Lua doc & lobby always on / JWT

Sam_Lellouche · August 3, 2020, 4:03am

Is there some documentation somewhere on what can be done in Lua with prosody/jitsi? Especially around Lobby feature.

We are trying to turn on lobby automatically when the moderator joins the room. We have a setup with Lobby / JWT (with moderator attribute and https://github.com/nvonahsen/jitsi-token-moderation-plugin). We don’t want the moderator to have to turn on lobby manually.

Also there is also another problem with our current setup

Moderator joins / create a room (JWT moderator attribute true)
Moderator turns on lobby (wish this was automatic)
Non Moderator joins (JWT moderator attribute false) / Moderator accepts him
Moderator drops
Moderator cannot join anymore (get stuck in the lobby, shouldn’t need to wait for someone to accept him)

Essentially is there a way for Moderators (with JWT attribute) to be automatically accepted without getting stuck in Lobby?

Thanks

corby · August 3, 2020, 10:55am

@Sam_Lellouche,

I would start by reviewing the existing plugins. You could write something that hooks to muc-room-pre-create, muc-occupant-joined, or muc-occupant-pre-join, etc.

This topic may also help: How to get auth_token in muc-room-created and muc-room-destroyed events?

Regarding:

Look in the etc/prosody/conf.d/meet.example.com.cfg.lua file for muc_lobby_whitelist. This can be used to bypass the lobby. If you don’t see that in you cfg, add it under lobby_muc

gpatel-fr · August 3, 2020, 3:00pm

should be easy

--- mod_muc_lobby_rooms.lua.sav	2020-07-23 21:50:37.000000000 +0200
+++ mod_muc_lobby_rooms.lua	2020-08-03 16:38:45.421840379 +0200
@@ -372,6 +372,13 @@
             end
         end
     end);
+
+    host_module:hook('muc-set-affiliation', function(event)
+        if jid_split(event.jid) ~= 'focus' and event.affiliation == 'owner' then
+	    handle_create_lobby(event);
+        end
+    end);
+
 end);
 
 -- Extract 'room' param from URL when session is created

if you want to add this to standard Jitsi, all there is to add is a parameter. I guess it’s planned already since this routine that is not called anywhere in the source, it’s purpose should be for something like that.

I don’t think there is anything specific about JWT here; it can happens also with internal authentication (and probably with public access setup but I did not try it).
The fact that a moderator having disconnected by mistake after having enabled the lobby can’t enter again because there is no one to approve the join is a misfeature IMO.
Maybe it could be done by saving somewhere (no idea where in fact :-)) the original owner (see above) and testing if it’s the jid currently disconnecting (no idea how :-)) and then just call room:set_members_only(false); - at this point anyone including the original moderator should be able to join.

Sam_Lellouche · September 4, 2020, 5:31pm

Thanks for the pointers!
We were able to address both issues with custom Lua plugin (auto-lobby on when moderator joins) and bypass lobby for authenticated moderators so they dont get stuck in limbo.

tibby812 · October 11, 2020, 8:04pm

Sam - Any chance you can share the custom plugins?

Vinayvvk_viji · November 11, 2020, 5:20am

@Sam_Lellouche, could you please share your solution for - custom Lua plugin (auto-lobby on when moderator joins) and bypass lobby for authenticated moderators so they dont get stuck in limbo.

standort.digital · January 2, 2021, 9:47pm

Hi, did that feature about lobby now still default or need modify that marked code?
Is there also a possibility to add a default password…?

Another question too, inside your doc you wrote
Token body should look something like this:

{
  context: {
    user: {
      avatar,
      name,
      id
    }
  },
  sub,
  room,
  moderator: true
}

My example about jwt are:

$payload = array(
    "aud" => "meeting",
    "iss" => "meeting",
    "sub" => "meeting.domain.tld",
    "exp" => time() + (12*60*60),
    "room" => "$ROOM",
    "context" => array(
        "user" => array(
            "name" => "$name",
            "email" => "$email",
            "avatar" => "https://gravatar.com/avatar/abc123.png",
            "affiliation" => "owner",
        ),
        "features" => array(
            "recording" => true,
            "livestreaming" => true,
            "screen-sharing" => true,
        )
    )
);

Should i change it to

$payload = array(
“aud” => “meeting”,
“iss” => “meeting”,
“sub” => “meeting.domain.tld”,
“exp” => time() + (126060),
“room” => “$ROOM”,
“moderator” => true,
“context” => array(
“user” => array(
“name” => “$name”,
“email” => “$email”,
“avatar” => “https://gravatar.com/avatar/abc123.png”,
“affiliation” => “owner”,
),
“features” => array(
“recording” => true,
“livestreaming” => true,
“screen-sharing” => true,
)
)
);

Or how i should change it?

Best,
Sebastian