![Show Menu](styles/mobile-menu.png)
![Page Background](./../common/page-substrates/page0272.png)
.
fail
(
function
() {
navigator
.
id
.
logout
();});
},
onlogout
:
function
() {
$
.
post
(
'/accounts/logout'
)
.
always
(
function
() {
window
.
location
.
reload
(); });
}
});
});
</script>
The Persona JavaScript library gives us a special
navigator.id
object. We bind its
request
method to our link called “login” (which I’ve put in any old where at the top
of the page), and similarly a “logout” link gets bound to a
logout
function:
lists/templates/base.html (ch15l002).
<body>
<div
class=
"container"
>
<div
class=
"navbar"
>
{% if user.email %}
<p>
Logged in as {{ user.email}}
</p>
<p><a
id=
"logout"
href=
"{% url 'logout' %}"
>
Sign out
</a></p>
{% else %}
<a
href=
"#"
id=
"login"
>
Sign in
</a>
{% endif %}
<p>
User: {{user}}
</p>
</div>
<div
class=
"row"
>
[...]
The Browser-ID Protocol
Persona will now pop up its authentication dialog box if users click the log in link. What
happens next is the clever part of the Persona protocol: the user enters an email address,
and the browser takes care of validating that email address, by taking the user to the
email provider (Google, Yahoo, or whoever), and validating it with them.
Let’s say it’s Google: Google asks the user to confirm their username and password, and
maybe even does some two-factor auth wizardry, and is then prepared to confirm to
your browser that you are who you say you are. Google then passes a certificate back to
the browser, which is cryptographically signed to prove it’s from Google, and which
contains the user’s email address.
At this point the browser can trust that you do own that email address, and it can
incidentally reuse that certificate for any other websites that use Persona.
Now it combines the certificate with the domain name of the website you want to log
into in to a blob called an “assertion”, and sends them on to our site for validation.
244
|
Chapter 15: User Authentication, Integrating Third-Party Plugins, and Mocking with JavaScript