fix(high-level-tests): issue HTTP requests to the fronts and never to the API directly

because otherwise it looses the front URL and prevent URL-based security
mechanisms to apply.

Author: lego-technix

high-level-tests/e2e/cypress.config.cjs

@@ -56,7 +56,6 @@ async function setupNodeEvents(on, config) {
 module.exports = defineConfig({
   env: {
     APP_URL: "http://localhost:4200",
-    API_URL: "http://localhost:3000",
     ORGA_URL: "http://localhost:4201",
     visualRegressionType: "regression",
   },

high-level-tests/e2e/cypress/support/commands.js

@@ -31,7 +31,7 @@ function setEmberSimpleAuthSession(response) {
 Cypress.Commands.add("login", (username, password, url) => {
   cy.intercept("/api/users/me").as("getCurrentUser");
   cy.request({
-    url: `${Cypress.env('API_URL')}/api/token`,
+    url: `${Cypress.env('APP_URL')}/api/token`,
     method: 'POST',
     form: true,
     body: getLoginBody(username, password, 'mon-pix'),
@@ -44,7 +44,7 @@ Cypress.Commands.add("login", (username, password, url) => {
 Cypress.Commands.add('loginOrga', (username, password) => {
   cy.intercept('/api/prescription/prescribers/**').as('getCurrentUser');
   cy.request({
-    url: `${Cypress.env('API_URL')}/api/token`,
+    url: `${Cypress.env('ORGA_URL')}/api/token`,
     method: 'POST',
     form: true,
     body: getLoginBody(username, password, 'pix-orga'),