This document describes the Django settings that can be used to customize the behavior of django-browserid.
Default: No default
List of audiences that your site accepts. An audience is the protocol, domain name, and (optionally) port that users access your site from. This list is used to determine the audience a user is part of (how they are accessing your site), which is used during verification to ensure that the assertion given to you by the user was intended for your site.
Without this, other sites that the user has authenticated with via Persona could use their assertions to impersonate the user on your site.
Note that this does not have to be a publicly accessible URL, so local URLs like http://localhost:8000 or http://127.0.0.1 are acceptable as long as they match what you are using to access your site.
If you want to use named URLs instead of directly including URLs into your settings file, you can use reverse_lazy to do so.
Path to redirect to on successful login. If you don’t specify this, the default Django value will be used.
Path to redirect to on an unsuccessful login attempt.
Path to redirect to on logout.
Customizing the Login Popup¶
Customizing the Verify View¶
Allows you to substitute a custom class-based view for verifying assertions. For example, the string ‘myapp.users.views.Verify’ would import Verify from myapp.users.views and use it in place of the default view.
When using a custom view, it is generally a good idea to subclass the default Verify and override the methods you want to change.
If True or False, enables or disables automatic user creation during authentication. If set to a string, it is treated as an import path pointing to a custom user creation function.
Controls whether the Verify view performs some helpful checks for common mistakes. Useful if you’re getting warnings for things you know aren’t errors.