[jacky]schmarty: I ended up going with just tokens but I was thinking of storing the header value of 'Set-Cookie' and using that to send back as `Cookie`. After doing some reading, that proved to be a bit of a janky approach (even if I used SessionStorage)
