Extras¶
django-browserid comes with a few extra pieces to make development easier. They’re documented below.
Offline Development¶
Because django-browsered relies on the Persona service, offline development is not supported by default. To work around this, django-browserid includes an auto-login system that lets you specify an email to log the user in with when they click a login button.
Warning
Auto-login is a huge security hole as it bypasses authentication. Only use it for local development on your own computer; never use it on a publicly-visible machine or your live, production website.
Enable auto-login¶
To enable auto-login:
- Add the
AutoLoginBackend
class to theAUTHENTICATION_BACKENDS
setting. - Set
BROWSERID_AUTOLOGIN_EMAIL
to the email you want to be logged in as. - Set
BROWSERID_AUTOLOGIN_ENABLED
toTrue
. - If you are not using
browserid_js template helper
, you have to manually addbrowserid/autologin.js
to your site.
For example:
AUTHENTICATION_BACKENDS = (
'django_browserid.auth.AutoLoginBackend',
'django_browserid.auth.BrowserIDBackend', # After auto-login.
)
BROWSERID_AUTOLOGIN_EMAIL = 'bob@example.com'
BROWSERID_AUTOLOGIN_ENABLED = True
Once these are set, any login button that uses the JavaScript API will not attempt to show the Persona popup, and will immediately log you in with the email you set above.
Disable auto-login¶
To disable auto-login:
- Set
BROWSERID_AUTOLOGIN_ENABLED
toFalse
. - If you added
browserid/autologin.js
to your site, you must remove it.