Converse is a JavaScript XMPP client that can be run in a web browser. Unfortunately, it does not support the XMPP extension (XEP) that allows to verify HTTP Requests via XMPP (XMPP): XEP-0070. So I decided to code a small plugin to provide this functionality.

This article follows the serie about this XEP:

• One about Passordless Authentication using XMPP on a Django website.
• A presentation about a demo website providing this functionnality.

How to use it

See the official documentation on how to install this plugin.

If you want to hide the authentication request of your provider, you can set the following option in your converse.initialize function:

hidden: ['auth.example.com']

It will also work with any jid.

You can test the implementation with my demo website: https://demo.agayon.be/

Links

• Code on Gitlab
• XEP-0070
• Django authentification
• Demo
• Authentication component by Chteufleur
• Description of the mechanism (french)