Recently a friend commented on how Django might do more to support SPA applications, notably by having built-in support for authentication using JWTs.
This is not a new question, and recently I've been discussing with someone on IRC about JWT support in Django that was not tied to Django REST Framework.
I have frequently helped people on IRC having issues supporting token based auth in their APIs. But all too often they can't explain why they're using token auth or what problems it solve for them, just that they read somewhere it was needed. (Or worse, their Manager demanded it without justification.)