How to pass user authentication through jitsi-meet external API - jitsi

I am building chat capability in my web application. I am using jitsi as our chat server. There can be 2-4 user in a video chat session. These session will be locked. Web application will initiate the chat and will control who can join the chat room.
I am trying to embed jitsi meet inside an web page using jitsi-meet
external API listed here
https://github.com/jitsi/jitsi-meet/blob/master/doc/api.md .
Our jitsi-meet is not open to public and protected with XMPP
authentication. How can I pass the authentication information through
jitsi-meet API?
I also want to lock the conference room with password. Does jitsi-meet API
have this option?
I am new to this domain. So if you know a better solution please suggest.

Yes there is:
api.executeCommand('password', 'The Password');
Best way I am using with a php/mysql app is generating a room with a random name (usually complex) from the 1st user (the caller), protecting that room with a password and sending the rest of the users a message through the app so that they can connect to the same room with the first.
This way the first user is the end point and the rest connect to the room the first user made.
You should check the other users are online at the time the room is created. The only parameter is the room name which must at all times be unique. Maybe count participants after you enter. When the last user leaves the room, the room gets destroyed. So the users hold the room.
You can also send a mail instead of an internal message.

You need to add JWT token-based authentication in jitsi then you need to generate JWT token & pass it through Jitsi's external API, in this way:
const options = {
...
jwt: '<jwt_token>',
...
};
const api = new JitsiMeetExternalAPI(domain, options);
for more detail, you should checkout Jitsi's iframe docs

Related

Auth0 get profile of other user client side

To learn some new technologies, I am building a small chat application that allows users to send messages to each other. I have set up my app with auth0 for client authentication and user management. My chat messages include the sub of a user as the unique author_id.
Now, for my use case, I would like everyone who has received a message to pull up a small user profile card for the message author. This means querying the user management system with the author_id to retrieve the user profile.
I have found the get users by id endpoint which seems to fit my needs. The problem here is that this API requires a management API token, which will not be available on the client side.
Should I set up a pass-through API which authorizes users based on their app JWT token, and then requests the user profile from the auth0 API with the management token? Or should I be looking at a different approach (the fact that this API requires a management token seems to suggest so)?
Due to the rate limit of the management API it is considered better practice to use an external database to save and retreive user data.

Identify unique user in Dialogflow V1

So I am testing out Dialogflow and one of the first questions I have is: how does my bot know who it is talking to? I need to identify a user and keep that information for as long as I can. The basic scenario being:
User starts his/her first conversation.
Chatbot send a fulfillment request to the server trying to match a user within its own database.
The user is found, the information (as a JWT or some other token) is sent back to Dialogflow and stored there for further communication. In reality, this part would involve asking for user email, sending a verification code to that email and then verifying the user with the code.
User then starts chatting with a bot and all fulfillment requests get the unique token stored for this very user, so that my REST API knows which user is being served with the response.
Couldn't find anything about it in the docs (maybe I am looking in the wrong places).
There will be several integrations, like Messenger, Viber, Telegram. I dunno, maybe those APIs add some unique information on the user?...
Thanks for the help!
Sorry, I know it's been a while, but maybe this will help someone else.
The right solution here is a user id, not a session id. A user id is provided by the chat platform (Facebook, Slack etc) and is consistent across sessions for the same user.
To get the user id, go to the Fulfillment tab, enable the editor and use a function like so:
let r = request.body.originalDetectIntentRequest
//this makes sure that you're on an integration
if (r["source"]){
return r.payload.data.sender.id;
}
To tie together ids from different platforms, you probably have to have some kind of log-in process every time you encounter a new id on a platform.
Pop,
Sessions are built in already into DialogFlow requests to your fulfilment service, if you check the payload you will find a sessionId, it remains the same for the same client until it expires.
However if you want to identify the user from any of the clients that you can connect to DialogFlow like Messenger then from the same request payload to you you will notice that there is an object named originalRequest that is only available when requests are coming from those clients.
You can personalize those users response eg using their FB firstname in a message to them.

Authenticating users from separate devices to be be able to pull data from an API

I'm having trouble deciding on / understanding which method of authentication would be best in the following situation:
I have 3 separate "clients". A website, mobile app and browser extension.
Users information and data is stored in a database.
The 3 clients will access the data via an API.
What I am trying to get my head around is how users of the system would login via one of the three clients and authenticate with the API so they can then proceed to get and post data to the API.
I do not require 3rd party applications to access the API. Users can only access it by logging into the clients I provide. For this reason am I right in thinking that OAuth1/2 would be over kill?
I have attached an image which details how I envision the system.
An additional question:
Where is it in the system the authentication comes in? Would I authenticate within the API? So the user uses a form on one of the three clients to send a password. The API then returns a "what" if they provide valid credentials?

Client ID and Client secret to access foursquare api

I am going to access foursquare api. As I was going through their documentation,I am going to use
https://api.foursquare.com/v2/venues/search service to serach for the venues.
To use this api we need client id and secret and has to be appended in the above URL.
But how to get this client id and scret. Should I register my app in the foursquare site.
Is the following url correct for registering the app:
https://foursquare.com/developers/register
If it is correct,it is asking for the app market id. Our application is not in any of the app market because it is an enterprise app.So in that case how to get client id and client secret??
Kindly help.
You can complete the form without inputting details about App Market IDs by simply hitting the 'Save Changes' button (the App Market fields are not validated on submit). This will bring you to a screen that contains your client id & secret.

soundcloud authentication for server-side code (no app!)

I would like my server-side code to upload tracks to soundcloud in its own name, then later it will retrieve comments, favourites and listener counts. I do not want to do this on behalf of an app user - for there is no app! Previous questions here on stackoverflow§ (there is no "me too" button) and the API docs seem to suggest I cannot do this. Am I correct?
§ Can track belong to the application and not individual users?
This is called "Authenticating without the SoundCloud Connect Screen" in the API docs:
http://developers.soundcloud.com/docs/api/guide#user-credentials
An "app" in this case is a program that wants to access the Soundcloud API. You register them here:
http://soundcloud.com/you/apps/
Normally you would make a unique username, and register the app to that user. Then, the code logs in as that user to authenticate.