add the token as hidden input in the html form.
add the cors requirement in the fetch API js file.
Set the token value in the context.
Copy-paste the helpers.get_request_user function from test_api_job branch to be cors compliant.
Remove useless api mixin (cors effect), add message if no authentication could be done.
Update test to take cors into account and use the same test construction as in test_job_api. -> We need to build a mother class (TestApi ?) when branches merged.
Test are included in the integration script.

* little fix
DATE_MIN is timezone aware now. (I encounter a tz pb, don't understand how it appeared/disappeared.)