- Remove `metadata` from LiveSessionRoomCreateSerializer and ignore any
client-provided `metadata` for security (with warning log)
- Build secured room metadata server-side with explicit default lock
settings (mic/webcam/screen share locked; whiteboard/notepad/chat
unlocked) and comprehensive room features (chat, recording, breakout,
waiting room, etc.)
- Convert all request payload keys to camelCase before calling PlugNMeet
for both room creation and join token to match protocol requirements
- Extend non-admin user lock_settings in join token to include
whiteboard/notepad/chat controls
- Update live-session docs and add comprehensive PlugNMeet API docs
BREAKING CHANGE: Clients must no longer send `metadata` when creating a
room; all room settings are now enforced server-side and cannot be
overridden by the client. The serializer no longer accepts `metadata`.
- add CourseLiveSession.room_id field with unique index
- introduce LiveSessionRoomCreateSerializer and LiveSessionTokenSerializer
- add URLs for room creation and token:
- <slug>/online/room/create
- online/room/token
- enhance token validation metadata with:
- can_create_live_session, can_join_live_session flags
- live session context (active_room_id, timings, details)
- improve logging and token error handling in validation flow
- add PlugNMeet configuration settings (URL, API key/secret, timeout)
This introduces the endpoints and data structures needed to create and
join live sessions, and surfaces richer metadata for frontend usage. A
database migration is required for the new model field and index.
mortezaei