I am using Angular for my frontend application, there is an already established backend service which I am using to retrieve data. I have no control over that backend service, it is more like a legacy system that is still in use.
I also implemented a middleware backend with Nest.js to make sure the application is secure, I did not want to expose data or implementation logic on frontend side of the application. However I think it might be unnecessary to include a middleware backend service since Angular is a well established framework, is there a way I can achieve the same level of security by using Angular instead of Nest.js?
Also I am new to the backend technologies and application security subjects, if you could provide the links for necessary information I would really appreciate that.
CodePudding user response:
To answer your question, you cannot secure your backend code using a front-end framework/library. What if I use postman to get the data ? You secured your API in angular, since I'm not using Angular this leads to data leakage. If you have to secure your API you should do it in your backend technology either nest.js or express.js. Better safe than sorry!