A user needs to send us data weekly or monthly and I need to capture that data into a database to present it on a website. However, I do not want the user to have direct access to the data base.
So I was thinking of building REST API and capture the data into a database that user sends (instead of responding back to the request).
I am new to this field and wondering if this is a safe practice? If there is a better way, please let me know. Thanks!
Yes and as blur0224 said you should consider security for your REST API. I personnaly advise you to use a token based authentication (JWT, OAUTH2 etc...). So the user have to be authenticate and authorized to access your data base.