module.exports = function(app, options) { options = options || {}; var personaOpts = {}; Object.keys(defaultOptions).forEach(function(key) { if (typeof options[key] === typeof defaultOptions[key]) { personaOpts[key] = options[key]; } else { personaOpts[key] = defaultOptions[key]; } }); var verify = browseridVerify({ url: personaOpts.verifierURI }); app.post(personaOpts.verifyPath, connect.json(), connect.urlencoded(), personaOpts.middleware, function(req, res) { // If the body can't be parsed then we can't get the assertion if (!req.body) { personaOpts.verifyResponse("Server-side exception", req, res); return; } verify(req.body.assertion, personaOpts.audience, function(err, email, response) { if (err) { if (err instanceof Error) { err = err.message; } return personaOpts.verifyResponse(err, req, res); } if (response && response.status !== "okay") { return personaOpts.verifyResponse(response.reason, req, res, email); } if (req.session) { req.session[personaOpts.sessionKey] = email; } personaOpts.verifyResponse(null, req, res, email); }); }); app.post(personaOpts.logoutPath, personaOpts.middleware, function(req, res) { if (req.session) { req.session[personaOpts.sessionKey] = null; } personaOpts.logoutResponse(null, req, res); }); };
app.post('/api/verify', function(req, res) { var body = JSON.stringify({ assertion: req.body.assertion, audience: 'http://' + req.headers.host }); // 123done.org can be served from a wildcard subdomain, and we match // that subdomain to *.personatest.org. So, our audience is dynamic, // and the verifier could be as well. // Ex: ex.123done.org -> ex.personatest.org var audience = 'http://' + req.headers.host; var verify = verifier({ url: 'https://' + req.verifier_host + '/verify' }); verify(req.body.assertion, audience, function(err, email, data) { if (err) { return res.status(400).json(data); } req.session.user = email; res.json(data); }); });
}; }; module.exports.personaFilter = function() { return function(req, res, next) { if (!req.body.assertion) { return res.json({ "error": "Missing assertion" }); } process.nextTick(next); }; }; var browserIdVerify = require( "browserid-verify" ); var verifyPersona = browserIdVerify(); var verifyFxa = browserIdVerify({ url: "https://verifier.accounts.firefox.com/v2" }); module.exports.personaVerifier = function(req, res, next) { var verify = req.body.fxa ? verifyFxa : verifyPersona; verify(req.body.assertion, req.body.audience, function(err, email, response) { if (err) { return res.json({ "error": "Persona verifier error", "verifier_error": err instanceof Error ? err.toString() : err }); } if (!email) {