Skip to content
This repository has been archived by the owner. It is now read-only.
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Written by Dennis Schubert

devise_browserid_authenticatable is a module to add BrowserID/Persona authentication support to Devise applications.

The warden strategy was written for use in Rails 3.1 and Devise 2 application, but they should work in other configurations, too.

Contributions are welcome.


To install the gem, just add a

gem "devise_browserid_authenticatable"

to your Gemfile and run bundle install.

Create the initializer running rails generate browser_id:install.

To enable the warden strategy, add the following lines to config/initializers/devise.rb:

config.warden do |manager|
  manager.default_strategies(:scope => :user).unshift :browserid_authenticatable

Using the 'Sign in with persona' button

There is a view helper called browserid_js_tag to include the BrowserID javascript file matching the current environment (development or production). To use it, simply add

<%= browserid_js_tag %>

to your application layout inside the header.

Next you have to find and download a matching button for your application. There are some nice buttons (even CSS-only buttons) available, check out the MDN page to find one.

I like to wrap a link around the image tag so your template could look like

<%= link_to (image_tag "persona-button.png", :class => "persona-login-button"), '#' %>

Next you need to add some JavaScript to do the actual sign in process. The JavaScript could look like this (you will find an explanation below the code):

$(".persona-login-button").click(function(e) {
  e.preventDefault(); {
    if (assertion) {
        url: '/users/sign_in',
        type: "POST",
        dataType: "json",
        cache: false,
        data: {
          "assertion": assertion
        success: function(data, status) {
          window.location.href = '/';

The JavaScript snippet is calling the when the user clicked on the sign in button to get an assertion from BrowserID. Check out the linked MDN page for information about how to add terms of service and privacy policies if you want to. The callback function posts the assertion asynchronous to the Rails application (the sign_in-path) to check it. When the check was successful, the script will redirect the user to your application root path.

Feel free to add error handling.

You can’t perform that action at this time.