PassageUser Class
Use this class to check if a user is authenticated from your frontend app.
PassageUser
is deprecated as of Passage-Elements v2.0.0. Use Passage-JS to get information about the
current user and manage their session.
After the user has logged in with Passage, you can perform some basic actions on that user from your frontend application. The current functionality available is:
- Retrieve basic user information.
- Check if a user is authenticated.
- Refresh or revoke user sessions.
These functions are accessible from your frontend application using the PassageUser class exported from @passageidentity/passage-elements/passage-user
. With an instantiated PassageUser instance, you can create a reusable composable in any frontend framework to manage the current user context in your application.
Constructor
The PassageUser()
constructor does not require any arguments. By default, the constructor will create the user class based on the Passage auth token stored in local storage (psg_auth_token
), which is populated by the default success callback.
If you are setting the Passage auth token differently, you can pass the token in directly.
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
// default constructor
const user = new PassageUser();
// optionally pass in auth token
const user = new PassageUser(authToken);
Auth guard
The authGuard()
method is used to check if a user is authenticated and returns a boolean indicating if the user's token is valid. This method can be used as an authenticated route guard to check if a user's token is valid.
The AuthGuard() method can be used as a route guard in your single page application, but it should NOT be used make auth decisions on API routes.
When making requests to your API you must use one of the Passage Complete backend SDKs to safely verify user authentication tokens.
An example of using the Auth Guard in a React application is shown below.
import { useState, useEffect } from 'react';
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
export function useAuthStatus() {
const [result, setResult] = useState({
isLoading: true,
isAuthorized: false,
});
useEffect(() => {
let cancelRequest = false;
new PassageUser().authGuard().then((res) => {
if (cancelRequest) {
return;
}
if (res === false) {
setResult({
isLoading: false,
isAuthorized: false,
});
return;
}
setResult({
isLoading: false,
isAuthorized: true,
});
});
return () => {
cancelRequest = true;
};
}, []);
return result;
}
User Info
Call the userInfo
method to retrieve the current user's information once they have authenticated.
Example
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
// By default, the current user's authToken will be fetched from localStorage
// and will be used to fetch the current user's information via the
// userInfo() method:
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
//uses current user
const user = new PassageUser();
const userInfo = await user.userInfo();
Example response
{
"created_at": "2022-01-19T19:56:44.80799Z",
"updated_at": "2022-01-21T19:32:16.848273Z",
"active": true,
"id": "<userID>",
"email": "user@passage.id",
"phone": "",
"webauthn": false,
"webauthn_devices": [],
"last_login_at": "2022-01-21T19:32:16.841947Z",
"login_count": 3
}
SignOut
Call the signOut
method to delete the users auth token from local storage and revoke their refresh token. The promise will resolve with true
if the signOut actions are successful.
Return Value
Boolean: the promise will resolve with true
if the signOut actions are successful.
Example
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
const user = new PassageUser();
const signedOut = await user.signOut();
GetAuthToken
Call the getAuthToken
method to retrieve the auth token of the current user.
If the user has a valid refresh token and an invalid auth token it will silently attempt to refresh the auth token.
Return Value
String: the users authToken value.
If no valid auth token is found it will return an empty string.
Example
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
const user = new PassageUser();
const userAuthToken = await user.getAuthToken();
Refresh
Call the refresh
method to refresh the auth token of the current user. Refresh tokens must be enabled to use this method.
For most cases we recommend using the getAuthToken
method which will silently run the refresh method if the user has an invalid auth token stored.
Return Value
String: the users authToken value.
If no valid auth token is found it will return an empty string.
Example
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
const user = new PassageUser();
const userAuthToken = await user.refresh();