fix(meetings): always fetch per-user join URL for public meetings (#617)

* fix(meetings): always fetch per-user join URL for public meetings

  The `public_link` field returned by ITX/query-service is the LFX
  landing-page URL used in calendar invites, not a direct Zoom join URL.
  Short-circuiting the join flow on `public_link` caused a cascade where
  clicking "Join" sent users to the LFX landing page, which then bounced
  them back into the join flow.
  Drop the `public_link` short-circuit in `dashboard-meeting-card` and
  `meeting-card`, and stop pre-fetching/returning it from
  `GET /public/api/meetings/:id`. `POST /public/api/meetings/:id/join-url`
  now always calls `meetingService.getMeetingJoinUrl` so each viewer gets
  their own per-user join link with the existing time-window, password,
  and restricted-meeting checks. Remove the now-unused `public_link`
  field from the shared `Meeting` interface and the orphan
  `handleJoinUrlForPublicMeeting` helper.

Generated with Claude

Signed-off-by: Audi Young <audi.mycloud@gmail.com>

* refactor(meetings): drop bug-explanation comments

Signed-off-by: Asitha de Silva <asithade@gmail.com>

---------

Signed-off-by: Audi Young <audi.mycloud@gmail.com>
Signed-off-by: Asitha de Silva <asithade@gmail.com>
Co-authored-by: Asitha de Silva <asithade@gmail.com>

Author: audigregorie

apps/lfx-one/src/app/modules/dashboards/components/dashboard-meeting-card/dashboard-meeting-card.component.ts

@@ -95,10 +95,6 @@ export class DashboardMeetingCardComponent {
           return of(null);
         }
 
-        if (meeting.public_link) {
-          return of(meeting.public_link);
-        }
-
         if (authenticated && user?.email) {
           return this.meetingService.getPublicMeetingJoinUrl(meeting.id, meeting.password, { email: user.email }).pipe(
             map((res) => buildJoinUrlWithParams(res.link, user)),

apps/lfx-one/src/app/modules/meetings/components/meeting-card/meeting-card.component.ts

@@ -202,12 +202,6 @@ export class MeetingCardComponent implements OnInit {
           return of(null);
         }
 
-        // Use public_link directly if available (e.g. for legacy meetings with link from query service)
-        if (meeting.public_link) {
-          return of(meeting.public_link);
-        }
-
-        // Otherwise fetch join URL from API for authenticated users
         if (authenticated && user?.email) {
           return this.meetingService.getPublicMeetingJoinUrl(meeting.id, meeting.password, { email: user.email }).pipe(
             map((res) => buildJoinUrlWithParams(res.link, user)),

apps/lfx-one/src/server/controllers/public-meeting.controller.ts

@@ -124,28 +124,14 @@ export class PublicMeetingController {
       // Log the success
       logger.success(req, 'get_public_meeting_by_id', startTime, { meeting_id: id, project_uid: meeting.project_uid, title: meeting.title });
 
-      // Check if the meeting visibility is public and not restricted, if so, get join URL and return the meeting and project
       if (meeting.visibility === MeetingVisibility.PUBLIC && !meeting.restricted) {
-        // Only get join URL if within allowed join time window
-        if (this.isWithinJoinWindow(meeting)) {
-          // Fetch join URL if not already available from ITX data
-          if (!meeting.public_link) {
-            await this.handleJoinUrlForPublicMeeting(req, meeting, id);
-          }
-        } else {
-          // Remove public link outside join window
-          delete meeting.public_link;
-        }
         res.json({
           meeting,
           project: { name: project.name, slug: project.slug, logo_url: project.logo_url, uid: project.uid, parent_uid: project.parent_uid },
         });
         return;
       }
 
-      // Remove public link for restricted/private meetings (will be provided after password validation)
-      delete meeting.public_link;
-
       // Check if the user has passed in a password, if so, check if it's correct
       const { password } = req.query;
       if (!this.validateMeetingPassword(password as string, meeting.password as string, 'get_public_meeting_by_id', req, next)) {
@@ -312,12 +298,6 @@ export class PublicMeetingController {
         await this.restrictedMeetingCheck(req, next, email, id);
       }
 
-      // Return public_link if available from ITX data, otherwise fetch from API
-      if (meeting.public_link) {
-        res.json({ link: meeting.public_link });
-        return;
-      }
-
       const joinUrlData = await this.meetingService.getMeetingJoinUrl(req, id, email);
 
       // Log the success
@@ -499,31 +479,6 @@ export class PublicMeetingController {
     return meeting;
   }
 
-  /**
-   * Handles join URL logic for public meetings
-   */
-  private async handleJoinUrlForPublicMeeting(req: Request, meeting: any, id: string): Promise<void> {
-    const startTime = logger.startOperation(req, 'handle_link_for_public_meeting', {
-      meeting_id: id,
-    });
-
-    try {
-      const joinUrlData = await this.meetingService.getMeetingJoinUrl(req, id);
-      meeting.public_link = joinUrlData.link;
-
-      logger.success(req, 'handle_link_for_public_meeting', startTime, {
-        meeting_id: id,
-        has_link: !!joinUrlData.link,
-      });
-    } catch (error) {
-      logger.warning(req, 'handle_link_for_public_meeting', 'Failed to fetch join URL, continuing without it', {
-        meeting_id: id,
-        has_token: !!req.bearerToken,
-        err: error,
-      });
-    }
-  }
-
   /**
    * Checks if the current time is within the allowed join window for a meeting
    */

packages/shared/src/interfaces/meeting.interface.ts

@@ -210,8 +210,6 @@ export interface Meeting {
   // Fields NOT in API - likely response-only
   /** Invited to meeting (response only) */
   invited: boolean;
-  /** Meeting public link (join URL) */
-  public_link?: string;
   /** Total registrant count from API */
   registrant_count?: number;
   /** Count fields (response only) — omitted when list endpoints skip per-meeting enrichment; callers must handle undefined. */