Keep the password in the URL

We changed our minds: people do copy the URL from the bar and
give that to people and expect it to work: it doesn't make sense
to prioritise shorter URLs over this. There's no security advantage
unless we think there's a risk someone might steal your key by taking
a photo of your monitor over your shoulder and decrypting the calls
they can't already hear by standing behind you.

src/home/UnauthenticatedView.tsx

@@ -88,6 +88,7 @@ export const UnauthenticatedView: FC = () => {
         );
 
         let roomId: string;
+        const roomPassword = randomString(32);
         try {
           roomId = (
             await createRoom(client, roomName, e2eeEnabled ?? false)
@@ -96,7 +97,7 @@ export const UnauthenticatedView: FC = () => {
           if (e2eeEnabled) {
             setLocalStorageItem(
               getRoomSharedKeyLocalStorageKey(roomId),
-              randomString(32)
+              roomPassword
             );
           }
         } catch (error) {
@@ -127,7 +128,7 @@ export const UnauthenticatedView: FC = () => {
         }
 
         setClient({ client, session });
-        history.push(getRelativeRoomUrl(roomId, roomName));
+        history.push(getRelativeRoomUrl(roomId, roomName, roomPassword));
       }
 
       submit().catch((error) => {