Logo Dark

Python and Backend Engineering

Short, practical Python backend engineering interview questions to help you quickly prepare for coding rounds, system design, and real-world backend challenges.

Table of Content

    1. What is the difference between Flask, FastAPI, and Django?

    Answer (high quality):

    • Flask: Lightweight micro-framework, minimal features out of the box. Flexible, good for small/mid-size services.

    • FastAPI: Async-first, automatic validation via Pydantic, built-in OpenAPI docs. Best for high-performance modern APIs.

    • Django: Full-stack framework with ORM, admin panel, migrations. Best for large monolithic apps.

    When I choose which:

    • FastAPI → microservices, async workloads, performance

    • Flask → very custom lightweight services

    • Django → admin-heavy, full-stack applications

    2. What is GIL and how does it affect Python performance?

    The Global Interpreter Lock ensures only one thread runs Python bytecode at a time.
    Affects:

    • CPU-bound tasks → slower with threads

    • I/O-bound tasks → fine with threads

    Workarounds:

    • multiprocessing

    • using async

    • using non-Python extensions (NumPy, C)

    3. Explain how JWT authentication works end-to-end

    1. User logs in

    2. Server issues access token (short expiry) + optional refresh token

    3. Client stores token (in memory/local storage depending on app)

    4. For each API request → client sends token in Authorization: Bearer

    5. Server verifies signature → validates expiry → attaches user to request

    6. If expired → user uses refresh token to get a new one

    7. Tokens are stateless → no DB lookup needed for each request

    4. How would you design role-based access control (RBAC)?

    • Define roles: admin, user, manager, etc.

    • Define permissions for each role

    • Map user → role

    • Add middleware in Flask/FastAPI:

      • Decode JWT

      • Check role

      • Check if user has permission for requested route

    You can store permissions in:

    • Database

    • Config

    • Policy files

    5. What is idempotency? Why is it important in SaaS APIs?

    • Idempotent operation: executing it multiple times → same effect.

    • Example: PUT /users/1, DELETE /users/1

    Critical for:

    • Payment APIs

    • Retry logic

    • Webhooks

    6. How do you design a multi-tenant SaaS backend?

    3 models:

    1. Separate DB per tenant → highest isolation

    2. Shared DB, separate schema

    3. Shared schema, tenant_id column (most common)

    Also:

    • Data isolation

    • Rate limiting per tenant

    • Billing per tenant

    • Audit logs

    • Feature flags

    7. Explain async vs sync in FastAPI

    • Sync:

      • Requests handled with thread pool

      • Good for CPU-bound logic

    • Async:

      • Uses event loop

      • Excellent for I/O tasks

      • More scalable under heavy concurrent load

    8. How do you scale a Python API on AWS?

    • ECS/EKS/Fargate deployment

    • ALB / API Gateway

    • Auto scaling (CPU/RAM/queue length triggers)

    • Redis caching

    • CloudWatch metrics

    • RDS with read replicas

    • SQS workers for background jobs

    9. How do you optimize SQL queries?

    • Check missing indexes

    • Avoid SELECT *

    • Use EXPLAIN ANALYZE

    • Avoid N+1 queries

    • Optimize joins

    • Denormalize when necessary

    • Caching with Redis

    10. Design a logging + monitoring system for a SaaS product

    Components:

    • Structured logs (JSON)

    • Centralized log storage (CloudWatch / ELK)

    • Metrics (CPU, memory, RPS, errors)

    • APM (New Relic / Datadog)

    • Alerts on:

      • 5xx errors

      • Latency spikes

      • DB connections

      • Queue length

     

    3 Recent Posts

    Python and Backend Engineering How to Install and Use Pyenv for Python Version Management Most Used Git Commands: A Handy Guide for Developers