Security
When using a local web server, you must protect your API from unauthorized access. CSRF attacks can be a major problem if API is not protected in an adequate matter. Refer to this document for API securing approaches. A library like flask-seasurf alongside Flask can be used too.