This repository has been archived by the owner. It is now read-only.

Observer API's onlogin leads to an expensive backend call on each page load? #2145

fmarier opened this Issue Jul 24, 2012 · 4 comments


None yet
2 participants

fmarier commented Jul 24, 2012

Hopefully this is just me not using the Observer API properly, but if you look at the onlogin code in Libravatar, you will see that any onlogin call with a valid assertion will cause this:

  1. the JS front-end does a POST to the backend
  2. the backend then receives this request and does a POST to the Persona verifier
  3. the front-end then does nothing unless the logged in user has changed

Now, I can see a way to eliminate all of this: the JS front-end could parse the assertion and extract the email out of it. However, I'm not sure we want to recommend that people do that.

Is there a better way to handle this?


callahad commented Jul 24, 2012

How does passing loggedInEmail impact this? That should avoid the onlogin call altogether, right? Is there a reason you'd rather not use loggedInEmail?


fmarier commented Jul 24, 2012

@callahad I'm using loggedInUser maybe that's the problem.

So if I use loggedInEmail then neither onlogin nor onlogout will fire when the right user is logged in?


callahad commented Jul 25, 2012

@fmarier Correct! Unfortunately, loggedInUser got delayed and hasn't entered production yet. Even worse, I can't update MDN to note the slip. It will go live with our next production push.


fmarier commented Jul 26, 2012

As usual, @callahad was right :)

Replacing loggedInUser with loggedInEmail does prevent the unnecessary onlogin calls.

I'll close this bug, but we should make a mental note (if there isn't one already) to make sure that this is well documented.

@fmarier fmarier closed this Jul 26, 2012

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.