Information Security

Web application security?

Good afternoon!
I am learning vue. For example, there is such an application. The user simply through the form must send the user to the server. So, I have a url by which I contact the database and send the user through a post request, for example, using the axios plugin or simply through fetch.
After compilation, all tokens, all urls for binding to the server will be in one app.js file and something tells me that the user can peep the server url (which is not good)
I came up with the idea to transfer the user simply to the backend file, which will be sent to the server user, but then why fetch and axios in the frontend?
What do you need for a full-fledged production application? Seo, security?
How to organize security in the application? What do you need to know about this?
Thank you very much in advance!!