find the perfect fit.

That is everything you need to know when you want to hire software developers. Happy hiring! :)

Browse Flexiple's talent pool

Explore our network of top tech talent. Find the perfect match for your dream team.