/browserid

A secure, distributed, and easy to use identification system.

Primary LanguageJavaScriptOtherNOASSERTION

Here lives the BrowserID implementation. BrowserID is an implementation of the verified email protocol.

This repository contains several distinct things related to BrowserID:

  • the browserid server - a node.js server which implements a web services api, stores a record of users, the email addresses they've verified, a bcrypted password, outstanding verification tokens, etc
  • the verifier - a stateless node.js server which does cryptographic verification of assertions. This thing is hosted on browserid.org as a convenience, but people using browserid can choose to relocated it if they want to their own servers.
  • sample and test code - to test the above
  • the browserid.org website - the templates, css, and javascript that make up the visible part of browserid.org
  • the javascript/HTML dialog & include library - this is include.js and the code that it includes, the bit that someone using browserid will include.

Dependencies

Here's the software you'll need installed:

Getting started:

  1. install node and npm
  2. run npm install to install 3rd party libraries and generate keys
  3. run npm start to start the servers locally
  4. visit the demo application ('rp') in your web browser (url output on the console at runtime)

You can stop the servers with a Cntl-C in the terminal.

Staying up to date:

  1. rm -Rf var node_modules
  2. npm install

Testing

Unit tests can be run by invoking npm test at the top level, and you should run them often. Like before committing code. To fully test the code you should install mysql and have a well permissions test user (can create and drop databases). If you don't have mysql installed, code testing is still possible (it just uses a little json database).

Development model

branching & release model - You'll notice some funky branching conventions, like the default branch is named dev rather than master as you might expect. We're using gitflow: the approach is described in a blog post.

contributions - please issue pull requests targeted at the dev branch

LICENSE

All source code here is available under the MPL 2 license, unless otherwise indicated.