It would be good to include some more information about how to set this up, as a few things took me a while to figure out... and while they're completely obvious in hindsight, it might make implementing this for others a lot easier knowing it upfront.
1 -
Under the "Prosody configuration" section, it currently readme.md has app_id = "issuer" as an example.
It would be good to include the fact that for app_id, element-web uses the jitsi > preferredDomain specified in the element-web config.json ... presumably/hopefully other clients will follow suit, otherwise we're locked into a client specific implementation... maybe the spec should be explict about this?
2 -
It would also be good to be explicit that there needs to be a location rule in nginx to point traffic to the /verify/user_in_roomendpoint to the port specified in the matrix-user-verification-service .env file e.g.
(Note - I also put allow/deny rules to limit access to this path by local ip ... to me this seems like a good idea, as I can't think of a reason why an external ip would need this, but is probably overkill since they'd need an server admin token anyway :) )
It would be good to include some more information about how to set this up, as a few things took me a while to figure out... and while they're completely obvious in hindsight, it might make implementing this for others a lot easier knowing it upfront.
1 - Under the "Prosody configuration" section, it currently readme.md has
app_id = "issuer"
as an example.It would be good to include the fact that for
app_id
, element-web uses thejitsi > preferredDomain
specified in the element-web config.json ... presumably/hopefully other clients will follow suit, otherwise we're locked into a client specific implementation... maybe the spec should be explict about this?2 - It would also be good to be explicit that there needs to be a location rule in nginx to point traffic to the
/verify/user_in_room
endpoint to the port specified in the matrix-user-verification-service .env file e.g.Otherwise the whole thing won't work.
(Note - I also put allow/deny rules to limit access to this path by local ip ... to me this seems like a good idea, as I can't think of a reason why an external ip would need this, but is probably overkill since they'd need an server admin token anyway :) )