Some kind of "stable IDs" are needed for peers

[gregko]

The peerjs server, no matter if run on my own or provided by peerjs.com, generates random IDs for nodes (peers). I can request my own peer ID, but for a larger app that would potentially be used by thousands, maybe even hundreds of thousands users, there is no guarantee that any peer ID my code creates by itself won't be taken elsewhere. And the two (or more) devices to communicate, must know the IDs of each other. Manually entering the long, randomly generated IDs, each time the peers need to connect again, is far from optimal.

I think there should be an API call in peerjs node code, and corresponding code on the server, to reserve an ID and keep it forever, maybe with some private/public key authentication. I know I could modify the peerjs server code to do this, and then run my own modified server, however I'm not skilled enough to make these changes myself. Is there a version of peerjs server with stable peer IDs available, or could someone consider creating it?

[jonasgloning]

I think this is quite possible, with little change on both client and server.
I'd like to address this together with peers/peerjs-server#326 for exclusively server-generated IDs.

You get a UUID and a MAC over it. To reconnect, you then have to provide both, proving you are the original owner of that ID. As UUIDs will ~never collide, your ID will be yours forever -- without requiring potential infinite storage of ID/Token pairs on the server.

Would that work for you, or do you need self-chosen identifiers?

[jonasgloning]

Do you really need private/public key authentication? And does it really need to be part of peerjs?

A lot of stuff works by using UUID - universal unique identifiers. They are long enough that the chance of collision is almost impossible.

As far as security considerations; I can imagine it's possible to steal the UUID and then pretend to be somebody else. Adding some encryption could solve this, but this can be easilly added in the application layer, not as core part of PeerJs. You could use JWT's for authentication, for example (e.g. from Auth0, firebase, or DIY).

Originally posted by @markmarijnissen in #1070 (comment)