Resolve "Cookie-based authentication"
Closes #772 (closed)
Enables cookie based authentication for endpoints where the signature token is an accepted authentication method. The cookie uses sameSite=strict
to only send the cookie when the call originates from the same domain.
Also fixes some issues with the download functionality, by using headers rather than the (not quite functional) file-saver
library.
Edited by David Sikter