Confirmed users
134
edits
Identity/Verified Email Protocol/Session API: Difference between revisions
Identity/Verified Email Protocol/Session API (view source)
Revision as of 23:19, 27 July 2011
, 27 July 2011Updating headings for examples
Stomlinson (talk | contribs) (Starting to add examples, expand on the binding.) |
Stomlinson (talk | contribs) m (Updating headings for examples) |
||
| Line 9: | Line 9: | ||
When a site supports the Sessions API, a small button to the left of the HTTPS information in the browser URL will appear, the button will be labeled "login." The user will be able to click the button with the intention of being directed to the site's login. Once the user completes authentication, the "login" button will be changed to show the user's current login name. The user can click this button to show a doorhanger that displays: | When a site supports the Sessions API, a small button to the left of the HTTPS information in the browser URL will appear, the button will be labeled "login." The user will be able to click the button with the intention of being directed to the site's login. Once the user completes authentication, the "login" button will be changed to show the user's current login name. The user can click this button to show a doorhanger that displays: | ||
* the user's possible logins (for sites such as Google that support multiple accounts) | |||
* which user they are currently logged in as | |||
* give the ability to log out of the site. | |||
If the user has multiple accounts on a site and are currently logged in as user A, but then select user B, user A will be logged out and user B will be logged in. Once user B is selected, the button in the URL bar will be updated to reflect this change. If the user logs out of all accounts the button in the URL bar will display "login." | If the user has multiple accounts on a site and are currently logged in as user A, but then select user B, user A will be logged out and user B will be logged in. Once user B is selected, the button in the URL bar will be updated to reflect this change. If the user logs out of all accounts the button in the URL bar will display "login." | ||
| Line 23: | Line 23: | ||
To indicate support, but with no users logged in, the site must set navigator.id.sessions to be an empty array([]). | To indicate support, but with no users logged in, the site must set navigator.id.sessions to be an empty array([]). | ||
====Example - Indicate site support for Sessions API==== | |||
navigator.id.sessions = []; | navigator.id.sessions = []; | ||
| Line 29: | Line 29: | ||
If a site has indicated that it supports the Sessions API by setting navigator.id.sessions = [], a "Login" button will be displayed in the URL bar. When the user clicks this button, the "login" event will be triggered on the current tab's window.document. The site should attach an event handler which performs the login, whether this is through a page redirect or within the current page and AJAX calls. | If a site has indicated that it supports the Sessions API by setting navigator.id.sessions = [], a "Login" button will be displayed in the URL bar. When the user clicks this button, the "login" event will be triggered on the current tab's window.document. The site should attach an event handler which performs the login, whether this is through a page redirect or within the current page and AJAX calls. | ||
====Example - login event==== | |||
document.addEventListener('login', function(event) { | document.addEventListener('login', function(event) { | ||
document.location.href = /* login page URI here */; | document.location.href = /* login page URI here */; | ||
| Line 62: | Line 62: | ||
The site can set navigator.id.sessions at any point in the page's lifetime. If the user browses from one page where they have session information to another page where they should have session information, the session information must be made available before the DOMContentLoaded to avoid flicker in the visual indicator. | The site can set navigator.id.sessions at any point in the page's lifetime. If the user browses from one page where they have session information to another page where they should have session information, the session information must be made available before the DOMContentLoaded to avoid flicker in the visual indicator. | ||
====Example==== | ====Example - No binding information==== | ||
// | // Every page within domain must redeclare navigator.id.sessions | ||
navigator.id.sessions = [{ | navigator.id.sessions = [{ | ||
id: 'poohbear@ashdownforest.gov.uk' | id: 'poohbear@ashdownforest.gov.uk' | ||
}]; | }]; | ||
// | ====Example - Binding information==== | ||
// No other page within domain needs to declare navigator.id.sessions | |||
navigator.id.sessions = [{ | navigator.id.sessions = [{ | ||
id: 'yogibear@jellystone.nps.gov', | id: 'yogibear@jellystone.nps.gov', | ||
| Line 100: | Line 98: | ||
A site can, at any time, force an update of the session information. It can do this by setting navigator.id.sessions to indicate the updated state. | A site can, at any time, force an update of the session information. It can do this by setting navigator.id.sessions to indicate the updated state. | ||
====Example - Fall back to searching binding information==== | |||
navigator.id.sessions = undefined; | navigator.id.sessions = undefined; | ||
====Example - Remove all sessions==== | |||
navigator.id.sessions = []; | navigator.id.sessions = []; | ||
====Example - Update to a new account==== | |||
navigator.id.sessions = [{ email: 'example@mozilla.com' }]; | navigator.id.sessions = [{ email: 'example@mozilla.com' }]; | ||
| Line 116: | Line 114: | ||
The "logout" DOM event will be triggered on window's document. | The "logout" DOM event will be triggered on window's document. | ||
====Example - logout event==== | |||
document.addEventListener("logout", function(event) { | document.addEventListener("logout", function(event) { | ||
// Go to site's logout page | // Go to site's logout page | ||
}, false); | }, false); | ||