PTV-1913 force cookie resetting, including backup cookie

[briehl]

Description of PR purpose/changes

There's an issue where the kbase_session_backup cookie seems to be blocked or disappears on occasion. We're not entirely sure what's causing this right now - it could be some browser policy changes with regard to how the cookie is created. What it means is that direct HTTP communication to KBase services via iframes (i.e. report view and downloads) can fail by complaining that the user isn't logged in. This forces a new backup cookie to be created on page reload.

Unit and integration tests pending, but I wanted an image made to get in narrative-dev. That and production are the only environments that'll fail this way.

Jira Ticket / Issue

Related Jira ticket: https://kbase-jira.atlassian.net/browse/PTV-1913

• Added the Jira Ticket to the title of the PR (e.g. DATAUP-69 Adds a PR template)

Testing Instructions

• Details for how to test the PR:

• Tests pass locally and in GitHub Actions
• Changes available by spinning up a local narrative and navigating to X to see Y

Dev Checklist:

• My code follows the guidelines at https://sites.google.com/lbl.gov/trussresources/home?authuser=0
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• (JavaScript) I have run Prettier and ESLint on changed code manually or with a git precommit hook
• (Python) I have run Ruff format and check on changed Python code manually or with a git precommit hook
• Any dependent changes have been merged and published in downstream modules

Updating Version and Release Notes (if applicable)

• Version has been bumped for each release
• Release notes have been updated for each release (and during the merge of feature branches)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 25.93%. Comparing base (d4530b4) to head (8d46c81).
Report is 14 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #3657      +/-   ##
===========================================
+ Coverage    25.89%   25.93%   +0.04%     
===========================================
  Files          461      461              
  Lines        46652    46653       +1     
===========================================
+ Hits         12079    12099      +20     
+ Misses       34573    34554      -19     

Files with missing lines	Coverage Δ
kbase-extension/static/kbase/js/api/auth.js	93.40% <100.00%> (+1.09%)	⬆️
kbase-extension/static/kbase/js/narrativeLogin.js	43.85% <100.00%> (+0.49%)	⬆️

... and 5 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1f28a09...8d46c81. Read the comment docs.

[ialarmedalien]

??

[briehl]

The only vestige of jquery is that API call wrapped in a Promise, so I started replacing it with a fetch call. Then realized there's some downstream unpacking effects to manage. Then realized that was a silly exercise and wasn't solving anything useful so just put it back and stopped.

[ialarmedalien]

Approving in case you want to put it up on narrative-dev to test, but the comment should be removed and tests should be added when it's confirmed that this will fix things.

[briehl]

@ialarmedalien I think this is ready for a real review now.

[dauglyon]

Looks good to me, but I'll leave it up to @ialarmedalien for final review as my narrative-familiarity is low. I am curious about the removal of 'use strict' as it can change error handling and variable declaration handling, but I assume it's safe...

[briehl]

@dauglyon the removal of 'use strict' comes from eslint. Compilers add it to builds, so it's not entirely necessary anymore in individual modules. ECMAScript modules are treated as strict by default: from https://eslint.org/docs/latest/rules/strict

In ECMAScript modules, which always have strict mode semantics, the directives are unnecessary.

The narrative codebase is on the old side, however, so now I'm thinking might not be entirely accurate? If that rule only applies to ECMAScript modules, and we're using AMDs still, is that just the eslint rule being finicky? Now I'm not sure!

[briehl]

It doesn't hurt anything being there, so I think I'll adjust the eslint rule to be safe.

I really can't wait to rewrite this stuff to be more modern...

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud