How-to for using JWT in cookies

[steve-chavez]

Use the snippet in https://github.com/PostgREST/postgrest/issues/773#issuecomment-275602759

[mckinlde]

Has there been any more work on this? Is a proxy server still mandatory, or can postgrest be configured to use a cookie header for its JWT?

I am pretty confident I can change the /login endpoint to respond with a set-cookie header to store the JWT; once I've done that how do I ensure the rest of the endpoints in postgrest are checking the cookie header for a JWT?