Small verifier for Persona (aka BrowserID)
Does remote verification using Mozilla's API right now. Will add local verification when it is stable.
You MUST pass the current domain to the options parameter when using this in production or it may accept verifications from any domain.
optionswon't matter until we have local verification
- Both return a verifier function which should be called as shown below.
- assertion is the Persona assertion you get from the browser
optionsshould be an object providing information about the domain doing the verification
var verify = require'personagrata'remote;// Assume body was already parsed by some middlewareapppost'/login'verifyreqbodyassertionproto: configSITE_PROTOCOL // You might be able to trust the client with this one, will be 'http' by defaultdomain: configSITE_DOMAIN // Never trust client with this, will be 'localhost' by defaultport: configSITE_PORT // By default, will be 80 for http and 443 for httpsifemail /* Login */else /* Get out! */;;