Lobby + JWT issue with moderator rejoining the meeting


When the moderator uses JWT and setups lobby room, I see a bug where Moderator is also taken to prejoin screen to request 'Ask to join".

Here is the sequence of events:

  1. Moderator joins a room with JWT token
  2. Moderator turns on Lobby
  3. Guest joins the room. Requests for “to be joined” into the meeting.
  4. Moderator allows the guest to join the room
  5. Now the moderator hangs up the call.
  6. However, the guest is still in the room
  7. Moderator tries to join the call with the same JWT token used earlier.
  8. He’s taken to a prejoin screen where now he has to request “Ask to join”. This seems to be a bug!!!

step 8 doesn’t happen if the guest had also vacated the meeting room before the moderator tried to rejoin. If there was no one already in the room only then moderator with JWT is logged into the room.

If not, in the console.log I see this error:

2020-11-11T02:33:20.629Z [conference.js] <_onConferenceFailed>: CONFERENCE FAILED: conference.connectionError.membersOnly 493-579-3823@lobby.jitsi.jwt.live Logger.js:154:22

2020-11-11T02:33:20.633Z [features/base/connection] <h/</</<>: conference.connectionError.membersOnly Logger.js:154:22

Please let me know if this is a known bug and a solution exists.

This is how lobby works, with or without jwt. The workaround for this is the moderator to set a password to the room, so he can bypass lobby with it when needed.

@damencho, understood. Thanks for your help.

However, is there anyway I can override existing behaviour - meaning, if I see a user with jwt token for the room when lobby is enabled, take him directly into the room ?

Basically I want to bypass the prejoin screen as soon as I see jwt token.

You need changes in jitsi-meet, which can just check whether jwt is been decoded correctly and cannot validate the token.
You will skip pre-join using jwt then you need to bypass lobby you can modify it here add one more rule after the whitelisting:

You can do it by checking session.auth_token is it not nil …


@damencho, something like this?

 diff --git a/resources/prosody-plugins/mod_muc_lobby_rooms.lua b/resources/prosody-plugins/mod_muc_lobby_rooms.lua
index af5332d19..41c41fe65 100644
--- a/resources/prosody-plugins/mod_muc_lobby_rooms.lua
+++ b/resources/prosody-plugins/mod_muc_lobby_rooms.lua
@@ -344,6 +344,12 @@ process_host_module(main_muc_component_config, function(host_module, host)
             whitelistJoin = true;

+        local session = event.origin;
+        if session.auth_token ~= nil then
+            module:log("info","Vinay: session.auth_token = %s",session.auth_token);
+            whitelistJoin = true;
+        end
         local password = join:get_child_text('password', MUC_NS);
         if password and room:get_password() and password == room:get_password() then
             whitelistJoin = true;

I restarted prosody and jicofo but I don’t see this change. Sorry, this is my first attempt at changing the prosody plugin file. Please help.


Any errors in prosody logs?
Make sure those are the files used by your deployment …

@damencho, spot on. My deployment was using the plugins from /usr/share/jitsi-meet. So, I pointed the prosody to my local deployment, restarted prosody, jicofo and jvb. Host with JWT was able to rejoin the meeting bypassing the pre-join screen.

You are a life savior. Thanks a ton.