JWT authentication, but allow anonymous users to create rooms

Hi everyone! Happy new year!

I had implemented with success the JWT authentication in my own Jitsi Server. Users that has a JWT token can join a meeting as moderators, and users with no token, can join as participants only after a moderator joins the room.

But I need to allow anonymous users to also create a new room. When a users without a JWT token try to create a room, the “waiting for host” dialog is showed.

Any ideias about how I can do it? If needed, I can write a custom prosody plugin, but I’m having dificults about the first steps.

Remove the guest block from the prosody config and set allow_empty_token

1 Like

Thanks @emrah, I setup your suggestion and now guest users can create rooms. But now, guest users are also moderators in all situations, even if they join a existent room. I searching a way that a guest user be a moderator just if he is the first in the room.

Any ideia?

Probably there is something wrong in your prosody config.

This is my current prosody config @emrah. I still can’t find what’s wrong

admins = {
    "focus@auth.cefis.live",
    "jvb@auth.cefis.live",
}

unlimited_jids = {
    "focus@auth.cefis.live",
    "jvb@auth.cefis.live",
}

plugin_paths = { "/prosody-plugins/", "/prosody-plugins-custom" }
muc_mapper_domain_base = "cefis.live";
muc_mapper_domain_prefix = "muc";
http_default_host = "cefis.live"
consider_bosh_secure = true;

cross_domain_websocket = true
cross_domain_bosh = true


VirtualHost "cefis.live"
    authentication = "token"
    app_id = "<hidden id>"
    app_secret = "<hidden secret>"
    allow_empty_token = true

    ssl = {
        key = "/config/certs/cefis.live.key";
        certificate = "/config/certs/cefis.live.crt";
    }
    modules_enabled = {
        "bosh";
        "websocket";
        "smacks"; -- XEP-0198: Stream Management
        "pubsub";
        "ping";
        "speakerstats";
        "conference_duration";
    }

    speakerstats_component = "speakerstats.cefis.live"
    conference_duration_component = "conferenceduration.cefis.live"
    c2s_require_encryption = false


VirtualHost "auth.cefis.live"
    ssl = {
        key = "/config/certs/auth.cefis.live.key";
        certificate = "/config/certs/auth.cefis.live.crt";
    }
    modules_enabled = {
        "limits_exception";
    }
    authentication = "internal_hashed"


VirtualHost "recorder.cefis.live"
    modules_enabled = {
      "ping";
    }
    authentication = "internal_hashed"


Component "internal-muc.cefis.live" "muc"
    storage = "memory"
    modules_enabled = {
        "ping";
        }
    restrict_room_creation = true
    muc_room_locking = false
    muc_room_default_public_jids = true

Component "muc.cefis.live" "muc"
    storage = "memory"
    modules_enabled = {
        "muc_meeting_id";
        "token_verification";
        "polls";
        }
    muc_room_cache_size = 1000
    muc_room_locking = false
    muc_room_default_public_jids = true

Component "focus.cefis.live" "client_proxy"
    target_address = "focus@auth.cefis.live"

Component "speakerstats.cefis.live" "speakerstats_component"
    muc_component = "muc.cefis.live"

Component "conferenceduration.cefis.live" "conference_duration_component"
    muc_component = "muc.cefis.live"

This doesn’t look like the default prosody config file. Some parts are missing. For example the “conference.” muc component…

My installation is running on docker, I guess is the reason for the difference. In the original prosody config from repo there is no "conference." component reference.

I have no idea about Dockerized setup