node package manager
Don’t reinvent the wheel. Reuse code within your team. Create a free org »



Does remote verification using Mozilla's API right now. Will add local verification when it is stable.

You MUST pass the current domain to the options parameter when using this in production or it may accept verifications from any domain.



local([options]) // Not yet implemented

  • options won't matter until we have local verification
  • Both return a verifier function which should be called as shown below.

verify(assertion, [options,] callback)

  • assertion is the Persona assertion you get from the browser
  • options should be an object providing information about the domain doing the verification


var verify = require('personagrata').remote();
// Assume body was already parsed by some middleware'/login', function(req, res) {
    verify(req.body.assertion, {
        proto: config.SITE_PROTOCOL, // You might be able to trust the client with this one, will be 'http' by default 
        domain: config.SITE_DOMAIN, // Never trust client with this, will be 'localhost' by default 
        port: config.SITE_PORT // By default, will be 80 for http and 443 for https 
    }, function(err, email) {
        if(email) { /* Login */ }
        else { /* Get out! */ }