Searchβ¦
π
Getting Started
π
Popular Guides
π§βπ» Passage for Web
π
Frontend Frameworks
β
API Docs
β‘οΈ Advanced
π
Helpful Links
Overview
Passage provides backend libraries to simplify the entire process of user management. There are two main use cases for a backend library:
- 1.Authenticating Requests
- 2.Managing Passage Users
Authenticating Requests
Passage serves as your identity provider (IDP) by storing all of your app's users and authentication material. With a Passage Element, users obtain an authentication token from Passage before making subsequent requests to your web server. When a user makes an authenticated request, it is your web server's responsibility to ensure that the request is properly authenticated. Passage backend libraries make it easy. Examples of using a Passage backend library to authenticate an HTTP request are shown below:
Go
Node.js
Python (Flask)
Ruby
1
import (
2
"net/http"
3
β
4
"github.com/passageidentity/passage-go"
5
)
6
β
7
func exampleHandler(w http.ResponseWriter, r *http.Request) {
8
β
9
// Authenticate this request using the Passage SDK:
10
psg, _ := passage.New("<PASSAGE_APP_ID>", nil)
11
_, err := psg.AuthenticateRequest(r)
12
if err != nil {
13
// π¨ Authentication failed!
14
w.WriteHeader(http.StatusUnauthorized)
15
return
16
}
17
β
18
// β
Authentication successful. Proceed...
19
β
20
}
Copied!
1
import Passage from "@passageidentity/passage-node";
2
β
3
// Passage requires an App ID and, optionally, an API Key
4
const passageConfig = {
5
appID: process.env.PASSAGE_APP_ID,
6
apiKey: process.env.PASSAGE_API_KEY,
7
};
8
β
9
// Authentication using Passage class instance
10
let passage = new Passage(passageConfig);
11
app.get("/authenticatedRoute", async(req, res) => {
12
try {
13
// Authenticate request using Passage
14
let userID = await passage.authenticateRequest(req, res);
15
if (userID) {
16
// User is authenticated
17
let userData = await passage.user.get(userID);
18
console.log(userData);
19
}
20
} catch (e) {
21
// Authentication failed
22
console.log(e);
23
res.send("Authentication failed!");
24
}
25
});
Copied!
1
from passageidentity import Passage
2
import os
3
β
4
PASSAGE_APP_ID = os.environ.get("PASSAGE_APP_ID")
5
β
6
class AuthenticationMiddleware(object):
7
def __init__(self, app):
8
self.app = app
9
β
10
def __call__(self, environ, start_response):
11
request = Request(environ)
12
psg = Passage(PASSAGE_APP_ID)
13
try:
14
user = psg.authenticateRequest(request)
15
except:
16
ret = Response(u'Authorization failed', mimetype='text/plain', status=401)
17
return ret(environ, start_response)
18
environ['user'] = user
19
return self.app(environ, start_response)
Copied!
1
require 'passageidentity'
2
β
3
class ApplicationController < ActionController::Base
4
protect_from_forgery with: :exception
5
β
6
PassageClient = Passage::Client.new(
7
app_id: Rails.application.config.passage_app_id
8
)
9
β
10
def authorize!
11
begin
12
request.to_hash()
13
@user_id = PassageClient.auth.authenticate_request(request)
14
session[:psg_user_id] = @user_id
15
rescue Exception => e
16
# unauthorized
17
redirect_to "/unauthorized"
18
end
19
end
20
end
Copied!
Then protect routes with
1
class DashboardController < ApplicationController
2
β
3
before_action :authorize!, except: %i[unauthorized]
4
β
5
def authorized
6
@user = session[:psg_user_id]
7
end
8
β
9
def unauthorized
10
end
11
end
Copied!
Managing Passage Users
Passage backend libraries can be used to manage and query Passage users. You can use these functions to get information about a user, update a user's email, and activate or deactivate a user. Please see the specific SDK reference pages to learn about the language-specific interfaces for user management functionality.
In addition to your App ID, managing users requires authentication to Passage in the form of an API key. This ensure that only your application has access to information about your users. You can generate and manage your API keys in the App Settings in the Passage Console. Go there now.β
Libraries
Copy link