Module token 

Session token generation and validation.

Each proxy session gets a unique cryptographic token. The child process receives it via NONO_PROXY_TOKEN env var and must include it in all requests to the proxy. This prevents other local processes from using the proxy.

Functions

constant_time_eq

Constant-time comparison of two token strings.

generate_session_token

Generate a fresh session token.

validate_proxy_auth

Validate a Proxy-Authorization header against the session token.