I think in short, you cannot prevent reverse engineering, especially for what is essentially a HTML/JS/CSS application. As mentioned, you can obfuscate the code, but if someone REALLY wanted your app code, they could get it.
I quickly decided that the benefits Cordova/Ionic give me in relation to ease of cross platform development far out weigh the negatives of the source code being basically openly available.
To be clear, this is not just a Cordova/Ionic issue, you can effectively reverse engineer any APK/IPA file, there are even online services that let you upload said package and they return the source, simple as that. As an example, I just decompiled the android twitter client via the form.
Ideally I would prefer the code wasn’t so available, but if anything this improved my focus for what I might consider security issues. The apps I have made also access a remote API and it is within this API that all of the security measures occur. I coded the app as if it were open source, so there are no short cuts or cheats for security that can be hidden there.
Doesn’t really help you I know, but there we go.