Anyone can access the endpoints on nbclassic

[yacchin1205]

When I install this extension on nbclassic, anyone can access the endpoints provided by Server Extension without credentials.

This is because the Server Extension uses notebook.base.handlers.IPythonHandler. https://github.com/Jupyter-contrib/jupyter_nbextensions_configurator/blob/master/src/jupyter_nbextensions_configurator/__init__.py#LL18C1-L18C1
As reported to the notebook project jupyter/nbclassic#271 , it seems that nbclassic should use jupyter_server.base.handlers.JupyterHandler. This may be just a bug in nbclassic, but I report it here too.

To Reproduce
To reproduce, please follow the steps below.

1. Download Dockerfile from https://gist.github.com/yacchin1205/532509f59b1815bdb4624a08db1e4f9c
2. Build an image: docker build -t jupyter/ipython-handler-authentication-bug .
3. Run jupyter notebook (former notebook server): docker run --rm -p 8888:8888 -e DOCKER_STACKS_JUPYTER_CMD=notebook jupyter/ipython-handler-authentication-bug
4. Access the nbextensions configurator endpoint without credentials: curl -vvvv 'http://127.0.0.1:8888/nbextensions/nbextensions_configurator/list' -> It returns 403 Forbidden. (Expected behavior)
5. Stop the container with Ctrl-C
6. Run jupyter nbclassic (nbclassic with jupyter-server): docker run --rm -p 8888:8888 -e DOCKER_STACKS_JUPYTER_CMD=nbclassic jupyter/ipython-handler-authentication-bug
7. Access the nbextensions configurator endpoint without credentials: curl -vvvv 'http://127.0.0.1:8888/nbextensions/nbextensions_configurator/list' -> It returns 200 OK with actual response. (Unexpected behavior)