There is no perfect answer for security as software comes in so many different forms. Personally I like JWT for API authentication as it is easy to use with both web and mobile applications as generally you wouldn't want to be using cookies for your mobile application.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
But surely security is a bit more fundamental that "what's the best way to build a component?".
There is no perfect answer for security as software comes in so many different forms. Personally I like JWT for API authentication as it is easy to use with both web and mobile applications as generally you wouldn't want to be using cookies for your mobile application.