diff --git a/app/routers/api.py b/app/routers/api.py index cbdad07..d79ddc5 100644 --- a/app/routers/api.py +++ b/app/routers/api.py @@ -1,9 +1,9 @@ -import datetime +import datetime, jwt, time from fastapi import APIRouter, Body, Depends, Header, HTTPException, Path, Query, Response, status from pydantic import BaseModel, EmailStr, Field from typing import Dict, List, Optional, Set, Union -from app.lib_general import log, logging, sign_jwt, decode_jwt +from app.lib_general import log, logging, sign_jwt, decode_jwt, common_route_params, Common_Route_Params, common_route_params_min, Common_Route_Params_Min from app.config import settings from app.db_sql import sql_insert, sql_update, sql_insert_or_update, sql_select, sql_delete, redis_lookup_id_random @@ -215,6 +215,68 @@ async def get_api_temp_token( return mk_resp(data=False, status_code=404, response=response) + +# Updated 2025-09-18 +# It's best practice to import settings from a config file or environment variables +# For this example, we'll hardcode them, but you should use your actual values +# from your .env file +JWT_APP_ID = "my_jitsi_app_id" +JWT_APP_SECRET = "my_jitsi_app_secret-9876543210" + +# Define the data model for the incoming request body from the client +class JitsiTokenRequest(BaseModel): + room: str = Field(..., description="The name of the Jitsi room.") + name: str = Field(..., description="The display name of the user.") + email: EmailStr = Field(..., description="The email of the user.") + is_moderator: bool = Field(..., description="Whether the user should be a moderator.") + +# A simple endpoint to generate the Jitsi-specific JWT +@router.post("/jitsi_token") +async def create_jitsi_jwt( + request_data: JitsiTokenRequest = Body(...), + + # commons: Common_Route_Params_Min = Depends(common_route_params_min), +): + """ + Generates a Jitsi-specific JWT token for authentication. + The token includes claims to set the user's name, email, and moderator status. + """ + log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL + log.debug(locals()) + log.info("Generating Jitsi JWT...") + + try: + # Define the JWT payload with all the required claims for Jitsi. + # This is where we securely set the moderator and user info. + payload = { + "aud": "jitsi", + "iss": JWT_APP_ID, + "sub": "jitsi.dgrzone.com", # Your Jitsi base domain + "room": request_data.room, + "exp": int(time.time()) + 3600, # Token expires in 1 hour + "context": { + "user": { + "name": request_data.name, + "email": request_data.email, + "moderator": "true" if request_data.is_moderator else "false" + } + } + } + + # Sign the JWT with your secret key + # The algorithm must be the same as configured in your Prosody setup (HS256) + token = jwt.encode(payload, JWT_APP_SECRET, algorithm="HS256") + log.info("Jitsi JWT generated successfully.") + log.debug(token) + + return {"token": token} + + except Exception as e: + raise HTTPException(status_code=500, detail=f"Failed to create JWT: {str(e)}") + + + + @router.post('', response_model=Resp_Body_Base) async def post_api_obj( obj: Api_Base,