Resolve "Cookie-based authentication"
Compare changes
Beginning with 2nd June, only the "Single Sign On" option for login to the GitLab web interface will be possible. If you don't have an MPCDF wide second factor so far, please get one at our SelfService (https://selfservice.mpcdf.mpg.de). The GitLab internal second factor will not work.
Closes #772 (closed)
Enables cookie based authentication for endpoints where the signature token is an accepted authentication method. The cookie uses sameSite=strict to only send the cookie when the call originates from the same domain.
Also fixes some issues with the download functionality, by using headers rather than the (not quite functional) file-saver library.