**Related issue:** Resolves#14401
this updates the mechanism of storing the auth token for a user that is
used for making requests and validating a user session. We change the
storage from local storage to a cookie. This allow a bit more security
and prepares for a future change where we will allow the browser to
handle setting and passing the auth token in the request.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
## For #24950
- Track more granular host count data when running a live query/policy,
and return it in two new fields of each `"status"`-typed websocket
message
- On completion of live query/policy, display that granular data in a
tooltip in the UI
- Streamline and clarify frontend live query logic
- Update types and field names to better reflect the data they contain
and the sources from which that data is derived
- Add comments to clearly define what various fields of data represent
- Update heading copy rendered while live queries and policies are
running
###
[Demo](https://www.loom.com/share/ad1d64cf527f4fbc981df58ad581242f?sid=a0dc1269-a049-43c3-afdb-65c0bb946ece)
- [x] Changes file added for user-visible changes in `changes/`
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
## Addresses #12968https://www.loom.com/share/37aaaa36936b47079ff3088c3430e36b?sid=c249306b-a32e-4a33-be83-aae2d13c98aa
- Improve the implementation of error reporting by `sendRequest` to
handle when AxiosError information is being provided in different fields
(`response`, `message`, `code`, or nowhere), as opposed to relying on
only the `response` field, which is empty in some (including this)
situations
- Using the more fine-grained reporting above, exempt `Request aborted`
errors when fetching a user's data, which is what occurs here, from
triggering a token clear and login page redirect.
- Use dedicated token handling utilities everywhere
## Checklist for submitter
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
