Search…
Ruby
Authenticate requests and manage Passage users with Ruby.
To use the Passage Ruby SDK, you'll need your Passage App ID. You can create a new Passage App in the console.
To see a full example Rails application using the Ruby SDK, check out this Github repo.

Authenticating a Request

A Ruby on Rails server can easily authenticate an HTTP request using the passageidentity gem, available via RubyGems. The example below shows a Rails application that uses Passage to authorize requests.
1
require 'passageidentity'
2
​
3
class ApplicationController < ActionController::Base
4
protect_from_forgery with: :exception
5
​
6
Passage = Passage::Client.new(
7
app_id: Rails.application.config.passage_app_id
8
)
9
​
10
def authorize!
11
begin
12
request.to_hash()
13
@user_id = Passage.auth.authenticate_request(request)
14
session[:psg_user_id] = @user_id
15
rescue Exception => e
16
# unauthorized
17
redirect_to "/unauthorized"
18
end
19
end
20
end
Copied!
Then routes are protected using a before_action.
1
class DashboardController < ApplicationController
2
​
3
before_action :authorize!, except: %i[unauthorized]
4
​
5
def authorized
6
@user = session[:psg_user_id]
7
end
8
​
9
def unauthorized
10
end
11
end
Copied!
By default, Passage looks for the user JWT from a cookie that is set by the Passage Element ( psg_auth_token ). If your application uses Authorization headers instead, you can pass the following option to Passage.
1
psg = Passage::Client.new(
2
app_id: PASSAGE_APP_ID,
3
auth_strategy: Passage::HEADER_STRATEGY
4
)
Copied!
Note: If you are not building with Rails, you should use the authenticate_jwt method and extract the JWT from the header yourself in the authorize function.

Authorizing a User

It is important to remember that Passage.auth.authenticate_request(request) validates that a request is properly authenticated, but an additional authorization check is often required. You should use the Passage User ID to store role information and make authorization decision.
1
​
2
before_action :authorize!, except: %i[unauthorized]
3
​
4
def authorized
5
@user = session[:psg_user_id]
6
authorized = authorizationCheck(@user)
7
if authorized
8
# Successful authentication and authorization. Proceed ...
Copied!

App Information

The Passage SDK provide a way to retreive information about an app.
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
)
6
​
7
passageAppInfo = PassageClient.get_app()
8
​
9
puts passageAppInfo
Copied!

User Management

In addition to authenticating requests, the Passage SDK also provides a way to securely manage your users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console.
Passage API Keys are sensitive! You should store them securely along with your other application secrets.
The functionality currently available on a user is:
  • Get a user's information
  • Activate or deactivate a user (a deactivated user will not be able to log in)
  • Update a user's information (email address or phone number)
  • Delete a user
  • Create a user
Get
Activate/Deactivate
Delete
Create
Update
1
PassageClient = Passage::Client.new(
2
app_id: PASSAGE_APP_ID,
3
api_key: PASSAGE_API_KEY
4
)
5
user = PassageClient.user.get(user_id: @user_id)
6
​
Copied!
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
api_key: PASSAGE_API_KEY
6
)
7
8
user = PassageClient.user.deactivate(user_id: user_id)
9
user = PassageClient.user.activate(user_id: user_id)
Copied!
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
api_key: PASSAGE_API_KEY
6
)
7
8
user = PassageClient.user.delete(user_id: user_id)
Copied!
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
api_key: PASSAGE_API_KEY
6
)
7
8
user = PassageClient.user.create(email: "[email protected]")
9
user = PassageClient.user.create(phone: "+15005550007")
Copied!
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
api_key: PASSAGE_API_KEY
6
)
7
8
user = PassageClient.user.update(
9
user_id: user_id,
10
11
)
Copied!
All fields available in a Passage User object are listed below:
Field
Type
id
string
email
string
phone
string
active
boolean
email_verified
boolean
created_at
datetime
last_login_at
datetime
webauthn
boolean
webauthn_devices
array of string (e.g. "Mac OS X")
recent_events
array of PassageEvents

User Device Management

The functionality currently available is:
  • List all devices for a user
  • Revoke a particular device from a user
List Devices
Revoke Device
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
api_key: PASSAGE_API_KEY
6
)
7
8
devices = PassageClient.user.list_devices(user_id: user_id)
Copied!
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
api_key: PASSAGE_API_KEY
6
)
7
8
PassageClient.user.delete_device(
9
user_id: user_id,
10
device_id: device_id
11
)
Copied!

Creating Magic Links

The Ruby SDK can be used to generate custom magic link (called "smart links") for users that can be embedded into any content medium. To learn more, see our full guide on Smart Links.
1
require 'passageidentity'
2
​
3
PassageClient = Passage::Client.new(
4
app_id: PASSAGE_APP_ID,
5
api_key: PASSAGE_API_KEY
6
)
7
8
magic_link = PassageClient.create_magic_link(user_id: user_id)
9
magic_link = PassageClient.create_magic_link(
10
email: "[email protected]",
11
send: true,
12
channel: Passage::EMAIL_CHANNEL,
13
ttl: 120
14
)
Copied!