We have a perfectly working jwt-based self-hosted Jitsi, where moderator and participant roles are properly assigned. Anonymous login is disabled.
The question is how to achieve the same behavior of “internal” authentication not
to allow non-moderator to create/open rooms until the owner or moderator opens it.
This is different from Lobby mod.
no luck yet…
I already have the idea but no time to try it…
you have to set jwt’s nbf claim, and/or modify the token_moderation
to check if the room is still empty and the user is not the moderator, then popup message … wait for the host …
Ok. Thanks for that. Let me try
If you’re using this mod: mod_token_owner_party
I made it works by commenting this line: org.jitsi.jicofo.auth.URL=XMPP:meet.example.com
and adding: org.jitsi.jicofo.auth.URL=EXT_JWT:meet.example.com
in file: /etc/jitsi/jicofo/sip-communicator.properties
and switching from event.origin.send(st.error_reply(stanza, ‘cancel’, ‘not-allowed’))
to event.origin.send(st.error_reply(stanza, ‘auth’, ‘not-authorized’))
on the mod_token_owner_party.lua