release-23.2.1-rc: server, ui: set HttpOnly: true and Secure flags on cookies

[dhartunian]

server, ui: session cookie is HttpOnly

This change removes the ability of the DB Console JS code to read
the session cookie from the browser by setting the HttpOnly flag
to true.

This change requires a modification of how the TenantDropdown
components works since it relied on reading the session cookie and
extracting the list of logged-in tenants from it.

Instead of reading the cookie, the component now relies on a server-
side endpoint to "read back" the list of tenants in the session. You
might ask why this is necessary because we could return the list of
valid tenants on /login success and have them available outright.
There is a reason why that's not sufficient.

When you are logged in to multiple tenants with a valid session, you
can switch between them in the dropdown switcher. This switch occurs
without a subsequent call to /login, and will just set the tenant
cookie to the new tenant name and issue a full refresh to the browser
which will re-render everything. In this case, the TenantDropdown
component gets fully re-rendered but no longer has access to the
state it was initialized with containing all the valid tenants. This
necessitates adding an endpoint that the component can use to populate
itself directly whenever it's rendered.

Epic: None
Fixes: CRDB-36034

Release note (security update): DB Console session cookie is now
marked HttpOnly to prevent it from being read by any Javascript
code.

---

server: set Secure on cookies if cluster is secure

Cookie Secure setting is based on disableTLSForHTTP passed down
from the server.

Part of CRDB-36034
Epic: None

Release note (security update): DB Console cookies are marked Secure
for the browser when the cluster is running in secure mode.

---

Release justification: high-priority need for fix

[blathers-crl]

Thanks for opening a backport.

Please check the backport criteria before merging:

• Backports should only be created for serious
  issues or test-only changes.
• Backports should not break backwards-compatibility.
• Backports should change as little code as possible.
• Backports should not change on-disk formats or node communication protocols.
• Backports should not add new functionality (except as defined
  here).
• Backports must not add, edit, or otherwise modify cluster versions; or add version gates.
• All backports must be reviewed by the owning areas TL and one additional
  TL. For more information as to how that review should be conducted, please consult the backport
  policy.

If your backport adds new functionality, please ensure that the following additional criteria are satisfied:

• There is a high priority need for the functionality that cannot wait until the next release and is difficult to address in another way.
• The new functionality is additive-only and only runs for clusters which have specifically “opted in” to it (e.g. by a cluster setting).
• New code is protected by a conditional check that is trivial to verify and ensures that it only runs for opt-in clusters. State changes must be further protected such that nodes running old binaries will not be negatively impacted by the new state (with a mixed version test added).
• The PM and TL on the team that owns the changed code have signed off that the change obeys the above rules.
• Your backport must be accompanied by a post to the appropriate Slack
  channel (#db-backports-point-releases or #db-backports-XX-X-release) for awareness and discussion.

Also, please add a brief release justification to the body of your PR to justify this
backport.

[cockroach-teamcity]

This change is 

[abarganier]

Reviewable status: complete! 1 of 0 LGTMs obtained