Is it possible to remove the username from the url?

[Ray Hilton]

Basically, I feel it's a little unnecessary to have the username (in my case, the entire email address) in the url.  It also leads to people exposing their email if they copy/paste links.  However, the main reason i want to use it is because some apps (like Theia) make assumptions about how to encode the @ in the username (it encodes to %40) which then breaks the websocket connection.  I have tried solving this in other ways, but I figured why not just remove the username completely?

Any thoughts?

Ray

[sp...@draves.org]

What URLs are you talking about? What Theia app do you mean?

--
You received this message because you are subscribed to the Google Groups "Project Jupyter" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jupyter+u...@googlegroups.com.
To post to this group, send email to jup...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jupyter/CAJ%3DX9awAqTALJGvJQtbLih6BDBvYyXKnxA8oxvGgwcLSVAcfsA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--

CTRL-labs.com

ScottDraves.com

@Scott_Draves

[Ray Hilton]

Sorry, I should have been clearer!

In JupyterHub, it uses ones username in the url, which, if you use full email addresses, looks like:

/user/r...@example.com/lab

Which should be fine, except Theia insists on encoding that @ as %40 for its websockets, and that doesnt work (CHP doesnt mind, but I think the jupyter instance does.  Anyway, I was also thinking that perhaps it's not a great idea to have the username in the url in the first place as it exposes personal information.

So, I was wondering if there was a way of simply not having usernames in the jupyterhub structure, but open to other ideas.  Perhaps I could generate a user-id on first auth based on the user's email address and that would avoid this problem, but it would make for uglier urls.

Ray

To view this discussion on the web visit https://groups.google.com/d/msgid/jupyter/CAMaD%2Bf7prierVPygq2TG2q_AzNz4ORmfZagi4%3DD6hrrxwf4-Jw%40mail.gmail.com.

[Charles Forelle]

I don't know about not having usernames in the url, but are you using an OAuthenticator (like GoogleOAuthenticator)? The authenticate function is likely what's choosing the email as the username. You can subclass the OAuthenticator and modify that function to generate whatever you want as the username.

To view this discussion on the web visit https://groups.google.com/d/msgid/jupyter/CAJ%3DX9aw4-x1FnQraZBz9j-W0h4NtK-ZB0rVW72RgN%3Dot8JM4UQ%40mail.gmail.com.

[Ray Hilton]

I don't mind the username being the email, per se, but I question whether it needs to be in the url.  Anyway, I think generating a unique ID when the user auths (or a one-way hash from the email address, say) would be a good compromise

To view this discussion on the web visit https://groups.google.com/d/msgid/jupyter/CAOFssWyxCNjAnbu0xSBXb64F%3D86vaLtMz2%2Bhn%3DZGYuxUQtyO4w%40mail.gmail.com.