How to make an implicit account using Mozilla Persona "workflow"

Question

I've been looking at Mozilla Persona but I can't figure out how you would get a user to make an account on my site without having to fill out a normal "Sign Up" form.

This is how I understand the process:

1. User clicks on the Persona login link
2. Ultimately the UI posts the "assertion" from the Persona verifier back to my site (ie /auth/login)
3. My site verifies the assertion
4. My site notices there is no user for the asserted email address
5. What do I do next?

This is where I'm a bit confused. I think my site would need to make a minimal account, and then ask the user to fill out a more comprehensive set of data: name, age, favorite color...

Can anyone give examples of how this is done?

I was looking at a few sites:

1. http://123done.org/ seems the the "account" is really just the email address. Once you sign in the site can make the local user just with the verified assertion.
2. https://ting.com/ Seems to do it wrong. You need to sign up with Ting directly (give a username/password!), but afterwards you can authenticate with Persona.

Answer 1

You've got the right idea. If you notice that the email you get doesn't map to an existing account, then you show a sign up form to the user where they need to enter their name and anything else that your site needs.

Or you do like I did in Zookeepr:

• all profile fields are optional in the DB (except for email)
• I immediately create a new account and log the user in when I get a new email
• whenever someone logs in and some of their profile fields are missing, they are shown a "please enter this missing info" screen before they can do anything else

There are of course lots of other ways to do the same thing.

If you have any other questions, feel free to jump on our mailing list. There are lots of people on there that could tell you how they implemented it on their site.