Your Search Results

    The implementor's guide Redirect 1

    The Quick setup guide should be enough to get you started, but when building a full production site you'll probably need features that aren't covered in that guide. In this page we've collected features that are commonly needed by sign-in systems, and explained the best-practice way to implement them with Persona.

    Call logout() after a failed login
    Always call logout() if you reject an assertion, to avoid a mismatch between your idea of the current user and Persona's idea, which can lead to an endless loop of failed logins.
    Adding extra email addresses with Persona
    How to let your users add secondary email addresses using Persona.
    Enabling users to change their email address
    How to let your users change their email address using Persona.
    Problems integrating with CSRF protection
    A problem caused by the interaction between a common mechanism for CSRF (Cross Site Request Forgery) protection and Persona's Observer API.
    Supporting users who don't have JavaScript
    Persona requires JavaScript. This page has some tips for supporting users who have JavaScript disabled.
    Call request() or get() only from a key handler or in response to a keypress
    Because Persona uses popup windows, you must call request() or get() only in response to a click or a key press, not some other event.
    Testing your system
    Some pointers for simulating users logging in and out of your website.

     

    Document Tags and Contributors

    Contributors to this page: Sheppy
    Last updated by: Sheppy,