Interesting proposal for fixing your outdated session auth architecture. Haven't made up my mind though when you should use this over fixing your session handling. https://developers.google.com/web/updates/2016/06/2-cookie-handoff