I am a web software developer.
As you may already know, HTTP is a stateless protocol. The communication between the client and server happens with some flags sent by client and server mutually. It means, we actually don't really know which user is authenticated. User is sending their session id via HTTP cookies and we (server) retrieve the related record from the database, and prepare the page response with the information of authenticated user.
I have been trying serverless computing platforms in last years. These platforms allow you to publish functions and execute them by an HTTP request.