Use cookies instead of local storage for auth in Web UI
JWT is not really designed for being stored in local storage (it can be dangerous in case of XSS, for instance), cf https://medium.com/@saivicky2015/why-jwt-shouldnt-be-stored-in-local-storage-aa9aeacc46a0
This will potentially have repercussions on the way we handle auth on the front-end.