So I have Angular 5 as the frontend framework and Node.js's Loopback framework in the backend. Angular makes the API calls to Nodejs. Is there a way to not show my JSON response to the public (maybe hiding it or not hiding but encoding it)? Any ideas? Does anyone do it? What is the best practice? I don't want anyone to know seeing my JSON what database structure I have or what the column names are.
Simple answer, no.
It's the terminology of Internet, user is able to see what request he sends to the server, and what response server returns to him. You could maybe encrypt the data with a key that you decrypt inside your Angular code, but ambitious people will find the key and you're returned with same thing.
As for the database structure, restructure your backend so keys from JSON don't represent the db schema. And I don't know why is this bothering you in the first place? If your API is secured properly, you have no worries about users seeing your JSON.