I am currently making a website for password reset. I use vue-cli, postgresql and postgrest. To secure the exchange of information between my website and the RESTful API I use a jwt that I put in the header of my requests. My problem is that when I make these requests people can find out the jwt from outside.
So is it possible to hide this jwt in the header ? Or are there any other ways to make secure requests between vue and the RESTful API ?
My function using fetch request :
enregsitrerIdent : function(){
let resquestOptions = {
method :"POST",
headers:{"Content-Type" : "application/json", "Authorization": this.tokenPostgRESt},
body :JSON.stringify({"ident":this.identifiantUrl, "mail":this.mail})
}
fetch('http://localhost:3000/view_personnalurl', resquestOptions)
.then(response => response.json())
},
The jwt token visible to everyone :
