I am trying to login using token-based Auth, because we are using Odoo-web module in mobile-app.

currently using GET-method url-passing approach which is "UNSECURE" on websites without SSL certificates and localhost-websites, as 

`myurl.com?username=foo&password=bar`

How can I do that using Token based approach or passing credentials in POST-method, in Odoo-12?

I found this authenticate() method in core-modules of odoo in http-controllers file and I am calling that only now, as:

`request.session(db, username, password)`

but I wanted it to be token based without hardcoding password as different passwords for different partners, which I can't hardcode and it's bad approach.

I have found similar post here but could not get solution.

how can I do it by passing token and validating it?