feat(ui): Use cookies in the UI. Closes #1949

[alexec]

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this is a chore.
• The title of the PR is (a) conventional, (b) states what changed, and (c) suffixes the related issues number. E.g. "fix(controller): Updates such and such. Fixes #1234".
• I have written unit and/or e2e tests for my change. PRs without these are unlike to be merged.
• Optional. I've added My organization is added to the README.
• I've signed the CLA and required builds are green.

Closes #1949

This PR allows you to authenticate using either the Authorization header, or a cookie. This means we can download artifacts without have the token in the URL, which is not secure.

Basically, if you are using the API you should have Authorization: Bearer ..., if you are the UI should should have Cookie: authorization=....

[codecov]

Codecov Report

Merging #2058 into master will not change coverage.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master   #2058   +/-   ##
======================================
  Coverage    8.78%   8.78%           
======================================
  Files          61      61           
  Lines       34584   34584           
======================================
  Hits         3037    3037           
  Misses      31156   31156           
  Partials      391     391

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5016230...b6ced3d. Read the comment docs.

[alexec]

I want to know what the login token is!

[simster7]

Would it be a security concern that the secret gets sent to stdout?

[alexec]

for tests only