This allows users to sign in to Hydra using Mozilla Persona accounts. When a user first sign in, a row in the Users table for the given Persona identity (an email address) is created automatically.
To do: figure out how to deal with legacy accounts.
36ZTCZ4FDV6ILURQEIGFHCP57ALZH6OWYNN3MBXG2QXZSBULBPMAC
7KF7YZDRRB5VR3GDVRVNAXAZWB6T3FAQ3CXWH7J6KODHT3ODIIYAC
RFGPN7U7DOFZMPNLJDTS3IXEYSDN57HUDKI5I54NU4LC376JUR2AC
S5GCSCNSR43NZ23DR22G7E7ZWNCSQ44WUPXLESYHJCM7XBKED3SQC
DV43UILUJNNU4DJMQ5NIZ2TY5Y4NOPQZXXQQJNKINUKA2VBAJ2QAC
LZVO64YG43JD7YMZSCTZNOBS5ROZA4FMPKJW2YOMHX2V5PTGBVWQC
HTL6HIBMRGSX2H2H7KB4MC3H6UQ5C752VC3UHC43SRA7V66PQCRQC
J5UVLXOK6EDIL5I7VKWH4V2QDS4DPD7FHRK6XBWSXFRQS4JKXFZQC
XJRJ4J7M6BC433TBLWHHKX7UYYCFX6M7ZQLUEYYTREPCSM6M3RDQC
PZL3SZM3U3BYJX2RGYXC6NMBG7WQHFWHSYDYXZ7Q5VZA3EDYVPIQC
HRAFVVOEGQJQS4XQNZSMNYN2SUZGKEGPSJUDZUBMI2IN32WFNQ4QC
JARRBLZDQ2JZWY7IUVPTOT7WJMBPMLFLF2MGLVGOYROAAISYGLSAC
OEPUOUNBNTHTFZVDXREGBQCKFRCWMVP2MDVK4OA47VK2DBKEWVYAC
RU7AQO7U4HCWJNQTR2KRGDLLG24WYD47MWIHREV6SIAPCPDQHAWQC
QL55ECJ6KMMBUOWQ6LKSOVN7L43CH4S6SPE2AQ3VX3KSGC32RP4AC
sub persona_login :Path('/persona-login') Args(0) {
my ($self, $c) = @_;
$c->stash->{json} = {};
die if $c->request->method ne "POST";
my $assertion = $c->req->params->{assertion} or die;
my $ua = new LWP::UserAgent;
my $response = $ua->post(
'https://verifier.login.persona.org/verify',
{ assertion => $assertion,
audience => "http://localhost:3000/"
});
Catalyst::Exception->throw("Did not get a response from Persona.") unless $response->is_success;
my $email = $d->{email} or die;
my $user = $c->find_user({ username => $email });
if (!$user) {
$c->model('DB::Users')->create(
{ username => $email
, password => "!"
, emailaddress => $email,
});
$user = $c->find_user({ username => $email }) or die;
}
$c->set_authenticated($user);
$c->stash->{json}->{result} = "ok";
}
<script src="https://login.persona.org/include.js"></script>
<script>
navigator.id.watch({
loggedInUser: [% c.user_exists ? '"' _ HTML.escape(c.user.username) _ '"' : "null" %],
onlogin: function(assertion) {
$.post("[% c.uri_for('/persona-login') %]", { assertion: assertion })
.done(function(data) {
if (data.error)
bootbox.alert("Login failed: " + data.error);
else
window.location.reload();
})
.fail(function() { bootbox.alert("Server request failed!"); });
},
onlogout: function() {
$.ajax({
type: 'POST',
url: '/logout',
success: function(res, status, xhr) { window.location.reload(); },
error: function(xhr, status, err) { alert("Logout failure: " + err); }
});
}
});