* add base controller for public api
* add dossiers controller with basic checks
* create the dossier
* ensure content-type is json
* prefill dossier with given values
* mark a dossier as prefilled
When a dossier is prefilled, it's allowed not to have a user.
Plus, we add a secure token to the dossier, which we will need later to set a
user after sign in / sign up.
* set user as owner of an orphan prefilled dossier
When a visitor comes from the dossier_url answered by the public api,
the dossier is orphan:
- when the user is already authenticated: they become the owner
- when the user is not authenticated: they can sign in / sign up / france_connect
and then they become the owner
So here is the procedure:
- allow to sign in / sign up / france connect when user is unauthenticated
- set dossier ownership when the dossier is orphan
- check dossier ownership when the dossier is not
- redirect to brouillon path when user is signed in and owner
* mark the dossier as prefilled when it's prefilled
(even with a GET request, because it will be useful later on, for
exmample in order to cleanup the unused prefilled dossiers)
* system spec: prefilling dossier with post request
