[feature request] JWT valid only for a specific room

[vincentfretin]

Related to the JWT (see #77).
Currently the JWT content can contains { join_hub: true, kick_users: true } because the security model of Hubs was giving access to all rooms in the Hubs Cloud instance. For my use case, I may need more security, only giving access to one or more rooms so I think it would make sense to add an additional optional room_ids parameter like this
{ kick_users: true, room_ids: ["123", "456"] }
(make it plural to support main room with breakout rooms right away)
room_ids and join_hub should be mutually exclusive, only one of this parameter should be in the JWT.
Thoughts?

[mqp]

That sounds like a totally reasonable thing to have.

[mqp]

I think I would prefer to implement it slightly differently. I would consider join_hub and kick_users "what you can do" fields, and room_ids the "where you can do it" field, where the lack of room_ids implies "everywhere". So the token you want would have both join_hub and room_ids specified. That seems like a simpler way to think about it.

[vincentfretin]

That can work too. This is why I asked for opinion, thanks. ;-)
I'll probably work on this next month.

[mqp]

Oops, I did it!

[vincentfretin]

:D Thank you. I'll create more issues like this if you can't help yourself of implementing it. ;-)

[mqp]

I'm having fun working on this a little bit so go for it.