Saving API token in the application

[MykytaLiashenko]

Hello everybody.
A few weeks ago I was writing one small React+Redux application and got stuck with API token safety problem.
I was trying to find the ability to store it somewhere, where nobody can access it, but have no idea how to do this.
It is not good to store token in localStorage or sessionStorage, cause any script have access to it. The same thing with no-httpOnly cookies.
Redux store is not the best place too, cause user will be logged out after every page refresh.
So the question is, what is the best secure place to store API token in React+Redux application?

[gaearon]

Please see http://stackoverflow.com/a/32722770/458193.
This is not a Redux issue, but a usage question, so I am closing the issue.