PHP

JWT authorization in PHP?

I am signing in to the site. I decided to use the JWT principle based on tokens. I understood the basics, but I can not understand one moment.
How it works:
1) Entering a login and password
2) Checking in the user base with the specified login and password
3) Creating a JWT token
Working with the site
1) Checking for validity
2) Displaying information depending on the check
For Ajax requests:
Save to localstorage and when sending, add the token to the header.
How to deal with the usual transitions on the site. Those. I used to store authorization in PHP SESSION, if there is $_SESSION["userid"]=1, then the user with ID=1 is authorized? how to do it now? After all, the session has its own lifetime, the token has its own? Tell me the algorithm of work, do not store the token in COOKIES and pull it out from there for verification? how to make this moment from the point of view of security?