jitsi changed
This commit is contained in:
33
templates/auth-roadmap.md
Normal file
33
templates/auth-roadmap.md
Normal file
@@ -0,0 +1,33 @@
|
||||
# PoliticTalk Jitsi Auth Roadmap
|
||||
|
||||
These notes are intentionally not deployed yet. They describe the local files and app changes we should add when we connect PgApi authentication to Jitsi.
|
||||
|
||||
## Target Flow
|
||||
|
||||
```text
|
||||
PgPlatform calendar event
|
||||
-> PgPlatform PoliticTalk prejoin page
|
||||
-> PgApi verifies logged-in user, event ownership/invite/access, and event time window
|
||||
-> PgApi returns a short-lived Jitsi JWT
|
||||
-> PgPlatform embeds or opens Jitsi with that JWT
|
||||
-> Jitsi VPS validates JWT through Prosody token auth
|
||||
```
|
||||
|
||||
## Local Files To Add Later
|
||||
|
||||
```text
|
||||
jitsi/templates/prosody-token-auth.cfg.lua.example
|
||||
jitsi/templates/jicofo-token-auth.conf.example
|
||||
jitsi/templates/jitsi-token-auth.env.example
|
||||
```
|
||||
|
||||
Only templates should be committed. Real JWT secrets must stay in VPS-only files.
|
||||
|
||||
## Platform Changes To Add Later
|
||||
|
||||
- PgApi endpoint to issue Jitsi JWTs for valid PoliticTalk event access.
|
||||
- JWT claims for room, user display name, email/id, moderator flag, expiry, and feature permissions.
|
||||
- PgPlatform prejoin route that shows event title and immutable platform user name.
|
||||
- PgPlatform embedded Jitsi room using the IFrame API.
|
||||
- Moderator-only controls for audio moderation and poll permissions.
|
||||
- Event end-time enforcement through JWT expiry and/or iframe hangup.
|
||||
Reference in New Issue
Block a user