Everyone can join with meeting as a HOST

I m using web sdk. and every student can join as a HOST . LOL scenario.

Please help me to resolve this case. here is JS script code

<script>
window.addEventListener('DOMContentLoaded', function (event) {
    console.log('DOM fully loaded and parsed');
    websdkready();
});

function websdkready() {
    var testTool = window.testTool;
    // get meeting args from url
    var tmpArgs = testTool.parseQuery();
    console.log(tmpArgs)


    var meetingConfig = {
        apiKey: "{{$apiKey}}",
        meetingNumber: "{{$zoomMeetingId}}",
        userName: "{{$userName}}",
        passWord: "{{$meetingPassword}}",
        leaveUrl: "/index.html",
        role: "{{$meetingRole}}",
        userEmail: "{{$userEmail}}",
        lang: "{{$meetingLang}}",
        signature: "{{$signature}}",
        china: "{{$meetingChina}}",
    };

    // a tool use debug mobile device
    if (testTool.isMobileDevice()) {
        vConsole = new beginJoinVConsole();
    }

    if (meetingConfig.china)
        ZoomMtg.setZoomJSLib("https://jssdk.zoomus.cn/1.9.1/lib", "/av"); // china cdn option
    ZoomMtg.preLoadWasm();
    ZoomMtg.prepareJssdk();

    function beginJoin(signature) {
        ZoomMtg.init({
            leaveUrl: meetingConfig.leaveUrl,
            webEndpoint: meetingConfig.webEndpoint,
            disableInvite: true,
            disableCallOut: true,
            debug: true,
            isSupportAV: true,
            isSupportChat: false,
            meetingInfo: [],

            success: function () {
                ZoomMtg.i18n.load(meetingConfig.lang);
                ZoomMtg.i18n.reload(meetingConfig.lang);

                console.log(meetingConfig);

                ZoomMtg.join({
                    meetingNumber: meetingConfig.meetingNumber,
                    userName: meetingConfig.userName,
                    userEmail: meetingConfig.userEmail,
                    signature: signature,
                    apiKey: meetingConfig.apiKey,
                    passWord: meetingConfig.passWord,

                    success: function (res) {
                        console.log("join meeting success");
                        console.log(res);
                    },
                    error: function (res) {
                        console.log(res);
                    },
                });
            },
            error: function (res) {
                console.log(res);
            },
        });
        ZoomMtg.inMeetingServiceListener('onUserJoin', function (data) {
            console.log("ON USER JOIN");
            console.log('inMeetingServiceListener onUserJoin', data);

            var userId = data.userId;
            var userEmail = data.userName;
            var isHost = data.isHost;
            var zoomMeetingId = "{{$zoomMeetingId}}";


            if (!isHost) {
                var isValidAuthorizedUser = checkAuthorizedUser(userEmail); //Default : True
                var isValidCourseEnrollment = checkValidEnrollment(zoomMeetingId, userEmail); //Default  : True
                var hasUnpaidInvoices = checkHasUnpaidInvoices(userEmail); //Default : False

                console.log("has Unpaid Invoices : " + hasUnpaidInvoices);
                console.log("Is Valid Course Enrollment : " + isValidCourseEnrollment);
                console.log("Is Valid Authorized User : " + isValidAuthorizedUser)
                console.log("Condition :" + (isValidAuthorizedUser === "false" || isValidCourseEnrollment === "false" || hasUnpaidInvoices === "true"));


                if (isValidAuthorizedUser === "false" || isValidCourseEnrollment === "false" || hasUnpaidInvoices === "true") {

                    console.log("Removed Participant");
                    //Remove Participant User
                    ZoomMtg.expel({
                        userId: userId
                    });
                }
            }

        });


        // Check Authorization of User
        function checkAuthorizedUser(userEmail) {

            var isAuthorizedUser = "";

            $.ajax({
                type: "GET",
                async: false,
                url: "{{ url('meeting/web/checkauthorizeduser') }}/",
                data: {
                    'userEmail': userEmail,
                    '_token': '{{csrf_token()}}',
                },
                dataType: 'HTML',
                success: function (response) {
                    isAuthorizedUser = response;

                }
            });

            return isAuthorizedUser;
        }

        // Check Validation of Enrollment
        function checkValidEnrollment(zoomMeetingId, userEmail) {

            var isValidEnrollment = "";

            $.ajax({
                type: "GET",
                async: false,
                url: "{{ url('meeting/web/checkvalidcourseenrollment') }}/",
                data: {
                    'zoomMeetingId': zoomMeetingId,
                    'userEmail': userEmail,
                    '_token': '{{csrf_token()}}',
                },
                dataType: 'HTML',
                success: function (response) {
                    isValidEnrollment = response;
                }
            });

            return isValidEnrollment;
        }

        //Get Unpaid Invoices
        function checkHasUnpaidInvoices(userEmail) {

            var isEmptyUnpaidInvoices = "";

            $.ajax({
                type: "GET",
                async: false,
                url: "{{ url('meeting/web/hasunapidinvoices') }}/",
                data: {
                    'userEmail': userEmail,
                    '_token': '{{csrf_token()}}',
                },
                dataType: 'HTML',
                success: function (response) {
                    isEmptyUnpaidInvoices = response;

                }
            });

            return isEmptyUnpaidInvoices;
        }


    }

    beginJoin(meetingConfig.signature);

};

Hey @digix.sameera ,

When generating the Web SDK signature, pass in 1 for host, and 0 for participant.

Thanks,
Tommy

/** 
 * @param string $api_key The publicly available key people may know.
 * @param string $api_secret The secret NO ONE SHOULD KNOW
 * @param integer $role The role of the user for whom the meeting is generated.
 * @param integer $meeting_number The "MEETING ID" to join.
 * @return string Should return a signature.
 */
function(string $api_key, string $api_secret, int $role = 0, int $meeting_number){
   // Setting to UTC for time() to be in UTC. However this is purely optional
  // See  https://www.php.net/manual/en/function.time.php#100220
   // date_default_timezone_set("UTC");
    $time = time() * 1000 - 30000;  //time in milliseconds (or close enough)
    $data = base64_encode($api_key . $meeting_number . $time . $role);
    $hash = base64_encode(hash_hmac('sha256', $data, $api_secret, true));
   // Generates a signature
    $sig =  implode(".",[$api_key, $meeting_number, $time, $role, $hash]);
    // Return a base64 encoded, url-safe signature.
    return rtrim(strtr(base64_encode($sig), '+/', '-_'), '=');

If you have a application, where you can determine a user to be the “HOST” or want a user to be a “HOST” you can pass 1 in their behalf through a XHR Request, 0 otherwise.

Additional Information

If you just has a single page application, you can always take help of “Heroku”.

Thanks,
Anweshan

Thanks for sharing this, @anweshan !

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.