Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(idaa): revert JWT to moderators-only pending Jitsi server config

Browse Source 
Temporary rollback — non-moderators rejoin anonymously until Prosody is
configured with allow_empty_token=false to enforce JWT moderator claims.
TODO comment left in place to track the follow-up.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Scott Idem
2026-03-31 18:52:00 -04:00
parent 58dbb68601
commit f1bce485ab
1 changed files with 24 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/routes/idaa/(idaa)/video_conferences/+page.svelte
View File

@@ -836,26 +836,31 @@ async function init_jitsi() {
const url_params = data.params;
// --- Initialize Jitsi ---
// All verified Novi users get a JWT — not just moderators.
// Without JWT enforcement, the room URL alone is enough to join, which violates IDAA privacy.
// is_moderator is encoded in the token payload by get_jitsi_jwt().
console.log('Jitsi: Attempting to get JWT...');
const jwt_token = await get_jitsi_jwt(
display_name,
email,
is_moderator,
room_name,
user_id
);
if (!jwt_token) {
const container = document.getElementById(jitsi_container_id);
if (container)
container.innerHTML =
'<h1>Authentication Failed. Please try again.</h1>';
console.error('Jitsi: Authentication failed. JWT not received.');
return;
// TODO: Issue JWT to all verified Novi users once Jitsi server is configured to enforce
// JWT auth and respect context.user.moderator (set allow_empty_token = false in Prosody).
// For now, only moderators get a JWT — non-moderators join anonymously.
let jwt_token = null;
if (is_moderator) {
console.log('Jitsi: Attempting to get JWT for moderator...');
jwt_token = await get_jitsi_jwt(
display_name,
email,
is_moderator,
room_name,
user_id
);
if (!jwt_token) {
const container = document.getElementById(jitsi_container_id);
if (container)
container.innerHTML =
'<h1>Authentication Failed. Please try again.</h1>';
console.error('Jitsi: Authentication failed. JWT not received.');
return;
}
console.log('Jitsi: Successfully received JWT.');
} else {
console.log('Jitsi: Non-moderator joining without JWT (temporary — pending Jitsi server config fix).');
}
console.log('Jitsi: Successfully received JWT.');
const disabled_sounds = [
disable_incoming_msg_sound ? 'INCOMING_MSG_SOUND' : null,