node package manager
We need your input. Help make JavaScript better: Take the 2017 JavaScript Ecosystem survey »



Does remote verification using Mozilla's API right now. Will add local verification when it is stable.

You MUST pass the current domain to the options parameter when using this in production or it may accept verifications from any domain.



local([options]) // Not yet implemented

  • options won't matter until we have local verification
  • Both return a verifier function which should be called as shown below.

verify(assertion, [options,] callback)

  • assertion is the Persona assertion you get from the browser
  • options should be an object providing information about the domain doing the verification


var verify = require('personagrata').remote();
// Assume body was already parsed by some middleware'/login', function(req, res) {
    verify(req.body.assertion, {
        proto: config.SITE_PROTOCOL, // You might be able to trust the client with this one, will be 'http' by default 
        domain: config.SITE_DOMAIN, // Never trust client with this, will be 'localhost' by default 
        port: config.SITE_PORT // By default, will be 80 for http and 443 for https 
    }, function(err, email) {
        if(email) { /* Login */ }
        else { /* Get out! */ }