Implement client-side authentication

[brouberol]

Now that the authentication mechanism is implemented backend-side (see #100), we need to make sure the 5esheet generated API client supports it. Namely, we need to:

• have the user fill a username/password form
• send them via a POST request to /api/login/token, which (if the username/password are correct) will return set-cookie headers containing the JWT access token, as well as a CSRF token
• send the JWT access token any subsequent request cookies, as well as the content of the CSRF cookie in the X-CSRF-TOKEN header