selfhostyourtech/reflector
2
0
Fork 0
mirror of https://github.com/Monadical-SAS/reflector.git synced 2025-12-21 20:59:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add room by name endpoint for non-authenticated access

Browse Source 
- Add GET /rooms/name/{room_name} backend endpoint
- Endpoint supports non-authenticated access for public rooms
- Returns RoomDetails with webhook fields hidden for non-owners
- Update useRoomGetByName hook to use new direct endpoint
- Remove authentication requirement from frontend hook
- Regenerate API client types

Fixes: Non-authenticated users can now access room lobbies
This commit is contained in:
Mathieu Virbel
2025-09-10 19:04:09 -06:00
parent e483e2a97f
commit 304f3dca3a
3 changed files with 2888 additions and 2843 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
server/reflector/views/rooms.py
View File

@@ -155,6 +155,30 @@ async def rooms_get(
return room return room
@router.get("/rooms/name/{room_name}", response_model=RoomDetails)
async def rooms_get_by_name(
room_name: str,
user: Annotated[Optional[auth.UserInfo], Depends(auth.current_user_optional)],
):
user_id = user["sub"] if user else None
room = await rooms_controller.get_by_name(room_name)
if not room:
raise HTTPException(status_code=404, detail="Room not found")
# Convert to RoomDetails format (add webhook fields if user is owner)
room_dict = room.__dict__.copy()
if user_id == room.user_id:
# User is owner, include webhook details if available
room_dict["webhook_url"] = getattr(room, "webhook_url", None)
room_dict["webhook_secret"] = getattr(room, "webhook_secret", None)
else:
# Non-owner, hide webhook details
room_dict["webhook_url"] = None
room_dict["webhook_secret"] = None
return RoomDetails(**room_dict)
@router.post("/rooms", response_model=Room) @router.post("/rooms", response_model=Room)
async def rooms_create( async def rooms_create(
room: CreateRoom, room: CreateRoom,

9
www/app/lib/apiHooks.ts
View File

@@ -642,19 +642,16 @@ export function useRoomsCreateMeeting() {
// Calendar integration hooks // Calendar integration hooks
export function useRoomGetByName(roomName: string | null) { export function useRoomGetByName(roomName: string | null) {
const { isAuthenticated } = useAuthReady();
return $api.useQuery( return $api.useQuery(
"get", "get",
"/v1/rooms", "/v1/rooms/name/{room_name}",
{ {
params: { params: {
query: { page: 1 }, // We'll need to filter by room name on the client side path: { room_name: roomName || "" },
}, },
}, },
{ {
enabled: !!roomName && isAuthenticated, enabled: !!roomName,
select: (data) => data.items?.find((room) => room.name === roomName),
}, },
); );
} }

5698
www/app/reflector-api.d.ts vendored
View File

File diff suppressed because it is too large Load Diff