Comment on page
SDKs
Authenticate requests and manage users in your backend application.
Passage provides backend libraries to simplify the entire process of user management. There are two main use cases for a backend library:
- 1.Authenticating Requests
- 2.Managing Passage Users
Passage serves as your identity provider (IDP) by storing all of your app's users and authentication material. With a Passage Element, users obtain an authentication token from Passage before making subsequent requests to your web server. When a user makes an authenticated request, it is your web server's responsibility to ensure that the request is properly authenticated. Passage backend libraries make it easy. Examples of using a Passage backend library to authenticate an HTTP request are shown below:
Go
Node.js
Python (Flask)
Ruby
import (
"net/http"
"github.com/passageidentity/passage-go"
)
func exampleHandler(w http.ResponseWriter, r *http.Request) {
// Authenticate this request using the Passage SDK:
psg, _ := passage.New("<PASSAGE_APP_ID>", nil)
_, err := psg.AuthenticateRequest(r)
if err != nil {
// 🚨 Authentication failed!
w.WriteHeader(http.StatusUnauthorized)
return
}
// ✅ Authentication successful. Proceed...
}
import Passage from "@passageidentity/passage-node";
// Passage requires an App ID and, optionally, an API Key
const passageConfig = {
appID: process.env.PASSAGE_APP_ID,
apiKey: process.env.PASSAGE_API_KEY,
};
// Authentication using Passage class instance
let passage = new Passage(passageConfig);
app.get("/authenticatedRoute", async(req, res) => {
try {
// Authenticate request using Passage
let userID = await passage.authenticateRequest(req, res);
if (userID) {
// User is authenticated
let userData = await passage.user.get(userID);
console.log(userData);
}
} catch (e) {
// Authentication failed
console.log(e);
res.send("Authentication failed!");
}
});
from passageidentity import Passage
import os
PASSAGE_APP_ID = os.environ.get("PASSAGE_APP_ID")
class AuthenticationMiddleware(object):
def __init__(self, app):
self.app = app
def __call__(self, environ, start_response):
request = Request(environ)
psg = Passage(PASSAGE_APP_ID)
try:
user = psg.authenticateRequest(request)
except:
ret = Response(u'Authorization failed', mimetype='text/plain', status=401)
return ret(environ, start_response)
environ['user'] = user
return self.app(environ, start_response)
require 'passageidentity'
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
PassageClient = Passage::Client.new(
app_id: Rails.application.config.passage_app_id
)
def authorize!
begin
request.to_hash()
@user_id = PassageClient.auth.validate_jwt(auth_token)
session[:psg_user_id] = @user_id
rescue Exception => e
# unauthorized
redirect_to "/unauthorized"
end
end
end
Then protect routes with
class DashboardController < ApplicationController
before_action :authorize!, except: %i[unauthorized]
def authorized
@user = session[:psg_user_id]
end
def unauthorized
end
end
Passage backend libraries can be used to manage and query Passage users. You can use these functions to get information about a user, update a user's email, and activate or deactivate a user. Please see the specific SDK reference pages to learn about the language-specific interfaces for user management functionality.
In addition to your App ID, managing users requires authentication to Passage in the form of an API key. This ensure that only your application has access to information about your users. You can generate and manage your API keys in the App Settings in the Passage Console. Go there now.
Last modified 3d ago