Hi!
My team and I are developing conference rooms using jitsi-meet. We have managed to apply configuration with JWT Token Authentication.
What is going on:
- Our backend server is creating tokens with one hour expiration date (exp = NOW() + 1h).
- Inside JWT tokens are encrypted users (names, roles etc.).
- We are using prosody BOSH to join the rooms (url in the browsers - https://XXXX/room&jwt=YYYY).
It works fine, but we need to have an ability to ban/oucast misbehaving users on a conference and stop them from login again.
I was trying to use prosody modules with console command (https://prosody.im/doc/console - muc:room("room@muc.host"):set_affiliation(true, "user@host", "outcast");):
- modules/mod_admin_telnet
- modules/mod_admin_adhoc
, but without luck - I don’t see authenticated users inside prosody rooms after they enter a room.
What I am thinking now is that I must change some code of lua prosody files or jitsi-meet javascript files to be able to add this functionality (to ban users and block them from login again). I should create some kind of table to list banned users.
Do you have some advices for me? Where should I start? I was thinking about these files:
prosody-plugins/mod_token_verification.lua
prosody-plugins/token/util.lib.lua
Or maybe this kind of functionality already exists and I simply don’t know about it?