hello Ekim, Great read however i have a doubt
I don't know much about security apart from env variables when it comes to storing API keys.
my question is regarding making API calls from ReactJS, is it a good approach even if I store the API keys in the env variables? I read a few articles which said anything passed to the front-end is no longer secure. So how bad is it, making API calls from ReactJS?
and what are alternate solutions? making custom backend with express or something else, and doing all that stuff there?
It really depends on what you have to do deal with.
API are also made to be a bit stronger as all we send in Front can be seen.
Making a custom Backend for me is way to complicated, I use to go with Nextjs, it offer the possibility to have an hybrid app if I can say. The parts you to be handle server side can(mostly when user is authenticated) and also static parts.
Don't know if I answered your question but:
1 - Use env. variables
2 - If you want the confort of React but have to deal with sensitive datas and want them to be serve by backend try Nextjs
thanks for replying Ekim, can you tell me more about hybrid app, since i am also using next.js, or can you point me to some resources, it'll be highly appreciated.
hello Ekim, Great read however i have a doubt
I don't know much about security apart from env variables when it comes to storing API keys.
my question is regarding making API calls from ReactJS, is it a good approach even if I store the API keys in the env variables? I read a few articles which said anything passed to the front-end is no longer secure. So how bad is it, making API calls from ReactJS?
and what are alternate solutions? making custom backend with express or something else, and doing all that stuff there?
It really depends on what you have to do deal with.
API are also made to be a bit stronger as all we send in Front can be seen.
Making a custom Backend for me is way to complicated, I use to go with Nextjs, it offer the possibility to have an hybrid app if I can say. The parts you to be handle server side can(mostly when user is authenticated) and also static parts.
Don't know if I answered your question but:
1 - Use env. variables
2 - If you want the confort of React but have to deal with sensitive datas and want them to be serve by backend try Nextjs
thanks for replying Ekim, can you tell me more about hybrid app, since i am also using next.js, or can you point me to some resources, it'll be highly appreciated.
What are you trying to do?
Maybe that way I can help you more efficiently.