Any of those options work for the frontend. I wouldn't worry so much about the reading the code for the following reasons:
1. You're most likely using a build step for production deployment which concatenates all the files into one and minifies it after, with renaming of functions, classes and variables. So its pretty tough to pick through where does what 2. You should leverage Django Rest Framework's permission, authentication, throttling and other features to create tokens that would be included in the client request to validate that User X is authorized for this API endpoint and implement resource throttling to X requests over Y period of time. 3. You should be using https to create a secure request-response connection that would prevent any man-in-the-middle spoofing where a bad actor can position itself between client and server. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/7a0ce61e-05d2-4e5e-a11b-ecb33c4cf911%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
