Find a better solution to data server security than token-auth

[fhats]

The whole token-auth system is not a great means of cryptographic security between the UI server and the data server. It would be better to implement some kind of one time pad-like system where single use tokens are generated at random and then consumed by the UI or data server.

[Roguelazer]

I feel that I should explain as the guy who designed this feature; it's only for doing authentication and assumes underlying encryption. It would be unwise to run firefly with sensitive data without https to both ui and data servers.