π
Getting Started
π§βπ» Passage for Web
β‘οΈ Advanced
π
Helpful Links
Go
Authenticate requests and manage Passage users with Go.
To use the Passage Go SDK, you'll need your Passage App ID. You can create a new Passage App in the console.
Authenticating a Request
Passage makes it easy to associate an HTTP request with an authenticated user. The following code can be used to validate that a request was made by an authenticated user.
1
import (
2
"net/http"
3
β
4
"github.com/passageidentity/passage-go"
5
)
6
β
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
β
9
// Authenticate this request using the Passage SDK:
10
psg, _ := passage.New("<PASSAGE_APP_ID>", nil)
11
_, err := psg.AuthenticateRequest(r)
12
if err != nil {
13
// π¨ Authentication failed!
14
w.WriteHeader(http.StatusUnauthorized)
15
return
16
}
17
β
18
// β
Authentication successful. Proceed...
19
β
20
}
Copied!
Authorizing a User
It is important to remember that
psg.AuthenticateRequest() validates that a request is properly authenticated and returns the authenticated user's Passage identifier, but an additional authorization check is typically required.1
import (
2
"net/http"
3
β
4
"github.com/passageidentity/passage-go"
5
)
6
β
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
β
9
// Authenticate this request using the Passage SDK:
10
psg, _ := passage.New("<PASSAGE_APP_ID>", nil)
11
passageID, err := psg.AuthenticateRequest(r)
12
if err != nil {
13
// π¨ Authentication failed!
14
w.WriteHeader(http.StatusUnauthorized)
15
return
16
}
17
β
18
// β Authentication successful, but let's check authorization:
19
allowed := myAuthorizationCheck(passageID, "role.manager")
20
if !allowed {
21
// π¨ Authorization failed!
22
w.WriteHeader(http.StatusForbidden)
23
return
24
}
25
26
// β
Authentication & authorization successful. Proceed...
27
β
28
}
Copied!
User Management
In addition to authenticating requests, the Passage SDK also provides a way to securely manage your users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console.
The functionality currently available on a user is:
- Get a user's information
- Activate or deactivate a user (a deactivated user will not be able to log in)
- Update a user's information (email address or phone number)
Passage API Keys are sensitive! You should store them securely along with your other application secrets.
Get User
Deactivate User
Update User
1
import (
2
"net/http"
3
β
4
"github.com/passageidentity/passage-go"
5
)
6
β
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
β
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
passageID, err := psg.AuthenticateRequest(r)
13
if err != nil {
14
// π¨ Authentication failed!
15
w.WriteHeader(http.StatusUnauthorized)
16
return
17
}
18
19
// The passageID returned above can be used to get user information:
20
passageUser, err := psg.GetUser(passageID)
21
if err != nil {
22
// π Couldn't get the Passage User for some reason...
23
w.WriteHeader(http.StatusInternalServerError)
24
return
25
}
26
27
// The passageUser struct can now be inspected for detailed information
28
// about the user. A full list of fields can be found here:
29
// https://pkg.go.dev/github.com/passageidentity/passage-go#User
30
_ = passageUser
31
β
32
}
33
β
Copied!
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
β
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
β
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
β
13
// Get the Passage User ID from database
14
15
// The passageID returned above can be used deactivate a user
16
passageUser, err := psg.deactivateUser(passageID)
17
if err != nil {
18
// π Couldn't deactivate the user for some reason
19
w.WriteHeader(http.StatusInternalServerError)
20
return
21
}
22
β
23
}
Copied!
1
import (
2
"net/http"
3
4
"github.com/passageidentity/passage-go"
5
)
6
β
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
β
9
psg, _ := passage.New("<PASSAGE_APP_ID>", &passage.Config{
10
APIKey: "<PASSAGE_API_KEY>",
11
})
12
β
13
// Get the Passage User ID from database
14
15
// The passageID returned above can be used deactivate a user
16
userUpdateAttributes := UpdateBody{
17
Email: "[email protected]",
18
Phone: "+15005550006"
19
}
20
passageUser, err := psg.updateUser(passageID, userUpdateAttributes)
21
if err != nil {
22
// π failed to update the user
23
w.WriteHeader(http.StatusInternalServerError)
24
return
25
}
26
β
27
}
Copied!
Go Reference
Last modified 28d ago