Use cookies instead of local storage for auth in Web UI

JWT is not really designed for being stored in local storage (it can be dangerous in case of XSS, for instance), cf https://medium.com/@saivicky2015/why-jwt-shouldnt-be-stored-in-local-storage-aa9aeacc46a0

This will potentially have repercussions on the way we handle auth on the front-end.