|
|
|
|
|
|
by devit
1166 days ago
|
|
|
Well, the safe approach is to either have the user provide their own API key, or to perform requests on the backend (after verifying the user has an account, correctly authenticated, has paid and deducting from their quota). Or you could generate a per-user subkey with a quota if the upstream service supports that. |
|
|