- Enhanced session handling by checking for active sessions before creating a new room in PlugNMeet, reducing unnecessary API calls.
- Implemented logic to reactivate ended sessions and log relevant actions for better traceability.
- Added conditional room creation to avoid duplicate rooms, improving overall efficiency and user experience.
- Updated CourseLiveSessionRoomCreateAPIView to filter out ended sessions by adding `ended_at__isnull=True` in the session creation logic.
- Introduced a new method in CourseLiveSessionTokenAPIView to build centralized metadata for room settings, ensuring client overrides are not permitted and enhancing session configuration consistency.
- Updated CourseLiveSessionRoomCreateAPIView to filter out ended sessions by adding `ended_at__isnull=True` in the session creation logic.
- Introduced a new method in CourseLiveSessionTokenAPIView to build centralized metadata for room settings, ensuring client overrides are not permitted and defining default lock settings and room features.
- Improved room verification logic in CourseLiveSessionTokenAPIView to handle both boolean and string responses for room activity status.
- Added functionality to automatically recreate inactive rooms for professors while denying token issuance for students if the room is inactive.
- Enhanced logging for better traceability of room status and actions taken during token requests.
- Introduced a new method to handle room recreation in PlugNMeet, ensuring sessions can be reactivated when necessary.
- Added TokenAuthentication to allow users to authenticate with a token while still permitting access without authentication.
- Removed redundant debug print statements related to token validation to streamline the code and improve readability.
- Added checks in get_saved_location method to ensure user is authenticated and has location_history attribute before attempting to access it.
- Improved robustness of location retrieval logic to prevent errors for unauthenticated users.
- Updated permission classes to allow any user for GET requests, enhancing accessibility.
- Added detailed logging for both GET and POST requests to track request data and processing steps.
- Improved handling of user authentication status in log messages for better traceability.
- Added detailed logging for GET and POST requests in CourseOnlineClassTokenValidateAPIView to track user actions and course validation.
- Improved logging in OnlineClassTokenManager for token generation, storage, retrieval, and deletion processes, including error handling for Redis interactions.
- Commented out the entire class and method definitions for the PlugNMeetWebhookAPIView to facilitate debugging and future modifications.
- Retained the structure and docstrings for clarity on event handling and signature verification.
- Enhanced debug logging for signature verification to assist in identifying issues during development.
- Updated permission logic for course management.
- Simplified room ID setup and metadata handling.
- Enhanced PlugNMeetClient integration for room creation and token generation.
- Improved error handling and logging for API interactions.
- Adjusted response structure to include the generated access token for frontend use.
- Updated the _verify_webhook_signature method to include detailed debug logging for better traceability of signature verification issues.
- Improved error messages for missing headers and configuration settings.
- Added checks for empty request bodies to assist in identifying middleware issues.
- Adjusted logging to prevent sensitive information exposure while still providing useful debugging information.
- Implemented validation and permission checks for course management.
- Updated room ID generation to comply with NATS rules by prefixing with 'room-'.
- Integrated JWT token generation for user access to live sessions.
- Improved error handling for PlugNMeet API interactions.
- Enhanced response structure to include access token for frontend connectivity.
- Changed URL configurations in article, course, and transaction apps to use re_path for improved regex matching of slugs.
- This update enhances flexibility in slug handling across various endpoints, ensuring consistency in URL patterns.
- Add avatar field to ProfessorListSerializer using FileFieldSerializer for better avatar handling.
- Update room ID generation in CourseLiveSessionRoomCreateAPIView to use a consistent format.
- Introduce debug logging in PlugNMeetClient for room creation payload to aid in troubleshooting.
Extend recording_features in live session room creation to include:
- is_allow_local for enabling local recording
- only_record_admin_webcams to control recording scope
Defaults set to True for local recording and False for admin-only webcams
- add recorded_file FileField to CourseLiveSession with migration
- add serializers for recording upload and metadata
- add PATCH endpoint to create a recording for latest session:
/<int:course_id>/live-sessions/recorded-file/
- enforce can_manage_course permission and return recording metadata
- update urls and views; use FileFieldSerializer for file handling
Change the room ID format in CourseLiveSessionRoomCreateAPIView to use the course ID and a static string instead of a timestamp. This ensures consistent room IDs for live sessions.
Introduce PlugNMeetWebhookAPIView to handle:
- room_finished: close live session and mark users offline
- participant_joined: create/reactivate LiveSessionUser
- participant_left: mark user offline with exit timestamp
- end_recording: fetch info, obtain token, download file, save
LiveSessionRecording, and generate video thumbnails via ffmpeg
Add new PlugNMeetClient methods:
- get_recording_info
- get_recording_download_token
- download_file
Expose webhook route at /api/course/plugnmeet/webhook/ with HMAC
SHA256 signature verification (Hash-Token header).
Deprecate polling-based room status sync in
CourseOnlineClassTokenValidateAPIView in favor of webhooks.
build(docker): add ffmpeg to production image for thumbnail generation
docs: add webhook setup and usage guides (README_WEBHOOK.md,
docs/plugnmeet_webhook.md)
chore(scripts): add create_live_room.sh and scripts/test_webhook.py for
manual testing and workflow support
Return an absolute URI for the avatar in live session token
metadata so external services (e.g., PlugNMeet) can fetch the
image reliably. Add debug logging to PlugNMeet client POST
requests and info logging for the resolved profile picture URL
to aid troubleshooting.
Use avatar.url directly to avoid duplicating the host when the
storage returns an absolute URL. Prevents malformed avatar links
in live session token responses.
- Remove `metadata` from LiveSessionRoomCreateSerializer and ignore any
client-provided `metadata` for security (with warning log)
- Build secured room metadata server-side with explicit default lock
settings (mic/webcam/screen share locked; whiteboard/notepad/chat
unlocked) and comprehensive room features (chat, recording, breakout,
waiting room, etc.)
- Convert all request payload keys to camelCase before calling PlugNMeet
for both room creation and join token to match protocol requirements
- Extend non-admin user lock_settings in join token to include
whiteboard/notepad/chat controls
- Update live-session docs and add comprehensive PlugNMeet API docs
BREAKING CHANGE: Clients must no longer send `metadata` when creating a
room; all room settings are now enforced server-side and cannot be
overridden by the client. The serializer no longer accepts `metadata`.
Poll PlugNMeet for room activity during online class token validation
and close inactive sessions, updating related LiveSessionUser entries.
Add PlugNMeetClient.is_room_active and improve error handling to raise
PlugNMeetError when response status is false. Includes logging and TODO
for future webhook-based sync.
Introduce ExchangeTokenAPIView at /api/account/exchange-token/ to
exchange temporary tokens for a DRF auth token and minimal user
profile (id, fullname, email, avatar). Tokens are one-time use and
validated via OnlineClassTokenManager. Added serializer, view, URL,
and Swagger examples.
Update CourseOnlineClassTokenAPIView to return a fixed join URL:
https://imamjavad.newhorizonco.uk/join-class?token={TOKEN}&slug={SLUG}.
Store course_slug in token payload and remove redirect_path and the
_base_components helper. Examples and docs updated.
Docs: add CHANGELOG_EXCHANGE_TOKEN.md and exchange_token_api.md;
update online_class_entry_flow.md.
BREAKING CHANGE: exchange-token endpoint moved from
/api/courses/auth/exchange-token/ to /api/account/exchange-token/.
Response shape changed: adds token, user.id is numeric, user.name
renamed to user.fullname, user.role and user.is_admin removed.
Online token response now returns a fixed URL and includes course
slug. redirect_path support removed; clients must use the returned
token for subsequent requests.
- add CourseLiveSession.room_id field with unique index
- introduce LiveSessionRoomCreateSerializer and LiveSessionTokenSerializer
- add URLs for room creation and token:
- <slug>/online/room/create
- online/room/token
- enhance token validation metadata with:
- can_create_live_session, can_join_live_session flags
- live session context (active_room_id, timings, details)
- improve logging and token error handling in validation flow
- add PlugNMeet configuration settings (URL, API key/secret, timeout)
This introduces the endpoints and data structures needed to create and
join live sessions, and surfaces richer metadata for frontend usage. A
database migration is required for the new model field and index.
- change URL pattern to use <slug:slug> instead of <int:pk>
- update view signature and swagger parameter to slug
- fetch course by slug to match detail endpoint
- ensures consistent API across course endpoints
BREAKING CHANGE: the online validate endpoint now uses slug instead of pk; clients must update the path parameter from integer pk to string slug
- add route for <int:pk>/online/validate/ to token validate view
- implement authenticated GET returning course, user and metadata
- enforce auth only for GET via get_permissions
- add Swagger docs for the new endpoint
No breaking changes.
Use request.build_absolute_uri('/') to derive the base domain instead
of relying on ONLINE_CLASS_FRONTEND_DOMAIN/SITE_DOMAIN. This produces
correct entry URLs based on the incoming request.
Add ONLINE_CLASS_DEFAULT_PATH (default: 'join-class') as a fallback
when redirect_path is not provided.
Update the view to pass request to _build_base_url.
- create CourseLiveSession, LiveSessionUser, LiveSessionRecording with
indexes and unique constraints
- register new models in admin and add UNFOLD navigation entries
- update token validation to derive is_online and include
livesession_started_at, livesession_ended_at, and can_start_online_class
- extend online class entry flow documentation with new fields
- add migration for new live session tables
nwhco