Hi,
I am a technical architect and developer with more than 15 years of experience in IT projects from mobile applications to enterprise applications and ETL processes.
I have read the whole requirement, so I will discuss the project to the point of security needed. If any improvement is needed we will discuss it, even if it's better the current code works as it is instead of not working by improving.
So when you make your decision, please take into account that I will go through all the development cycle and as fast as possible. I have done this kind of implementation with spring security to get the token from the header on ajax or json requests and it took me some time when I did it first time, but then I know it does not involves too much complexity.
Please get in touch to discuss the project and move forward.
Best Regards.
Nadir.