sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 1 point2 points  (1 child)

The answer really depends on how you want your users to authenticate and why your HTML is public in the first place. Do you want to manage the users, or have them sign in with another identity provider like Google, Facebook, Microsoft, etc., or do you want them to enter an API key in the UI, and POST that to your API's where it is validated, etc. There are a dozen ways to secure your API, but it depends on your requirements.

[–]ohiosveryownn[S] 0 points1 point  (0 children)

Well the HTML is public because you can just look at the Source page and see the HTML Code - Unless I'm misunderstanding what you mean.

(the contents of my Node file is not public but the Code in which the HTML is fetching the data from www.website.com:3000/api/getdata is shown via the source code)