I have a FLASK app the makes a series (about a dozen) of API requests on user input. Right now I do those through an AJAX setup with FLASK and JS where the JS makes a POST request to a FLASK URL and a python function using requests makes an the API call, and sends the JSON back to JS.
The problem with this setup is concurrency. The JS requests are concurrent and the python requests are not. It's a dozen API calls, so it's significant time wastage. I would just move the API requests to JS which would then be concurrent, but then I would reveal my API key in the on page JS. I could build the whole FLASK/PYTHON API requests with AIOHTTP, but that seems excessive. Anyone have a clever solution of how to keep it simple and just make the API requests in JS/or in FlASK/PYTHON do it concurrently but keep the API key hidden/do it securely? Maybe there is an easy solution I'm missing, I'm new at this. Maybe a trick with routing through a POST request that's still handled by FLASK? I'm sure there is something there, I just can't figure it out.