Hello, just joined today
So I am working on the weather app project, but i went with another API to fetch data as well as Google API. both of them require API keys in order to use them, but i am unsure how to demo it because the keys will be exposed and thus open to abuse. how should i package the app and ready for demo ?
It is impossible to hide the keys without a backend (server), which presumably you do know know yet. In a real app, you would put the keys in the back end and your frontend would call the backend and the backend would make the calls to the external API. This keeps everything hidden. But in a completely frontend app, everything is downloaded to the user so they can see it. You might hide it a little in the code or encode it (like rot13 or something) but if someone wanted, they could get it.
This is one of the reasons the FCC weather API was created. I imagine all the campers setting up apps to call weather services made them clamp down their APIs.
I would just redo it and use the FCC API. Just chalk it up to experience.
that makes sense. i’m pretty far into the app now to switch but i’ll see what i can do
Yeah, it probably doesn’t matter. I doubt there are a lot of people trolling codepen for weather API keys. The worst that can happen is other people start using your API key and it overloads your allotted limit and your program will stop working. But you’re right that in general there is an issue there.