Add the ability to fetch credentials for auto_login

via the new config option credentials_url

dev.html

@@ -53,6 +53,7 @@
 <script>
     require(['converse'], function (converse) {
         converse.initialize({
+            auto_reconnect: true,
             bosh_service_url: 'https://conversejs.org/http-bind/', // Please use this connection manager only for testing purposes
             keepalive: true,
             message_carbons: true,

docs/source/configuration.rst

@@ -315,8 +315,8 @@ This setting can only be used together with ``allow_otr = true``.
     to retrieve your private key and read your all the chat messages in your
     current session. Previous sessions however cannot be decrypted.
 
- chatstate_notification_blacklist
----------------------------------
+chatstate_notification_blacklist
+--------------------------------
 
 * Default: ``[]``
 
@@ -332,6 +332,26 @@ then you'll receive notification messages each time this happens.
 Receiving constant notifications that a user's client is connecting and disconnecting
 is annoying, so this option allows you to ignore those JIDs.
 
+credentials_url
+---------------
+
+* Default:  ``null``
+* Type:  URL
+
+This setting should be used in conjunction with ``authentication`` set to ``login`` and :ref:`keepalive` set to ``true``.
+
+It allows you to specify a URL which converse.js will call when it needs to get
+the username and password (or authentication token) which converse.js will use
+to automatically log the user in.
+
+The server behind ``credentials_url`` should return a JSON encoded object::
+
+    {
+        "jid": "me@example.com/resource",
+        "password": "Ilikecats!",
+    }
+
+
 csi_waiting_time
 ----------------
 

src/converse-core.js

@@ -253,6 +253,7 @@
             auto_subscribe: false,
             auto_xa: 0, // Seconds after which user status is set to 'xa'
             bosh_service_url: undefined, // The BOSH connection manager URL.
+            credentials_url: null, // URL from where login credentials can be fetched
             csi_waiting_time: 0, // Support for XEP-0352. Seconds before client is considered idle and CSI is sent out.
             debug: false,
             expose_rid_and_sid: false,
@@ -1635,6 +1636,27 @@
             }
         };
 
+        this.fetchLoginCredentials = function () {
+            var deferred = new $.Deferred();
+            $.ajax({
+                url:  converse.credentials_url,
+                type: 'GET',
+                dataType: "json",
+                success: function (response) {
+                    deferred.resolve({
+                        'jid': response.jid,
+                        'password': response.password
+                    });
+                },
+                error: function (response) {
+                    delete converse.connection;
+                    converse.emit('noResumeableSession');
+                    deferred.reject(response);
+                }
+            });
+            return deferred.promise();
+        };
+
         this.startNewBOSHSession = function () {
             $.ajax({
                 url:  this.prebind_url,
@@ -1685,6 +1707,30 @@
             }
         };
 
+        this.autoLogin = function (credentials) {
+            if (credentials) {
+                // If passed in, then they come from login_credentials, so we
+                // set them on the converse object.
+                this.jid = credentials.jid;
+                this.password = credentials.password;
+            }
+            if (this.authentication === converse.ANONYMOUS) {
+                this.connection.connect(this.jid.toLowerCase(), null, this.onConnectStatusChanged);
+            } else if (this.authentication === converse.LOGIN) {
+                if (!this.password) {
+                    throw new Error("initConnection: If you use auto_login and "+
+                        "authentication='login' then you also need to provide a password.");
+                }
+                var resource = Strophe.getResourceFromJid(this.jid);
+                if (!resource) {
+                    this.jid = this.jid.toLowerCase() + converse.generateResource();
+                } else {
+                    this.jid = Strophe.getBareJidFromJid(this.jid).toLowerCase()+'/'+resource;
+                }
+                this.connection.connect(this.jid, this.password, this.onConnectStatusChanged);
+            }
+        };
+
         this.attemptNonPreboundSession = function () {
             /* Handle session resumption or initialization when prebind is not being used.
              *
@@ -1701,23 +1747,17 @@
                 }
             }
             if (this.auto_login) {
-                if (!this.jid) {
-                    throw new Error("initConnection: If you use auto_login, you also need to provide a jid value");
-                }
-                if (this.authentication === converse.ANONYMOUS) {
-                    this.connection.connect(this.jid.toLowerCase(), null, this.onConnectStatusChanged);
-                } else if (this.authentication === converse.LOGIN) {
-                    if (!this.password) {
-                        throw new Error("initConnection: If you use auto_login and "+
-                            "authentication='login' then you also need to provide a password.");
-                    }
-                    var resource = Strophe.getResourceFromJid(this.jid);
-                    if (!resource) {
-                        this.jid = this.jid.toLowerCase() + converse.generateResource();
-                    } else {
-                        this.jid = Strophe.getBareJidFromJid(this.jid).toLowerCase()+'/'+resource;
-                    }
-                    this.connection.connect(this.jid, this.password, this.onConnectStatusChanged);
+                if (this.credentials_url) {
+                    this.fetchLoginCredentials().done(this.autoLogin.bind(this));
+                } else if (!this.jid) {
+                    throw new Error(
+                        "initConnection: If you use auto_login, you also need"+
+                        "to give either a jid value (and if applicable a "+
+                        "password) or you need to pass in a URL from where the "+
+                        "username and password can be fetched (via credentials_url)."
+                    );
+                } else {
+                    this.autoLogin();
                 }
             }
         };