I started developing a web-app with angularJS and I'm not sure that everything is right secured (client and server side). Security is based on a single login page, if credentials are checked ok, my server sends back an unique token with custom time-validity. All other REST api are accessible through this token. The application (client) browse to my entry-point ex: I started developing a web-app with angularJS a