search

OpenSight / janus-cloud

a cluster solution for Janus WebRTC server, by API proxy approach
GNU Affero General Public License v3.0
207 stars 49 forks source link

Another proxy in front of Janus Cloud #12

Closed 0x41mmarVM closed 3 years ago

0x41mmarVM commented 3 years ago

Hi, thank you for the awesome work!

This is no bug, just a question. I'm trying to run a typical videoroom, with some extra constraints on aliases, among other things. It seems to me that my options are either to create a second proxy in front of Janus Cloud, or to modify Janus Cloud's code to implement my constraints. If I create a second proxy, the client acts as a normal Janus client using the standard API, but my proxy chooses to reject certain requests and not pass them on to Janus Cloud if they fall afoul of certain conditions I code. I find myself preferring the proxy option because I won't have to dive into janus-cloud's code, and the update process for new versions of janus-cloud would be much simpler.

jamken commented 3 years ago

"extra constraints on aliases, among other things"
I am not sure what's your contraints to write another proxy. In our business, we design an other web server to handle these business logic about a real videoconference, not depend on Janus/Januscloud. Januscloud/Janus is only responsible to scale the webrtc traffic. On the other hand, Januscloud also support add-on plugin mechanism just like Janus, maybe you can consider to write a new plugin.

“ can I use a single websocket between the proxy and janus-cloud for multiple clients?” Of course you can, just like Janus. On the same websocket connection, you could create the different session for your different client

Hi, thank you for the awesome work!

This is no bug, just a question. I'm trying to run a typical videoroom, with some extra constraints on aliases, among other things. It seems to me that my options are either to create a second proxy in front of Janus Cloud, or to modify Janus Cloud's code to implement my constraints. If I create a second proxy, the client acts as a normal Janus client using the standard API, but my proxy chooses to reject certain requests and not pass them on to Janus Cloud if they fall afoul of certain conditions I code. I find myself preferring the proxy option because I won't have to dive into janus-cloud's code, and the update process for new versions of janus-cloud would be much simpler.

  • Is this insane? is there a better way of doing this?
  • If I do end up doing this, can I use a single websocket between the proxy and janus-cloud for multiple clients? It seems to me that if I simply keep track of the transaction ID sent with any client request, I'll be able to send the response back to its intended recipient.
0x41mmarVM commented 3 years ago

@jamken Thank you kindly for responding.

I am not sure what's your contraints to write another proxy.

Just to make sure I'm understanding that sentence, do you mean to say that you can't see a problem with writing another proxy? or that you don't see what kind of constraints would require another proxy? I'm assuming the first for now.

A second server that handles business logic is exactly what I'm trying to do, is this the right way of doing it? client browsers talk to the logic server, which in turn talks to Janus on their behalf, or selectively proxies their requests if they already talk Janus API?

On the other hand, Januscloud also support add-on plugin mechanism just like Janus, maybe you can consider to write a new plugin.

Cool, I'll consider that. Thank you.

Of course you can, just like Janus. On the same websocket connection, you could create the different session for your different client

Awesome, thanks!

jamken commented 3 years ago

I think it is a better idea to make the client browser talk to janus-cloud proxy for videoconference as well as the client browser talk to your business server for high level business, rather than make your business as anthoer proxy in frount of januscloud proxy

0x41mmarVM commented 3 years ago

But the client is untrusted, it could ignore whatever my business server is saying, and join with whatever handle it likes, and any room it likes.

jamken commented 3 years ago

But the client is untrusted, it could ignore whatever my business server is saying, and join with whatever handle it likes, and any room it likes.

oh, you should make use of the authentication function of the Janus API which is also supported by Januscloud. Your business can control which room the browser can join.

jamken commented 3 years ago

by the way, januscloud proxy also provide some admin APIs (https://github.com/OpenSight/janus-cloud/wiki/VideoRoom-plugin-documentation) in convinience for your business server control the proxy. Your can make use of it to create/delete room, manage room's token and so on

0x41mmarVM commented 3 years ago

oh, you should make use of the authentication function of the Janus API which is also supported by Januscloud. Your business can control which room the browser can join.

Umm.. my understanding is that the Janus API authentication is only at the Janus level or the plugin level, not the videoroom level. Am I mistaken?

0x41mmarVM commented 3 years ago

Ok, got it, there are room tokens. For handles I can just forget Janus handles and use the other web server.

Awesome! thanks!

jamken commented 3 years ago

oh, you should make use of the authentication function of the Janus API which is also supported by Januscloud. Your business can control which room the browser can join.

Umm.. my understanding is that the Janus API authentication is only at the Janus level or the plugin level, not the videoroom level. Am I mistaken?

Maybe you ignore these feature for videoroom, videoroom support tokens management for each room, and each room also has its own secrect.