Node.js

Authenticate requests and manage Passage users with Node.js.

Prerequisites

Passage App ID and API Key from Passage Console

Install

Install the Passage Complete Node.js npm package (opens in a new tab).

npm i @passageidentity/passage-node

To learn more, see our Passage Node.js Complete Github repository with up to date requirements and installation steps.

Authenticating requests

Passage makes it easy to associate an HTTP request with an authenticated user. The following code can be used to validate that a request was made by an authenticated user.

By default, Passage looks for the user JWT from a cookie that is set by the Passage Element ( psg_auth_token ). If your application uses Authorization headers instead, you can pass the following option to the Passage Node.js SDK.

const passageConfig = {
    appID: process.env.PASSAGE_APP_ID,
    apiKey: process.env.PASSAGE_API_KEY,
    authStrategy: 'HEADER',
};
psg = new Passage(passageConfig);

Authenticating a request With Express.js middleware

If you use Express.js, Passage provides a middleware that can be used directly. This middleware will authenticate a request and return a 401 Unauthorized if the token is invalid. If it succeeds, the Passage User ID will be available in the response. The following code shows how the Passage middleware can be used in an Express.js application.

import Passage from '@passageidentity/passage-node';
 
const passageConfig = {
    appID: process.env.PASSAGE_APP_ID,
    apiKey: process.env.PASSAGE_API_KEY,
};
 
// example of passage middleware
let passage = new psg(passageConfig);
let passageAuthMiddleware = (() => {
    return async (req, res, next) => {
        try {
            let userID = await passage.authenticateRequest(req);
            if (userID) {
                // user authenticated
                res.userID = userID;
                next();
            }
        } catch (e) {
            // failed to authenticate
            // we recommend returning a 401 or other "unauthorized" behavior
            console.log(e);
            res.status(401).send('Could not authenticate user!');
        }
    };
})();
 
app.get('/authenticatedRoute', passageAuthMiddleware, async (req, res) => {
    let userID = res.userID;
    // do authenticated things...
});

If you are not using passage-node in a request context, or your application is passing the JWT in a custom way, you can pass the JWT directly to the validAuthToken method to perform validation.

const userID = await passage.validAuthToken(token);
if (userID) {
    //authenticated
}
// otherwise, unauthorized

App information

The Passage SDK provides a way to retrieve information about an app.

import Passage from '@passageidentity/passage-node';
 
let passageConfig = {
    appID: 'YOUR_APP_ID',
};
let passage = new Passage(passageConfig);
let passageAppInfo = passage.getApp();
 
console.log(passageAppInfo);

User management

In addition to authenticating requests, the Passage Node.js SDK also provides a way to securely manage your users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console.

The functionality currently available on a user is:

  • Get a user's information (including any defined user metadata)
  • Activate or deactivate a user (a deactivated user will not be able to log in)
  • Update a user's information (email address or phone number)
  • Delete a user
  • Create a user

Passage API Keys are sensitive! You should store them securely along with your other application secrets.

Parameters

FieldType
idstring
emailstring
phonestring
activeboolean
email_verifiedboolean
created_atdatetime
last_login_atdatetime
webauthnboolean
user_metadatamap
webauthn_devices[strings]
recent_events[PassageEvents]

User device management

The functionality currently available is:

  • List all devices for a user
  • Revoke a particular device from a user

Creating Magic Links

The Node.js SDK can be used to generate custom Magic Links for users, that can be embedded into any content medium. To learn more, see our full guide on Embedded Magic Links.

import Passage from '@passageidentity/passage-node';
 
let passageConfig = {
    appID: 'YOUR_APP_ID',
    apiKey: 'YOUR_API_KEY',
};
let passage = new Passage(passageConfig);
let magicLink = passage.createMagicLink({
    email: 'newEmail@domain.com',
    redirect_url: '/custom-path/1234',
});
 
// use magicLink.url
console.log(magicLink.url);