Sign upLogin

jaredhanson/passport-browserid

View on GitHub
Star
README.md

Summary

Maintainability
Test Coverage
# passport-browserid

[![Build](https://img.shields.io/travis/jaredhanson/passport-browserid.svg)](https://travis-ci.org/jaredhanson/passport-browserid)
[![Coverage](https://img.shields.io/coveralls/jaredhanson/passport-browserid.svg)](https://coveralls.io/r/jaredhanson/passport-browserid)
[![Quality](https://img.shields.io/codeclimate/github/jaredhanson/passport-browserid.svg?label=quality)](https://codeclimate.com/github/jaredhanson/passport-browserid)
[![Dependencies](https://img.shields.io/david/jaredhanson/passport-browserid.svg)](https://david-dm.org/jaredhanson/passport-browserid)


[Passport](https://github.com/jaredhanson/passport) strategy for authenticating
with [BrowserID](https://developer.mozilla.org/en-US/docs/Mozilla/Persona).

This module lets you authenticate using BrowserID in your Node.js applications.
By plugging into Passport, BrowserID authentication can be easily and
unobtrusively integrated into any application or framework that supports
[Connect](http://www.senchalabs.org/connect/)-style middleware, including
[Express](http://expressjs.com/).

[BrowserID](https://developer.mozilla.org/en-US/docs/Mozilla/Persona) is an
open, decentralized protocol for authenticating users based on email addresses,
developed by [Mozilla](http://www.mozilla.org/).  It is commonly associated with
[Persona](https://login.persona.org/), the brand used for Mozilla's
implementation of BrowserID.  This strategy performs local verification of
assertions, delivering on BrowserID's promise of ensuring user privacy.

## Install

    $ npm install passport-browserid

## Usage

#### Configure Strategy

The BrowserID authentication strategy authenticates users using an assertion of
email address ownership, obtained via the BrowserID JavaScript API.  The
strategy requires a `verify` callback, which accepts an email address and calls
`cb` providing a user.

    passport.use(new BrowserIDStrategy({
        audience: 'http://www.example.com'
      },
      function(email, cb) {
        User.findByEmail({ email: email }, function (err, user) {
          return cb(err, user);
        });
      }
    ));

#### Authenticate Requests

Use `passport.authenticate()`, specifying the `'browserid'` strategy, to
authenticate requests.

For example, as route middleware in an [Express](http://expressjs.com/)
application:

    app.post('/auth/browserid', 
      passport.authenticate('browserid', { failureRedirect: '/login' }),
      function(req, res) {
        // Successful authentication, redirect home.
        res.redirect('/');
      });

## Considerations

#### Specification

This module is implemented based on the specifications being developed by [Mozilla Identity](https://wiki.mozilla.org/Identity),
which remain a work-in-progress and are *not* final.  Implementers are
encouraged to track the progress of these specifications and update update their
implementations as necessary.  Furthermore, the implications of relying on
non-final specifications should be understood prior to deployment.

While the specifications remain under development, it is recommended to use
Mozilla's [Remote Verification API](https://developer.mozilla.org/en-US/docs/Mozilla/Persona/Remote_Verification_API).
This functionality is implemented by [passport-persona](https://github.com/jaredhanson/passport-persona).

## Examples

For a complete, working example, refer to the [signin example](https://github.com/jaredhanson/passport-browserid/tree/master/examples/signin).

## Contributing

#### Tests

The test suite is located in the `test/` directory.  All new features are
expected to have corresponding test cases.  Ensure that the complete test suite
passes by executing:

```bash
$ make test
```

#### Coverage

All new feature development is expected to have test coverage.  Patches that
increse test coverage are happily accepted.  Coverage reports can be viewed by
executing:

```bash
$ make test-cov
$ make view-cov
```

## Support

#### Funding

This software is provided to you as open source, free of charge.  The time and
effort to develop and maintain this project is volunteered by [@jaredhanson](https://github.com/jaredhanson).
If you (or your employer) benefit from this project, please consider a financial
contribution.  Your contribution helps continue the efforts that produce this
and other open source software.

Funds are accepted via [PayPal](https://paypal.me/jaredhanson), [Venmo](https://venmo.com/jaredhanson),
and [other](http://jaredhanson.net/pay) methods.  Any amount is appreciated.

## Credits

  - [Jared Hanson](http://github.com/jaredhanson)
  - [Leo McArdle](https://github.com/LeoMcA)

## License

[The MIT License](http://opensource.org/licenses/MIT)

Copyright (c) 2011-2017 Jared Hanson <[http://jaredhanson.net/](http://jaredhanson.net/)>

<a target='_blank' rel='nofollow' href='https://app.codesponsor.io/link/vK9dyjRnnWsMzzJTQ57fRJpH/jaredhanson/passport-browserid'>  <img alt='Sponsor' width='888' height='68' src='https://app.codesponsor.io/embed/vK9dyjRnnWsMzzJTQ57fRJpH/jaredhanson/passport-browserid.svg' /></a>