Have you thought about using JSON Web Tokens (JWT) instead of cookies? š¤
Let me tell you, JWTs are NOT ANY BETTER than session cookies... they are just applicable in different use-cases (with their own pros and cons).
Let's look at one important risk that comes with using the JWT tokens š The Brute-force attack!!