WAITING FOR THE HOST for jwt-based authentication

We have a perfectly working jwt-based self-hosted Jitsi, where moderator and participant roles are properly assigned. Anonymous login is disabled.

The question is how to achieve the same behavior of “internal” authentication not
to allow non-moderator to create/open rooms until the owner or moderator opens it.

This is different from Lobby mod.

any lead? @hannstel

no luck yet…

I already have the idea but no time to try it…
you have to set jwt’s nbf claim, and/or modify the token_moderation
to check if the room is still empty and the user is not the moderator, then popup message … wait for the host …

1 Like

Ok. Thanks for that. Let me try

anything about that?

If you’re using this mod: mod_token_owner_party

I made it works by commenting this line: org.jitsi.jicofo.auth.URL=XMPP:meet.example.com
and adding: org.jitsi.jicofo.auth.URL=EXT_JWT:meet.example.com

in file: /etc/jitsi/jicofo/sip-communicator.properties

and switching from event.origin.send(st.error_reply(stanza, ‘cancel’, ‘not-allowed’))
to event.origin.send(st.error_reply(stanza, ‘auth’, ‘not-authorized’))

on the mod_token_owner_party.lua