Currently, it is possible for a client to provide a userid property when they connect to Neuralyzer. This is horrible 💣 and prone to exploitation.

Acceptance Criteria

• Remove userid query param on connections
• Generate a uuid on the server as the connected user's userid
• Allow server to return an auth token when the user connects. Auth token will be used to revalidate a user when they disconnect and reconnect within the timeout threshold