strix-technica
commented
5 years ago I don't think it matters how the device ID is generated, so long as it's consistent. Using the primary MAC address is as sensible as any, unless you've reason to think otherwise.
After a bit of digging, the device_id sent as part of the initial login to generate the subsequently token is done using the following JS library
https://github.com/Valve/fingerprintjs
Here's the bit of code that does the login
$scope.login = function() { var fingerprint = String(new Fingerprint().get()); $http.post($rootScope.config.api+'/api/auth/login', { email_address: $scope.login.email, password: $scope.login.password, device_id: fingerprint }).success(function(data, status, headers, config){ //setting the user info details