Spring boot REST token authorization and authentication best practices

Question

What is the best practise for authorization and authentication of users in REST spring boot?

I am building web app with standard pages + REST API for mobile. I looked a

Answer 1

Cookie approach seems perfect for the use case. Token can be tied up with user id. Filter can extract cookie and pass user id for example as header to apis - that should take care of GET...