Full Interview Preparation Guide

TypeScript adds static typing — catches type errors at compile time, not runtime. Key features in practice: interface/type for API response shapes, generics for reusable components/services, enums for constants, strict mode to catch nullability bugs, and typed Axios service layers.

At Mahjoz: typed 75+ API integrations with Axios — catching shape mismatches at compile time saved hours of debugging. Pinia stores typed with generic state shapes.

interface: extendable, declarative merging (two declarations merge), best for object shapes.
type: can represent unions, tuples, primitives — more flexible.

// Interface (preferred for API shapes)
interface User { id: number; name: string; }
interface Admin extends User { role: 'admin'; }

// Generic utility
type ApiResponse<T> = { data: T; error: string | null; meta: { page: number } };
const res: ApiResponse<User[]> = await fetchUsers();

Composition API groups logic by feature instead of by option type (data/methods/computed). Advantages: better TypeScript support, logic reuse via composables (vs mixins), co-locate related code, smaller bundle with tree-shaking.

At Mahjoz: 56 Pinia stores + complex booking state would be unmaintainable with Options API. Composition API + <script setup> + typed Pinia made each module self-contained.

At Mahjoz (Arabic/English): set dir="rtl"/"ltr" on <html> based on active locale. CSS logical properties (margin-inline-start instead of margin-left) for layout that flips automatically. i18n with vue-i18n — all strings in ar.json/en.json. RTL-aware Tailwind classes where needed. Tested by switching locale in dev and checking all 43 modules for layout breaks.

useState: local component state.
useEffect: side effects (data fetching, subscriptions, DOM manipulation). Cleanup function prevents memory leaks.
useCallback: memoize functions to prevent child re-renders.
useMemo: memoize expensive computations.
useRef: persist values without re-rendering, access DOM nodes.
useContext: consume context without prop drilling.

Rule: don't over-memoize — useCallback/useMemo have overhead too. Profile first.

56 Pinia stores — one per feature domain (bookings, orders, notifications, auth, etc.). Each store: state typed with TypeScript interfaces, actions for async operations (API calls), getters for derived state.

Key patterns: normalized state (IDs as keys, not arrays) for O(1) lookup, optimistic updates for UI responsiveness, WebSocket events dispatched directly to relevant store actions. Stores composed (a booking store could import from a user store) — Pinia allows this cleanly unlike Vuex.

React Query handles the full async data lifecycle: caching, background refetching, loading/error states, pagination, optimistic updates, and deduplication of concurrent requests.

Manual fetch: fine for fire-and-forget mutations or one-off calls. React Query: any server state you display — it eliminates 80% of useEffect(fetch) boilerplate and makes stale-while-revalidate trivial.

Rule: if you're storing API response in useState, you probably want React Query.

Diagnose first: Chrome DevTools Performance tab, Lighthouse audit, Network tab for bundle sizes.

Common fixes: code splitting (lazy-load routes/components), image optimization (WebP, lazy loading, proper dimensions), virtual scrolling for long lists, memoization for expensive renders, reduce re-renders (track with React DevTools), move large dependencies to CDN, eliminate unused CSS.

Code splitting: split the JS bundle so users only download what they need. In Vue: defineAsyncComponent(() => import('./Heavy.vue')). In React: React.lazy() + Suspense.

PR purpose: code review, CI/CD gates, discussion, documentation, audit trail. Good PR: small focused change, clear description, link to issue, tests included, self-review before requesting.

Git workflow (feature branch): main is always deployable → create feature/my-feature → commit with conventional commits (feat:, fix:, chore:) → open PR → review + fix → squash merge → delete branch. At Mahjoz: 43 modules meant branch naming convention was critical to avoid confusion.

Use Mahjoz: "The booking module had real-time state — WebSocket updates, optimistic mutations, and 8+ filter states that all had to stay in sync. I designed a Pinia store with normalized state (IDs as keys), WebSocket listeners that dispatched directly to store actions, and optimistic updates that rolled back on API error. It went from a confusing tangled component to a predictable, testable data flow."

AI features: integrating LLM APIs (OpenAI, Anthropic) for text processing, building endpoints that stream AI responses to the frontend, structuring prompts for consistent structured outputs, and logging/monitoring AI calls with correlation IDs.

FastAPI vs Django: "FastAPI for new APIs — async, fast, auto-docs. Django when a project needs admin panel or inherits existing Django ORM. On Roof I chose FastAPI because of the async requirements and AI API integrations."

Box Model (inside out): content → padding → border → margin. box-sizing: border-box includes padding + border in width/height (what you usually want).

Flexbox: 1D layout. Container: display: flex, flex-direction, justify-content (main axis), align-items (cross axis), gap. Children: flex: 1 (grow), align-self. For 2D use CSS Grid.

/* Flexbox */
.parent { display: flex; justify-content: center; align-items: center; }
/* Grid */
.parent { display: grid; place-items: center; }
/* Absolute */
.child { position: absolute; top: 50%; left: 50%; transform: translate(-50%,-50%); }

block: full width, new line, all box model properties work.
inline: content-width, no new line, ignores width/height/vertical margin.
inline-block: flows inline, but respects all box model properties — good for buttons, badges.

var: function-scoped, hoisted as undefined, can re-declare. Avoid.
let: block-scoped, can reassign, temporal dead zone.
const: block-scoped, must initialize, cannot reassign. Default choice.

== coerces types: 0 == "0" → true. === strict, no coercion: 0 === "0" → false. Always use ===.

Honest answer: for new projects you wouldn't. But it exists in legacy codebases (WordPress, enterprise). At Vodafone/Advansys: likely maintaining jQuery-heavy existing systems.

Core patterns:

$('#id')  // select by id
$('.cls').toggleClass('active');
$('#btn').on('click', fn);
$.ajax({ url: '/api', method: 'GET', success: cb });
$(document).on('click', '.dynamic-item', fn); // delegation

$(document).ready() = DOM parsed, images may not be loaded. window.onload = everything loaded including images.

Responsive: mobile-first CSS (min-width media queries), fluid layouts (%, fr), clamp() for fluid typography, responsive images (srcset, picture), touch targets min 44×44px, real device testing.

Figma to code: extract design tokens first (colors, spacing, typography) as CSS variables. Build bottom-up (atoms → components). Use Dev Mode for exact values. Clarify hover/focus/error states early — they're often missing from Figma.

WCAG 2.1 AA is the common target: color contrast 4.5:1 (normal text), keyboard navigation throughout, visible focus indicators, semantic HTML, ARIA labels where HTML isn't enough, aria-live for dynamic content, alt text on images, <label> for every input, form errors via aria-describedby.

Test with: axe browser extension, keyboard-only navigation, VoiceOver/NVDA screen reader.

Why Vodafone/Advansys: scale (millions of users — UI decisions have real impact), the challenge of modernizing legacy UIs without disrupting existing users, national-scale product impact.

Tight deadline: scope down intelligently, not just work faster. Communicate risks early. Ship something working then iterate.

Group disagreement: reframe from opinions to criteria — "Does this meet the user's needs?" Bring data (analytics, usability tests). Propose A/B testing when genuinely uncertain.

A/B testing: show two versions to different user segments, measure on defined metric (conversion, click-through). Process: hypothesis → success metric → split traffic → statistical significance → implement winner. Test one variable at a time.

Microinteractions: small moments of feedback — button press, loading spinner, toggle switch, form validation. 4 parts (Saffer): trigger → rules → feedback → loops/modes. Done well: invisible but missed when absent.

Design critique: separate work from self. Listen fully. Ask "why" before responding. Distinguish taste (push back with rationale) from usability issues (act on them).

Prioritization: impact vs effort matrix. Prioritize flows blocking core tasks. Use data: where do users drop off?

User-centered: research first (interviews, analytics, heatmaps), test prototypes with 5 real users (catches 85% of issues — Nielsen), iterate on findings not opinions. In constrained environments: guerrilla testing, support ticket analysis.

Material Design (Google): elevation/shadows, bold colors, cross-platform. HIG (Apple): feels native to iOS/macOS, translucency, system fonts, strong navigation patterns. Follow HIG for iOS apps.

Cognitive psychology: working memory limits (7±2 chunks) → progressive disclosure. Mental models → match UI to real-world metaphors. Gestalt (proximity, similarity, closure) → how users group elements.

Information Architecture: how content is organized so users can find it. Methods: card sorting, tree testing, user flows, sitemaps. Good IA is invisible.

Progressive disclosure: show only what's needed at each step, reveal complexity gradually. Reduces cognitive overload for new users, allows experts to go deeper. Examples: Gmail's "More options", iOS Settings advanced section.

Novice + expert: simple default path + discoverable power features. Keyboard shortcuts + tooltips, "simple mode" toggle, defaults that work for 80% + customization for the rest.

Conflicting stakeholders: bring evidence over opinions. Map feedback to business goals. Use rapid prototyping + testing to resolve "we don't know" disagreements. Document decisions to prevent them resurfacing.

.loc: label-based — select by index label or column name. df.loc[2, 'name'] = row with label 2.
.iloc: integer position-based. df.iloc[2, 0] = always 3rd row, 1st column.

Common gotcha: if index is 0,1,2... they look the same. After filtering/resetting, indices may not match positions — that's when the distinction matters.

from collections import Counter
from nltk.corpus import stopwords
import nltk; nltk.download('stopwords')

stop_words = set(stopwords.words('english'))
all_words = ' '.join(df['text']).lower().split()
filtered = [w for w in all_words if w.isalpha() and w not in stop_words]
top_3 = Counter(filtered).most_common(3)

For scale (1M+ rows): use CountVectorizer from sklearn or process in chunks. Add lemmatization for cleaner results.

TF-IDF = Term Frequency × Inverse Document Frequency. TF: how often a word appears in a doc. IDF: penalizes words appearing in many docs. Result: words important to one doc but rare across all docs score highest.

Naive Bayes: generative, assumes feature independence. Fast, works well with small data and high-dimensional sparse features.
Logistic Regression: discriminative, better accuracy with more data, handles correlated features, more interpretable.

Practice: NB is a great baseline; LR usually wins with sufficient data.

Three main approaches in DRF:

1. Function-Based View (FBV) — use @api_view decorator:

@api_view(['GET', 'POST'])
def book_list(request):
    if request.method == 'GET':
        books = Book.objects.all()
        return Response(BookSerializer(books, many=True).data)

2. Class-Based View (CBV) — extend APIView:

class BookList(APIView):
    def get(self, request):
        books = Book.objects.all()
        return Response(BookSerializer(books, many=True).data)

3. ModelViewSet + Router — auto-generates all CRUD URLs:

class BookViewSet(ModelViewSet):
    queryset = Book.objects.all()
    serializer_class = BookSerializer

router = DefaultRouter()
router.register('books', BookViewSet)
urlpatterns += router.urls

Function-Based View (FBV): a plain function decorated with @api_view. You handle each HTTP method with if/else. Simple to read, easy to debug, good for custom logic.

Class-Based View (CBV): a class where each method name matches the HTTP verb (get, post, put, delete). Less if/else, more organized for standard CRUD. DRF generic views (ListCreateAPIView, RetrieveUpdateDestroyAPIView) let you write almost no code:

class BookDetail(RetrieveUpdateDestroyAPIView):
    queryset = Book.objects.all()
    serializer_class = BookSerializer

Rule: FBV for custom logic. CBV for standard CRUD — less repetition.

Query parameter: appended to the URL after ?. Visible in the URL, can be bookmarked, used for filtering or pagination on GET requests.

GET /books/?genre=fiction&page=2
request.query_params.get('genre')  # access in DRF

Request body (form data / JSON): sent inside the HTTP request body, not visible in the URL. Used when creating or updating a resource (POST, PUT, PATCH).

POST /books/
Body: {"title": "1984", "author_id": 5}
request.data.get('title')  # access in DRF

When to prefer the body: any time you're sending data to create or update something, or when the data is sensitive (password, payment info), large, or complex (nested objects). Never put sensitive data in query params — they end up in server logs and browser history.

class Author(models.Model):
    name = models.CharField(max_length=100)

class Book(models.Model):
    title = models.CharField(max_length=200)

    # One-to-many: many books → one author
    author = models.ForeignKey(
        Author,
        on_delete=models.CASCADE,
        related_name='books'
    )

    # Many-to-many: a book can have many genres
    genres = models.ManyToManyField('Genre', blank=True)

class Genre(models.Model):
    name = models.CharField(max_length=50)

Access:

book.author           # the author object
author.books.all()    # all books by this author
book.genres.all()     # all genres of this book
book.genres.add(genre_obj)  # add a genre

# .get() — returns one object or raises an exception
book = Book.objects.get(id=1)
# Raises DoesNotExist if not found
# Raises MultipleObjectsReturned if more than one match

# .filter() — returns a QuerySet (empty, one, or many)
books = Book.objects.filter(genre='fiction')  # QuerySet
book = Book.objects.filter(id=1).first()      # safe single fetch

Rule: use .get() only when you're certain exactly one record exists (e.g., by primary key or unique field). Use .filter() for anything else — it never raises an exception for zero or many results.

Returns the existing object if found, or creates it if not. Always returns a tuple: (object, created) where created is a boolean.

author, created = Author.objects.get_or_create(
    name='George Orwell',           # lookup field
    defaults={'bio': 'British novelist'}  # only used when creating
)

if created:
    print("New author added")
else:
    print("Author already existed")

defaults are only applied on creation, not used in the lookup. This is a single atomic database query — safer than doing .get() then .create() separately, which could fail under concurrent requests.

DRF is batteries-included: Serializers, ViewSets, Routers, browsable API, Token/JWT auth, permissions system. Built on top of Django so you get the admin panel and ORM for free.

Use DRF when: you're already on Django, need the admin panel, or building standard CRUD with minimal setup.
Use FastAPI when: you need async performance, building microservices or AI/ML APIs, or starting a new project where speed matters.

Short answer: "DRF for projects that benefit from Django's ecosystem. FastAPI for new async APIs — like Roof, where I needed async endpoints and AI integrations."

# settings.py
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ],
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
    ],
}

# urls.py
urlpatterns = [
    path('api/token/', TokenObtainPairView.as_view()),
    path('api/token/refresh/', TokenRefreshView.as_view()),
]

POST credentials to /api/token/ → get access + refresh tokens. Send Authorization: Bearer <token> on protected routes. Install: pip install djangorestframework-simplejwt.

A ModelViewSet combines all CRUD actions into one class. Register it with a Router and it auto-creates all URLs.

# views.py
class BookViewSet(ModelViewSet):
    queryset = Book.objects.all()
    serializer_class = BookSerializer

# urls.py
router = DefaultRouter()
router.register('books', BookViewSet)
urlpatterns += router.urls

Auto-generated routes:

• GET /books/ — list all
• POST /books/ — create
• GET /books/{id}/ — retrieve one
• PUT /books/{id}/ — full update
• PATCH /books/{id}/ — partial update
• DELETE /books/{id}/ — delete

You can restrict actions: http_method_names = ['get', 'post'] or use ReadOnlyModelViewSet.

Both convert between Python objects and JSON. ModelSerializer auto-generates fields from a model.

Serializer — define all fields manually, also define create() and update() yourself:

class BookSerializer(serializers.Serializer):
    id = serializers.IntegerField(read_only=True)
    title = serializers.CharField(max_length=200)

    def create(self, validated_data):
        return Book.objects.create(**validated_data)

    def update(self, instance, validated_data):
        instance.title = validated_data.get('title', instance.title)
        instance.save()
        return instance

ModelSerializer — auto-generates fields and create()/update() from the model:

class BookSerializer(serializers.ModelSerializer):
    class Meta:
        model = Book
        fields = ['id', 'title', 'author']
        # or: fields = '__all__'

Use ModelSerializer for standard model CRUD. Use plain Serializer for non-model data (like a login form) or complex custom logic.

# models.py
class Profile(models.Model):
    user = models.OneToOneField(User, on_delete=models.CASCADE)
    avatar = models.ImageField(upload_to='avatars/')

# serializers.py
class ProfileSerializer(serializers.ModelSerializer):
    class Meta:
        model = Profile
        fields = ['avatar']

# views.py
class ProfileView(APIView):
    parser_classes = [MultiPartParser, FormParser]

    def post(self, request):
        serializer = ProfileSerializer(data=request.data)
        if serializer.is_valid():
            serializer.save(user=request.user)
            return Response(serializer.data, status=201)
        return Response(serializer.errors, status=400)

Also needed in settings.py:

MEDIA_URL = '/media/'
MEDIA_ROOT = BASE_DIR / 'media'

And in urls.py for development:

urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

Install Pillow — Django's ImageField requires it: pip install Pillow.
Frontend: send as multipart/form-data, not JSON.

Modularity means splitting your code into separate, self-contained units where each one handles one responsibility. A module has a clear interface and hides its internal details.

In Django — each app is a module:

myproject/
├── users/         ← handles auth, profiles
├── orders/        ← handles orders
├── payments/      ← handles payments
└── notifications/ ← handles emails, push

Each Django app has its own models.py, views.py, urls.py, and serializers.py. Apps communicate through imports or events — they don't reach into each other's internals.

Benefits:

• Easy to understand one module without reading the whole codebase
• Easy to test each module in isolation
• Teams can work on different modules at the same time
• You can replace or remove one module without breaking others

In code: functions do one thing, classes group related behavior, and you import only what you need.