I just lost the whole explanation I was about to send because Android is really stupid sometimes, so here's the short version:
Most social auth uses OAuth2, which doesn't exactly make sense with REST, but you can still use it alongside a REST-based app.
I see 4 scenarios:
1. A JS web app that uses SessionAuthentication can just use python-social-auth's Django app directly. Since the session is shared, it should Just Work™.
2. A JS web app that uses tokens: django-rest-framework-social-oauth2 seems to be made for this, but you could also do it with plain python-social-auth (which the former uses internally) by generating a token on your /success URL and sticking it into localStorage.
3. A non-web app that uses tokens: like number 2, but in a WebView.
4. A non-web app that uses sessions: like number 1, but copy your cookies into a WebView, do authenticate in there, then copy the cookies back.
