How to protect STUN/TURN server information in JS?

I'm building a WebRTC app and the JS will have the following code (credentials are from example and not real):

{
  'iceServers': [
    {
      'url': 'stun:stun.l.google.com:19302'
    },
    {
      'url': 'turn:192.158.29.39:3478?transport=udp',
      'credential': 'JZEOEt2V3Qb0y27GRntt2u2PAYA=',
      'username': '28224511:1379330808'
    },
    {
      'url': 'turn:192.158.29.39:3478?transport=tcp',
      'credential': 'JZEOEt2V3Qb0y27GRntt2u2PAYA=',
      'username': '28224511:1379330808'
    }
  ]
}

which means that anyone can grab my credentials and use my server for their own needs.

How do I avoid this situation?

Solution

The most common approach is to give out credentials which expire in a couple of hours. This is described in this draft

For example the credentials you quote are taken from this article and they expired on Mon Sep 16 2013 (from new Date(1379330808 * 1000))

React Component with simple-peer can't seem to complete an ICE server connection to a Janus WebRTC server
Where is last precompiled library org.webrtc:google-webrtc:1.0 for Android?
Video element didn't show up after successfully getting local stream WebRTC
File contains corrupted data - Package Manager Console
How to fix "Failed to resolve: org.webrtc:google-webrtc"?
HTML audio element currentTime property too high on mobile and Safari
How to check if a track is already added to a WebRTC peer connection before adding it?
Streaming screen record from WebRTC app - route audio to internal
Why can WebAudio's gain node mix multiple inputs when it only has one input?
How to implement "Who is talking?" feature in webrtc ios application?
WebRTC: periodic disconnections
Order of adding ice-candidates to webrtc-connection
Video mediaDevices Assign a Blob To 'videoRef.srcObject' In Place of 'src'
How can I create a "limited" webrtc-connection?
How to send RTP stream to Janus from NGINX RTMP module?
Change playout delay in WebRTC stream
Setting resolution for WebRTC using Unity Render Streaming to stream video file in a specific resolution
One-Way Audio on 1:1 call .NET MAUI , Azure Communication Services using Javascript
How to check Microphone Volume in Angular
WebRTC never fires onIceCandidate
Flutter receive web rtc calls when app is terminated (detached state)
WebRTC Data channel is opened but not sending any data
WebRTC - multi-track streams issue on Firefox <> Chrome
getUserMedia how can i improve audio quality? How can I make audio to stop echoing?
Generate ECDSA BouncyCastle certificate without EC named parameters
Send text message from Unity Client to Javascript server using Unity Render Streaming and WebRTC
Can I use PeerJS without a PeerJS Server?
Undefined reference to 'owr_init' (linker error)
Cannot figure out why DTLS handshake does not complete
android webrtc intent leak