Your Express server can host both your website and your API. It's common to host your API on the same server as your website and just route the API traffic to something like yourdomain.com/api/. This way only the routes under /api will return JSON. You can have all of your necessary endpoints there, /api/users, /api/posts, etc. If you choose to host your website on your Express server, you could pass data down to your views without using the API or use the API via AJAX to fill in your data.
The REST API should not return a whole HTML document but should instead return data that you can put into your HTML.
I would call that method pretty standard, but there are a million ways to go about this. You could also serve your website from somewhere else and use the API to get the necessary data.
For your app, you'll just need to fetch the data from your API. You will also probably want some sort of authentication for your API otherwise anyone could access it because it will be publicly accessible.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Your Express server can host both your website and your API. It's common to host your API on the same server as your website and just route the API traffic to something like yourdomain.com/api/. This way only the routes under
/apiwill return JSON. You can have all of your necessary endpoints there,/api/users,/api/posts, etc. If you choose to host your website on your Express server, you could pass data down to your views without using the API or use the API via AJAX to fill in your data.The REST API should not return a whole HTML document but should instead return data that you can put into your HTML.
I would call that method pretty standard, but there are a million ways to go about this. You could also serve your website from somewhere else and use the API to get the necessary data.
For your app, you'll just need to fetch the data from your API. You will also probably want some sort of authentication for your API otherwise anyone could access it because it will be publicly accessible.