0

I am trying to deploy a simple web app consisting front end reactjs and backend python for the api routes

I want to allow api reqeusts by reactjs only, that will be deployed on the same server

In other words I do not want others to be able to e.g use postman to call the api

Is this possible? I do not wish to add authentication at this point as it's a really small project

xineta5158
  • 117
  • 1
  • 6
  • What have you tried so far? Please post the relevant parts of your code where you're getting stuck. Thank you. Welcome to stack overflow! – BLimitless Sep 04 '21 at 14:46

2 Answers2

1

One option is to have flask listen on 127.0.0.1 and then only local users will be able to connect to the api. Another option, you can bind the flask app on a unix socket file (instead of a ip:port) and set the file permissions for that socket so that only the users you want will be able to access it.

eagr
  • 381
  • 1
  • 3
  • 9
0

In python there are many libraries that can used for this.If you using flask then flask_cors or django then just check here or any other framework then search for CORS in your framework

faris404
  • 343
  • 1
  • 3
  • 11