I'm trying to figure out the best way to do authentication for a rails-api app, although I'm seeing that sessions might just be a nicer and more supported approach.
Is there any conventional wisdom on this matter? Is there an advantage to HTTP tokens over just letting the sessions mechanism kick in and automatically getting all the functionality I'm aiming to remake server-side with tokens?
