隐藏客户端 API 调用

我正在制作一个小应用程序(.Net web api 后端服务和前端的 angularjs)只是为了学习这些框架，开始喜欢项目本身并认为部署它会很好......

I was making a small app (.Net web api backend service and angularjs for frontend) just to learn these frameworks, started to like project itself and thought it would be nice to deploy it...

然而，我的 .net 休息服务是公开的，目前任何人都可以通过 api 对象暴露出来，显然我不希望有人偶尔清理我的数据库.我真的不存储任何敏感信息，它是一个小型网页游戏，我在数据库中存储的都是诸如物品、位置、游戏大厅、玩家(只有 id、用户名和引用列)之类的东西，但仍然删除它们会在某处造成大问题.

However thing my .net rest service is as public as it gets, at the moment anyone can crud exposed through api objects and obviously I don't want somebody clearing my database once in a while. I don't really store any sensitive information, it's small web game, all I store in db are things like items, locations, game lobbies, players (only id, username and reference columns), but still deleting them will cause big problems somewhere.

那么我怎样才能防止这种情况呢?我的第一个想法是，只要没有人通过某种方式隐藏用户的 API 调用来发现我的 api 地址，它就会得到解决.这是可行且现实的解决方案吗?

So what how can I prevent this? My first thought is that it would be solved as long as nobody discovers my api address by somehow hiding API calls from user. Is this possible and realistic solution?