- GET fetches proxy table (relays same request to proxy's API endpoint)
- POST prods routing table sync (useful when proxy restarts)
- PATCH allows updating the proxy API location, auth token
e.g. docker, which can take a long time to stop,
especially if several docker actions are already queued.
Use status `202: Accepted` for API replies sent with spawn/stop still pending
use single cookie_id, since cookies themselves are already unique via `set_secure_cookie`
resetting cookie_id effectively logs out all browser sessions for a given user
- use PasswordType
- store first 4 bytes for filtering by prefix
since we can't filter by equality on the hashed value.
- user.new_foo_token() returns token string, not ORM object
- call start/stop_polling outside Spawner
(avoids need for custom spawners to reimplement)
- don't clear state when stopping Spawner
(should enable spawners to resume)
