From 0354dbe8891fa970046de70ae62561e92d49c28a Mon Sep 17 00:00:00 2001
From: damencho <damencho@jitsi.org>
Date: Thu, 10 Sep 2020 10:07:30 -0500
Subject: [PATCH] fix: Updates docs and verification to halt joining process.

When returning the error and showing to user not allowed screen we were not completely halting the prejoin operation when token verification fails on room join and the token is valid in general.
---
 resources/prosody-plugins/mod_token_verification.lua | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/resources/prosody-plugins/mod_token_verification.lua b/resources/prosody-plugins/mod_token_verification.lua
index ad39557ac..c16325c9e 100644
--- a/resources/prosody-plugins/mod_token_verification.lua
+++ b/resources/prosody-plugins/mod_token_verification.lua
@@ -40,6 +40,7 @@ local function load_config()
 end
 load_config();
 
+-- verify user and whether he is allowed to join a room based on the token information
 local function verify_user(session, stanza)
 	log("debug", "Session token: %s, session room: %s",
 		tostring(session.auth_token),
@@ -49,7 +50,7 @@ local function verify_user(session, stanza)
 	local user_jid = stanza.attr.from;
 	if is_admin(user_jid) then
 		log("debug", "Token not required from admin user: %s", user_jid);
-		return nil;
+		return true;
 	end
 
     log("debug",
@@ -64,18 +65,23 @@ local function verify_user(session, stanza)
     end
 	log("debug",
         "allowed: %s to enter/create room: %s", user_jid, stanza.attr.to);
+    return true;
 end
 
 module:hook("muc-room-pre-create", function(event)
 	local origin, stanza = event.origin, event.stanza;
 	log("debug", "pre create: %s %s", tostring(origin), tostring(stanza));
-	return verify_user(origin, stanza);
+    if not verify_user(origin, stanza) then
+        return true; -- Returning any value other than nil will halt processing of the event
+    end
 end);
 
 module:hook("muc-occupant-pre-join", function(event)
 	local origin, room, stanza = event.origin, event.room, event.stanza;
 	log("debug", "pre join: %s %s", tostring(room), tostring(stanza));
-	return verify_user(origin, stanza);
+    if not verify_user(origin, stanza) then
+        return true; -- Returning any value other than nil will halt processing of the event
+    end
 end);
 
 for event_name, method in pairs {