Skip to content


Subversion checkout URL

You can clone with
Download ZIP


Observer API's onlogin leads to an expensive backend call on each page load? #2145

fmarier opened this Issue · 4 comments

2 participants


Hopefully this is just me not using the Observer API properly, but if you look at the onlogin code in Libravatar, you will see that any onlogin call with a valid assertion will cause this:

  1. the JS front-end does a POST to the backend
  2. the backend then receives this request and does a POST to the Persona verifier
  3. the front-end then does nothing unless the logged in user has changed

Now, I can see a way to eliminate all of this: the JS front-end could parse the assertion and extract the email out of it. However, I'm not sure we want to recommend that people do that.

Is there a better way to handle this?


How does passing loggedInEmail impact this? That should avoid the onlogin call altogether, right? Is there a reason you'd rather not use loggedInEmail?


@callahad I'm using loggedInUser maybe that's the problem.

So if I use loggedInEmail then neither onlogin nor onlogout will fire when the right user is logged in?


@fmarier Correct! Unfortunately, loggedInUser got delayed and hasn't entered production yet. Even worse, I can't update MDN to note the slip. It will go live with our next production push.


As usual, @callahad was right :)

Replacing loggedInUser with loggedInEmail does prevent the unnecessary onlogin calls.

I'll close this bug, but we should make a mental note (if there isn't one already) to make sure that this is well documented.

@fmarier fmarier closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.