Where store the JWT token in angular JS local,session storage or cookie. If Cookie then as it is prone to CSRF. How to avoid it.
Take a look here and read through the comments of the article aswell.. Some good discossiouns there with pro and cons of the different possibilities.
https://stormpath.com/blog/where-to-store-your-jwts-cookies-vs-html5-web-storage