Email as default username since update to new config set-up is NOT great :)

MiroTalk

@avatar1024 You're very welcome!
I just fixed the typo—see my previous message.

Time to get some sleep now, it's pretty late here
Thanks again for using MiroTalk, and have a great night!

avatar1024

@staff Thanks for pushing the update that quickly. In addition (maybe next time you push an update) I would suggest making the suggested changes in the .env file so that by default (i.e. on the fresh install of the package) the OIDC behaviour is to use name instead of email as display name and allow display name editing.

avatar1024

Unfortunately something isn't working...

I have made the changes so my env file looks like that (first 5 lines are there by default):

All config options at https://github.com/miroslavpejic85/mirotalksfu/blob/main/.env.template

PRESENTERS=admin@cloudron.local
EMAIL_SEND_TO=admin@cloudron.local
STATS_ENABLED=false

OIDC_FORCE_USERNAME=false
OIDC_EMAIL_AS_USERNAME=false
OIDC_NAME_AS_USERNAME=true

I have restarted the app, cleared browser's cache, but I still have the same behaviour.

Either something in the changes @mirotalk-57bab571 made didn't work, or another thing I noticed is that in Cloudron package the file is called env and not .env. When I rename env to .env and restart the app, a new env file is automatically created, and it still doesn't work. @staff?

james

Hello @avatar1024
I am taking a look right now.
The file name /app/data/env is correct. If that file is missing, it will be created again.
Since you moved the file from env to .env the file was missing and got created again.

I am now trying to reproduce your issue with the latest version.

james

I can confirm this seems to have no impact.
Added the following lines to /app/data/env

OIDC_FORCE_USERNAME=false
OIDC_EMAIL_AS_USERNAME=false
OIDC_NAME_AS_USERNAME=true

Cloudron writes this to /run/mirotalksfu/env and /run/mirotalksfu/env is symlinked to /app/code/.env.
So everything in that /app/data/env => /run/mirotalksfu/env => /app/code/.env is loaded, otherwise all the other settings would be missing.

But now when checking the /app/code/app/src/config.js I see:

peer_name: {
                force: process.env.OIDC_USERNAME_FORCE !== 'false', // Require identity provider authentication
                email: process.env.OIDC_USERNAME_AS_EMAIL !== 'false', // Request email claim
                name: process.env.OIDC_USERNAME_AS_NAME === 'true', // Don't require full name
            }

So from that I can conclude the env vars should be:

OIDC_USERNAME_FORCE=false
OIDC_USERNAME_AS_EMAIL=false
OIDC_USERNAME_AS_NAME=true

This now had the desired effect.

I assume what @mirotalk-57bab571 wrote https://forum.cloudron.io/post/107999 was simply a typo or first draft of that variable names.

---

Solution

Use the following variables in /app/data/env

OIDC_USERNAME_FORCE=false
OIDC_USERNAME_AS_EMAIL=false
OIDC_USERNAME_AS_NAME=true

avatar1024

@james Brilliant, thank you looking into this, for explaining the logic and for finding the fix!

Gauthier

avatar1024

@james Do you think in the future it would make sense:

1. for the behaviour described here re display name to become the default on the Cloudron package?
2. for users to also have a way to modify the config.js file as it seems like not all options can be changed via the env file?

avatar1024

@james said in Email as default username since update to new config set-up is NOT great :

But now when checking the /app/code/app/src/config.js

Also sorry, I feel I should know this by now, but where are the the app code directories? I can't seem to find them when I ssh on the server. In that case how can I would like to view the content of this file.

MiroTalk

@james said in Email as default username since update to new config set-up is NOT great :

I assume what @mirotalk-57bab571 wrote https://forum.cloudron.io/post/107999 was simply a typo or first draft of that variable names.

Yes, you're absolutely right — the way you explained it is correct. I actually updated it in my last commit to make it more readable.

OIDC_USERNAME_FORCE=false
OIDC_USERNAME_AS_EMAIL=false
OIDC_USERNAME_AS_NAME=true

And here’s a quick explanation of each default setup:

OIDC_USERNAME_FORCE=true        # Forces the username to match the OIDC email or name. 
                                # If true, the user won't be able to change their name when joining a room.

OIDC_USERNAME_AS_EMAIL=true     # Uses the OIDC email as the username.
OIDC_USERNAME_AS_NAME=false     # Uses the OIDC name as the username.

These options give you full control over how usernames are assigned during OIDC authentication for the meeting.

Note

By default, the email is used as the username when OIDC is enabled. This helps maintain user identity and trust, and also ensures that the correct Gravatar is displayed in the room (especially if the camera is off).

In this default setup, the username cannot be edited by the user when joining a room.

However, since MiroTalk SFU is designed to be flexible, this behavior is fully configurable. You can choose whether to use the email, the name, or allow users to set their own name — depending on your needs...

james

@avatar1024 said in Email as default username since update to new config set-up is NOT great :

Also sorry, I feel I should know this by now, but where are the the app code directories? I can't seem to find them when I ssh on the server. In that case how can I would like to view the content of this file.

That is in the app itself.
You can view that via the web terminal of the app itself.

avatar1024

@james said in Email as default username since update to new config set-up is NOT great :

That is in the app itself.
You can view that via the web terminal of the app itself.

Oh yes of course, thanks!

avatar1024

Is it possible on the forum for a user to mark a post as the solution / mark a topic as solved?

joseph

@avatar1024 I have seen many normal users do it. It's under Topic tool -> Ask as question / answer .

jdaviescoates

@avatar1024 said in Email as default username since update to new config set-up is NOT great :

Is it possible on the forum for a user to mark a post as the solution / mark a topic as solved?

Yes. First you have to edit the OP to make it a question. Then you have to mark the solution post as the answer.

avatar1024

For info the variables have changed again since today's update to 1.7.58. It is now:

OIDC_FORCE_USERNAME=false                          # Force the username to match OIDC email or name (true|false)
OIDC_EMAIL_AS_USERNAME=false                       # Set username as email from OIDC (true|false)
OIDC_NAME_AS_USERNAME=true                       # Set username as name from OIDC (true|false)

MiroTalk

@avatar1024 said in Email as default username since update to new config set-up is NOT great :

For info the variables have changed again since today's update to 1.7.58. It is now:

Oops, my mistake — it's been fixed in v1.7.59.

OIDC_USERNAME_FORCE=false
OIDC_USERNAME_AS_EMAIL=false
OIDC_USERNAME_AS_NAME=true 

nebulon

Is this something which makes sense to include directly in the package or should be left to the user? Can't quite make out what the best default behavior would be

avatar1024

@nebulon said in Email as default username since update to new config set-up is NOT great :

Is this something which makes sense to include directly in the package or should be left to the user? Can't quite make out what the best default behavior would be

To me it feels like these settings should indeed be included by default in the package. Reasons are:

1. letting users choosing their display name for a meeting is always best, so OIDC_FORCE_USERNAME=false by default in the package seems like a no-brainer.
2. having your email as your username/display name in a meeting seems very weird (though if at least you can change it that's less of a problem > 1.)
3. having your actual name as the default display name seems more logical (though still with the ability to change it > 1.)

What do other people think?

@MiroTalk said in Email as default username since update to new config set-up is NOT great :

By default, the email is used as the username when OIDC is enabled. This helps maintain user identity and trust, and also ensures that the correct Gravatar is displayed in the room (especially if the camera is off).

Maintaining user identity and trust, and using the correct Gravatar should be dealt with differently by MiroTalk as using email as the username brings a very sub-optimal UX.

imc67

Agree: false/false/true would be the best default but configurable in the env