How to use/setup sessions without jwt in strapi?

System Information
  • Strapi Version: 4.20.3
  • Operating System: Windows 10
  • Database: Mysql
  • Node Version: v18.18.0.
  • NPM Version: 8.18.0
  • Yarn Version: v1.22.19

Hello, I am new to using sessions, in the projects I did with strapi I always used jwt but I learned that it is not a good practice to use jwt in localStorage, in an article I found a code to implement httpOnly cookie with jwt, I tried it and it works, but is this really a way to do it? I have read that if the application is not large scale there is no need to use jwt, that I could simply use “sessions”, Never work with anything other than jwt in localStorage.

How should I setup to use strapi only with sessions without jwt? What is the workflow like?

How do I log in a user only with sessions?

In the docs I see that there are examples of how to log in a user against /auth/local in jwt, but what is it like in sessions? Could someone give me examples of what workflow I have to follow until I make authenticated requests?

thanks since now!