To ensure your framework includes a token, simply incorporate it into the headers of all subsequent requests.
If you want this token to be permanent, additional code is necessary (such as storing it in localStorage).
While I may not know the specific Header required by your framework, I can help you visualize how your login controller might appear:
angular.module('coolModule', [])
.controller('CoolController', function ($scope, $http) {
$scope.loginButton = function () {
// assuming username and password are in the scope
$http.post('/api/login', { $scope.username, $scope.password })
.success(function (data, status, headers, config) {
$http.defaults.headers.common['X-My-Token'] = data.token;
});
}
})
Subsequent requests will now include an X-My-Token header for identification purposes.
EDIT:
Implementing a cookie (either through JavaScript or via server response) ensures its inclusion in every request, similar to other cookies on the internet.
For a more elegant solution, particularly if you're also developing the backend, having the backend send a cookie to the client is recommended instead of manually writing it as you mentioned ^_^
A cookie offers certain advantages, such as an expiration date, but also comes with drawbacks like the complexity of reading it from JavaScript (often necessitating a wrapper library like angular-cookie for compatibility across browsers).
In cases where the cookie expires or the token becomes invalid (resulting in a 40x response), handling the failure will require some Angular.js coding.