Let user configure the desired length of the user ID
Compliments #204. If you specify an API_AUTH_TOKEN on tmpnb start, only clients that know the token can request access to a container via /api/spawn. The spawn response contains the /user/:id path of a selected container. If you specify a reasonably long user_length on tmpnb start, guessing the path to a spawned container becomes very difficult. In essence, the path segment winds up acting like an API key to the container.
Not rock solid security, but, hey, not bad reusing what already exists.
rgbkrk
commented
8 years ago
Compliments #204. If you specify an API_AUTH_TOKEN on tmpnb start, only clients that know the token can request access to a container via
/api/spawn. The spawn response contains the/user/:idpath of a selected container. If you specify a reasonably longuser_lengthon tmpnb start, guessing the path to a spawned container becomes very difficult. In essence, the path segment winds up acting like an API key to the container.Not rock solid security, but, hey, not bad reusing what already exists.