Remove token openvidu

mh.m · September 8, 2020, 3:23pm

hi

i get token (role:publisher) for specific user that can publish but the problem is when he want generate token, the app delete other connection but if he dosent connect to session and generate another token, he has two token and can connect with two token and can publish two times!
how can i solve this problem?
is any way that i can remove other token?

thanks

mh.m · September 9, 2020, 1:33pm

@pabloFuente
@CSantosM
@cruizba

CSantosM · September 9, 2020, 3:08pm

I don’t understand your problem.

You’re developing your own app logic. Why do you want generating two tokens and remove one instead generate only one token?

mh.m · September 9, 2020, 4:01pm

I dont want generating 2 tokens
I want each user has one token
I mean if i create token for one user he can disable his javascript and dont connect to session
Now if the user send request again the app give him another token.
Now the user can connect to session two times
I want in the moment each user can connect one time to session

mihailj · September 9, 2020, 5:48pm

@CSantosM is right, you should use your back-end to detect when an user requests a new token without consuming the previous one.

I don’t think this should be done in the OpenVidu server, maybe I want multiple tokens.

mh.m · September 9, 2020, 6:17pm

In the backend i check if the previous token has in connections of the session (with openvidu api) , i delete that connection
But i cant undrestand the user connected with previous token. Maybe he took the token and didnt connect to session (disable javascript).
Now he can connect with previous token too.

mihailj · September 9, 2020, 8:06pm

I understand now, you are correct (I’ve looked in the server source code) with the fact that the token is consumed only when you join the room (or publish an IPCAM).

I guess that you could save the last generated token for that user in the back-end. Then do a call to your back-end before joining the room and check if the token is the last for that user. Based on your back-end response you can continue joining the room or throw an error.

Of course this is not perfectly secure and it could also be bypassed by messing up with the Javascript by a clever user.

Or you could try something else: add a webhook on participantJoined event, save in the back-end that the user is connected, then on another join by the same participant terminate one of the connections. Don’t forget to remove that user status on participantLeft.

mh.m · September 10, 2020, 4:55pm

use webhook is a good idea
thanks

Topic		Replies	Views
How to limit participants in a conference room How to implement?	5	1390	June 16, 2020
Openvidu reconnect issue after when all are out Issues developing apps	3	534	October 15, 2020
Behavior after succesful DELETE request (evict and disconnect user) How to implement?	3	261	February 6, 2020
Active Connections issue Issues developing apps	7	452	August 24, 2020
Confused about basic concepts How to implement?	1	142	July 12, 2023

Remove token openvidu

Related Topics