We are trying to maintain chat history by using ymAuthenticationToken parameter.
Since this ymAuthenticationToken is passed as static meaning every user is going to have a unique hash token.
What if this token is leaked, any other person can pass this in the chatbot as parameter and render the chat history of the victim.
So we are generating new token for each user with some time context . Example below
Wanted to understand is this approach correct or there exists a better way to handle this security concern.