From c5d25b57176d279da21719ce11763afd53ba7a22 Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Wed, 3 Dec 2025 15:25:30 -0500
Subject: [PATCH] More work on the Jitsi JWT

---
 app/routers/api.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/routers/api.py b/app/routers/api.py
index a5d3f80..9f7a0fd 100644
--- a/app/routers/api.py
+++ b/app/routers/api.py
@@ -233,6 +233,7 @@ class JitsiTokenRequest(BaseModel):
     is_moderator: bool = Field(..., description="Whether the user should be a moderator.")
 
     # Clearly separated override categories
+    user: Optional[Dict[str, Union[str, bool]]] = Field(None, description="User-specific overrides like name, email, moderator.")
     features: Optional[Dict[str, bool]] = Field(None, description="Feature flags like recording, livestreaming.")
     settings: Optional[Dict[str, bool]] = Field(None, description="User profile settings like startMuted, reactionsMuted.")
     config: Optional[Dict] = Field(None, description="Overrides for config.js properties.")
@@ -263,6 +264,7 @@ async def create_jitsi_jwt(
         # Build the payload with the correct structure accepted by Jitsi
         # Define the JWT payload with all the required claims for Jitsi.
         # This is where we securely set the moderator and user info.
+        # Even though 'user' is included we are currently ignoring it to prevent client overrides. It is rebuilt below from the main fields.
         payload = {
             "aud": "jitsi",
             "iss": JWT_APP_ID,