Im looking at building a Django web application that requires authentication but does not require cookies or javascript to be enabled on the client.
Would there be any issue with creating a JSON web token and placing this within a hidden input value, checking and validating this value on all post requests? All traffic will be over HTTPS.
Similar to this topic, but doesn't mention JSON web tokens specifically. The accepted answer seems to touch on issues that JSON web tokens have solved;
How to do stateless (session-less) & cookie-less authentication?
