It is impossible to hide the keys without a backend (server), which presumably you do know know yet. In a real app, you would put the keys in the back end and your frontend would call the backend and the backend would make the calls to the external API. This keeps everything hidden. But in a completely frontend app, everything is downloaded to the user so they can see it. You might hide it a little in the code or encode it (like rot13 or something) but if someone wanted, they could get it.
This is one of the reasons the FCC weather API was created. I imagine all the campers setting up apps to call weather services made them clamp down their APIs.
I would just redo it and use the FCC API. Just chalk it up to experience.