Persona is an ExpressJS and React library for making user authentication easy into integrate into your applications.
It was created to satisfy a need to be avoid vendor lock-in and to own your own data, while keeping simplicity and customisation in mind.
Though tools like Firebase offer easy authentication, they are hard to integrate into existing applications where the data may be stored elsewhere.
Using it is straightforward. On the server-side, we create a Persona instance that takes our configuration, where we tell it which
authentication modes we wish to use (Google, Facebook or Email/Password). We then pass it our Express app instance for it to setup
the endpoints that the frontend will use.
In order to keep ownership of our data, we must pass it a PersonaAdapter instance which we create to get or create users.
For example:
We can then hook up the frontend using the PersonaProvider. For example, in NextJS:
Now Persona will provide us with a usePersona() hook to access the logged in user and the logout function, as
well as the <LoginForm /> and <RegisterForm /> components:
To protect our routes, we must add a Bearer token using the getAccessToken() function:
And on the server, we can use the Persona middleware to ensure only authenticated requests get through:
We can also make our own auth middleware using the persona.verifyAccessToken(string) and
persona.authorize(Request) methods.
The registration form for when email/password authentication is enabled and configured to ask for a first name
Default login form when email/password and social logins are enabled
An example of how the form can be customised in any (ugly) way we like
The registration form for when email/password authentication is enabled and configured to ask for a first name
Default login form when email/password and social logins are enabled
1 of 3