I'm relatively new to web development and am currently building a React website that uses a Flask API to communicate with a Postgres database. The website is read-only with no user authentication, kind of like a public data display (think Wikipedia-style but with no user interactions).
My concern is how to ensure that only my website can send requests to the API, preventing unauthorized or random people from accessing the database through the API endpoints?
Given that I'm still learning, I hope this question makes sense, and I'm open to any advice, even if it requires some rephrasing of my approach!
Grateful for any insights you might share!