Skip to content
This repository has been archived by the owner on Jan 29, 2019. It is now read-only.

Latest commit

 

History

History
124 lines (78 loc) · 3.77 KB

settings.rst

File metadata and controls

124 lines (78 loc) · 3.77 KB
Raw

Settings

django.conf.settings

This document describes the Django settings that can be used to customize the behavior of django-browserid.

Core Settings

BROWSERID_AUDIENCES

default

No default

List of audiences that your site accepts. An audience is the protocol, domain name, and (optionally) port that users access your site from. This list is used to determine the audience a user is part of (how they are accessing your site), which is used during verification to ensure that the assertion given to you by the user was intended for your site.

Without this, other sites that the user has authenticated with via Persona could use their assertions to impersonate the user on your site.

Note that this does not have to be a publicly accessible URL, so local URLs like http://localhost:8000 or http://127.0.0.1 are acceptable as long as they match what you are using to access your site.

Redirect URLs

Note

If you want to use named URLs instead of directly including URLs into your settings file, you can use reverse_lazy to do so.

LOGIN_REDIRECT_URL

default

'/accounts/profile'

Path to redirect to on successful login. If you don't specify this, the default Django value will be used.

LOGIN_REDIRECT_URL_FAILURE

default

'/'

Path to redirect to on an unsuccessful login attempt.

LOGOUT_REDIRECT_URL

default

'/'

Path to redirect to on logout.

Customizing the Login Popup

BROWSERID_REQUEST_ARGS

default

{}

Controls the arguments passed to navigator.id.request, which are used to customize the login popup box. To see a list of valid keys and what they do, check out the navigator.id.request documentation.

Customizing the Verify View

BROWSERID_VERIFY_CLASS

default

django_browserid.views.Verify

Allows you to substitute a custom class-based view for verifying assertions. For example, the string 'myapp.users.views.Verify' would import Verify from myapp.users.views and use it in place of the default view.

When using a custom view, it is generally a good idea to subclass the default Verify and override the methods you want to change.

BROWSERID_CREATE_USER

default

True

If True or False, enables or disables automatic user creation during authentication. If set to a string, it is treated as an import path pointing to a custom user creation function.

BROWSERID_DISABLE_SANITY_CHECKS

default

False

Controls whether the Verify view performs some helpful checks for common mistakes. Useful if you're getting warnings for things you know aren't errors.

Using a Different Identity Provider

BROWSERID_SHIM

default

'https://login.persona.org/include.js'

The URL to use for the BrowserID JavaScript shim.

Extras

BROWSERID_AUTOLOGIN_ENABLED

default

False

If True, enables auto-login. You must also set the auto-login email and authentication backend for auto-login to function. See the documentation on offline development <offline-development> for more info.

BROWSERID_AUTOLOGIN_EMAIL

default

Not set

The email to log users in as when auto-login is enabled. See the documentation on offline development <offline-development> for more info.