Need to adjust the token minter so that it runs a LUA equivalent of `dirname` against the value of `vidpath` when minting a token.
Need to do the same to the validator.
The aim being that when a request is received for a token for `foo/bar.m3u8` it should also be considered valid for anything else in that directory (like `foo/segment1.ts`)
The validator will also need adjusting to push a token (once it's been authenticated) into a cookie so that it'll be supplied alongside segment requests.
The name of that cookie should be derived from the playback path so that playback will still work if there are multiple players embedded on the same page.