Game Server Authentication method?

Hello to everyone, I am in the proccess of creating a puzzle game in Unity (client) and I am going to have a game server in yii2.

A player when starting the game would be asked to register or login. After that the client will communicate with the server for getting level info, keeping scores, items etc. So the game server (yii application) will behave as an api.

My question lies in the best way to register/authenticate the user and the communication between client/server.

One way I have thought is to use yii as I would use it in a website. Send username/password, authenticate them with the db and if successfull log in the user using yii session.

Second way is to use the REST protocol (using yii2 Rest Classes) and authenticate the user in every request as the protocol dictates.

Pros/Cons of each method in my mind. In a previous game, where I used the session method, I encountered problems when I implemented the game in third party platforms (such as Facebook Canvas, Kongregate etc) cause of the third party cookie problem.

The REST method (authenticating user in each request with a token) seems to solve such problems, but is it wise for a game (which could lead to big traffic eventually) to do this in every request?

What is your take in this? Do you have to suggest any ideas or even other methods? Thanks a lot for your time!

You’re overthinking it, use the second method and spend your energy focusing on the game instead.