I am designing an API with django and its rest framework (and I am already not sure if it worth the hassle to version it or not).
I totally know the iOS and Android apps will call the API, get a token (maybe with expiration I need to read a bit more about it) and then use this token inside every subsequent calls to be able to authenticate.
But my main question is : should my web interface use the API ?
Because it does not seems very practical, I rather see myself using sessions and cookies and having the backend render templates passing data through it than getting a token and doing AJAX calls for everything.
