Moderator and Guest authorization Via JWT and Guest is wait till the moderator joined the meeting

Hello Everyone,

I am configure token moderation module in our docker Jitsi meet code. Basically i want the when i have pass moderator is false in JWT token then it wait for the till moderator join the meeting and when i have pass moderator is true in JWT token so all other waiting guest will join.

so for that i have create a mod_token_moderation.lua file in prosody-plugins-custom folder.

currently i am facing this issue when i am passing moderator false in JWT token the user is join the meeting directly, but i want he/she is waiting till the moderator is joined the meeting.

Please anyone suggest me what is the preferred way to this.

—code in lua file–

– Token moderation

– this module looks for a field on incoming JWT tokens called “moderator”.

– If it is true the user is added to the room as a moderator, otherwise they are set to a normal user.

– Note this may well break other affiliation based features like banning or login-based admins

local log = module._log;

local jid_bare = require “util.jid”.bare;

local json = require “cjson”;

local basexx = require “basexx”;

local um_is_admin = require “core.usermanager”.is_admin;

local function is_admin(jid)

    return um_is_admin(jid,;


log(‘info’, ‘Loaded token moderation plugin’);

– Hook into room creation to add this wrapper to every new room

module:hook(“muc-room-created”, function(event)

    log('info', 'room created, adding token moderation code');

    local room =;

    local _handle_normal_presence = room.handle_normal_presence;

    local _handle_first_presence = room.handle_first_presence;

    -- Wrap presence handlers to set affiliations from token whenever a user joins

    room.handle_normal_presence = function(thisRoom, origin, stanza)

            local pres = _handle_normal_presence(thisRoom, origin, stanza);

            setupAffiliation(thisRoom, origin, stanza);

            return pres;


    room.handle_first_presence = function(thisRoom, origin, stanza)

            local pres = _handle_first_presence(thisRoom, origin, stanza);

            setupAffiliation(thisRoom, origin, stanza);

            return pres;


    -- Wrap set affilaition to block anything but token setting owner (stop pesky auto-ownering)

    local _set_affiliation = room.set_affiliation;

    room.set_affiliation = function(room, actor, jid, affiliation, reason)

            -- let this plugin do whatever it wants

            if actor == "token_plugin" then

                    return _set_affiliation(room, true, jid, affiliation, reason)

            -- noone else can assign owner (in order to block prosody/jisti's built in moderation functionality

            elseif affiliation == "owner" then

                    return nil, "modify", "not-acceptable"

            -- keep other affil stuff working as normal (hopefully, haven't needed to use/test any of it)


                    return _set_affiliation(room, actor, jid, affiliation, reason);




function setupAffiliation(room, origin, stanza)

    if origin.auth_token then

            -- Extract token body and decode it

            local dotFirst = origin.auth_token:find("%.");

            if dotFirst then

                    local dotSecond = origin.auth_token:sub(dotFirst + 1):find("%.");

                    if dotSecond then

                            local bodyB64 = origin.auth_token:sub(dotFirst + 1, dotFirst + dotSecond - 1);

                            local body = json.decode(basexx.from_url64(bodyB64));

                            local jid = jid_bare(stanza.attr.from);

                            -- If user is a moderator or an admin, set their affiliation to be an owner

                            if body["moderator"] == true or is_admin(jid) then

                                   room:set_affiliation("token_plugin", jid, "owner");


                                   room:set_affiliation("token_plugin", jid, "member");






–code end –

Where you able to figure it out? if yes, would you please post your solution. Thank you!