New Jitsi tokens

app/routers/api.py

@@ -1,9 +1,9 @@
-import datetime
+import datetime, jwt, time
 from fastapi import APIRouter, Body, Depends, Header, HTTPException, Path, Query, Response, status
 from pydantic import BaseModel, EmailStr, Field
 from typing import Dict, List, Optional, Set, Union
 
-from app.lib_general import log, logging, sign_jwt, decode_jwt
+from app.lib_general import log, logging, sign_jwt, decode_jwt, common_route_params, Common_Route_Params, common_route_params_min, Common_Route_Params_Min
 from app.config import settings
 from app.db_sql import sql_insert, sql_update, sql_insert_or_update, sql_select, sql_delete, redis_lookup_id_random
 
@@ -215,6 +215,68 @@ async def get_api_temp_token(
         return mk_resp(data=False, status_code=404, response=response)
 
 
+
+# Updated 2025-09-18
+# It's best practice to import settings from a config file or environment variables
+# For this example, we'll hardcode them, but you should use your actual values
+# from your .env file
+JWT_APP_ID = "my_jitsi_app_id"
+JWT_APP_SECRET = "my_jitsi_app_secret-9876543210"
+
+# Define the data model for the incoming request body from the client
+class JitsiTokenRequest(BaseModel):
+    room: str = Field(..., description="The name of the Jitsi room.")
+    name: str = Field(..., description="The display name of the user.")
+    email: EmailStr = Field(..., description="The email of the user.")
+    is_moderator: bool = Field(..., description="Whether the user should be a moderator.")
+
+# A simple endpoint to generate the Jitsi-specific JWT
+@router.post("/jitsi_token")
+async def create_jitsi_jwt(
+    request_data: JitsiTokenRequest = Body(...),
+
+    # commons: Common_Route_Params_Min = Depends(common_route_params_min),
+):
+    """
+    Generates a Jitsi-specific JWT token for authentication.
+    The token includes claims to set the user's name, email, and moderator status.
+    """
+    log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
+    log.debug(locals())
+    log.info("Generating Jitsi JWT...")
+
+    try:
+        # Define the JWT payload with all the required claims for Jitsi.
+        # This is where we securely set the moderator and user info.
+        payload = {
+            "aud": "jitsi",
+            "iss": JWT_APP_ID,
+            "sub": "jitsi.dgrzone.com", # Your Jitsi base domain
+            "room": request_data.room,
+            "exp": int(time.time()) + 3600,  # Token expires in 1 hour
+            "context": {
+                "user": {
+                    "name": request_data.name,
+                    "email": request_data.email,
+                    "moderator": "true" if request_data.is_moderator else "false"
+                }
+            }
+        }
+
+        # Sign the JWT with your secret key
+        # The algorithm must be the same as configured in your Prosody setup (HS256)
+        token = jwt.encode(payload, JWT_APP_SECRET, algorithm="HS256")
+        log.info("Jitsi JWT generated successfully.")
+        log.debug(token)
+
+        return {"token": token}
+
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=f"Failed to create JWT: {str(e)}")
+
+
+
+
 @router.post('', response_model=Resp_Body_Base)
 async def post_api_obj(
         obj: Api_Base,