Tutorial for login with jwt/sessions

[steve-chavez]

See if we can use the example in PostgREST/postgrest#664

[steve-chavez]

Right now there are good snippets in http://postgrest.org/en/v5.2/auth.html#logins and they have been working good. But seems the section is a mix of an explanation and how-to. I'm thinking we could turn this into a tutorial 3. After the RLS one, which I'm thinking it could be separate from login.

[mckinlde]

Right now there are good snippets in http://postgrest.org/en/v5.2/auth.html#logins and they have been working good. But seems the section is a mix of an explanation and how-to. I'm thinking we could turn this into a tutorial 3. After the RLS one, which I'm thinking it could be separate from login.

Hi, I'm a novice end user. I was able to get from tutorial 1 to storing the JWT from an Authorization header in session storage pretty easily, but after lots of reading the closest I can get to storing JWTs in cookies is via a reverse proxy. It seems like I'm not the only userwith this problem; is it even possible as of now to run pgRest's auth/auth JWTs via cookies? Or is a reverse proxy required? If I were to use a reverse proxy, then it would be running for the sole purpose of translating between Http Only SameSite cookies and the Authorization Bearer= header.