Good people I'm using DRF (I'm newbie rs), to put together a small API. The problem comes in authentication ... thinking of expanding my API to use in a mobile app in the future, I've been wanting to use token authentication. It's all working fine but I do not know where to save the token in a web application. Saving the token in a cookie does not seem to me to be safe: / I wondered how best to save the token in a web application. Would it be better to create a mobile (token) and a web (session and cookie) api? Thanks in advance: D