应用程序和服务器之间的安全连接

Question

I try these code to connect my ionic app to apiserver (get)

    import { Injectable } from '@angular/core';
    import { HttpClient } from '@angular/common/http';
    import { Observable } from 'rxjs';
    import { map } from 'rxjs/operators';

    @Injectable({
      providedIn: 'root'
    })
    export class EncryptionService {

      url = 'https://api.am....com';
      api-key='......'

      constructor(private http: HttpClient) { }

      newcheck(checkid: string ,cost: string,toname: string,tocode: string,passcode: string,date: string,checkfor: string,back: string): {
          return this.http.get(`${this.url}?key=${this.api-key}&checkid=${encodeURI(checkid)}`);
      }
    }

my API has API key and get data in URL

1. how can i perform these in the secured way? for example to prevent someone to listen and monitor transferred data between app and server?
2. prevent someone to distract and fake received data by app?
3. or, anything to make this connection secured

Answer 1

It looks like you're already using https which is encrypted. A man in the middle attack should be prevented by default since browsers verify the certificate chain automatically.

I recommend reading this guide about https.