Yes, it's very common (and generally recommended) for mobile apps and websites to share the same backend API and database. This is a standard practice in modern application architecture.
Consistency: All clients work with the same data and business logic
Efficiency: You maintain and update one codebase instead of multiple
Synchronization: Changes are immediately available across all platforms
Cost-effective: Less infrastructure to maintain
Your plan to use:
Single Node.js/Express backend
Same API for both mobile and web
Shared MongoDB database
This is exactly how most successful applications are built (think Twitter, Facebook, etc.).
You might separate backends only in specific cases:
If the mobile and web apps have completely different functionality
If you need radically different scaling for each platform
If you have specialized database requirements for one platform
For legacy integration reasons
Design a clean RESTful or GraphQL API that serves both platforms
Implement proper authentication (JWT, OAuth) that works across platforms
Use API versioning to manage changes without breaking clients
Consider a BFF (Backend For Frontend) pattern if clients need very different data formats
A shared backend doesn't inherently create scaling or security issues if:
Your API is well-designed
You implement proper rate limiting
You use caching where appropriate
You follow security best practices
Your approach is correct - proceed with confidence! This architecture will serve you well through initial development and can scale as your user base grows.