1
-
Yes, send a post request to a RESTful backend with username and password combo
-
Django authenticates the username and password and logs the user in which sets a sessionid associated with the user which I believe you are referring to as a token. This is done via the login() method. https://docs.djangoproject.com/en/dev/topics/auth/default/#django.contrib.auth.login
-
Normally Django would set a sessionid as a coookie or session variable on the client’s machine, but I’d imagine you could save it in local storage and then retrieve it each time and validate it’s a valid sessionid on each request but it’s easier to just let Django’s middleware take care of everything by just using sessions.
Source:stackexchange.com