PassageUser Class

Use this class to check if a user is authenticated from your frontend app.

⚠️

PassageUser is deprecated as of Passage-Elements v2.0.0. Use Passage-JS to get information about the current user and manage their session.

After the user has logged in with Passage, you can perform some basic actions on that user from your frontend application. The current functionality available is:

  • Retrieve basic user information.
  • Check if a user is authenticated.
  • Refresh or revoke user sessions.

These functions are accessible from your frontend application using the PassageUser class exported from @passageidentity/passage-elements/passage-user. With an instantiated PassageUser instance, you can create a reusable composable in any frontend framework to manage the current user context in your application.

Constructor

The PassageUser() constructor does not require any arguments. By default, the constructor will create the user class based on the Passage auth token stored in local storage (psg_auth_token), which is populated by the default success callback.

If you are setting the Passage auth token differently, you can pass the token in directly.

import { PassageUser } from '@passageidentity/passage-elements/passage-user';
 
// default constructor
const user = new PassageUser();
 
// optionally pass in auth token
const user = new PassageUser(authToken);

Auth guard

The authGuard() method is used to check if a user is authenticated and returns a boolean indicating if the user's token is valid. This method can be used as an authenticated route guard to check if a user's token is valid.

The AuthGuard() method can be used as a route guard in your single page application, but it should NOT be used make auth decisions on API routes.
When making requests to your API you must use one of the Passkey Complete backend SDKs to safely verify user authentication tokens.

An example of using the Auth Guard in a React application is shown below.

import { useState, useEffect } from 'react';
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
 
export function useAuthStatus() {
    const [result, setResult] = useState({
        isLoading: true,
        isAuthorized: false,
    });
 
    useEffect(() => {
        let cancelRequest = false;
        new PassageUser().authGuard().then((res) => {
            if (cancelRequest) {
                return;
            }
            if (res === false) {
                setResult({
                    isLoading: false,
                    isAuthorized: false,
                });
                return;
            }
            setResult({
                isLoading: false,
                isAuthorized: true,
            });
        });
        return () => {
            cancelRequest = true;
        };
    }, []);
    return result;
}

User Info

Call the userInfo method to retrieve the current user's information once they have authenticated.

Example

import { PassageUser } from '@passageidentity/passage-elements/passage-user';
 
// By default, the current user's authToken will be fetched from localStorage
// and will be used to fetch the current user's information via the
// userInfo() method:
 
import { PassageUser } from '@passageidentity/passage-elements/passage-user';
 
//uses current user
const user = new PassageUser();
 
const userInfo = await user.userInfo();

Example response

{
    "created_at": "2022-01-19T19:56:44.80799Z",
    "updated_at": "2022-01-21T19:32:16.848273Z",
    "active": true,
    "id": "<userID>",
    "email": "user@passage.id",
    "phone": "",
    "webauthn": false,
    "webauthn_devices": [],
    "last_login_at": "2022-01-21T19:32:16.841947Z",
    "login_count": 3
}

SignOut

Call the signOut method to delete the users auth token from local storage and revoke their refresh token. The promise will resolve with true if the signOut actions are successful.

Return Value

Boolean: the promise will resolve with true if the signOut actions are successful.

Example

import { PassageUser } from '@passageidentity/passage-elements/passage-user';
 
const user = new PassageUser();
 
const signedOut = await user.signOut();

GetAuthToken

Call the getAuthToken method to retrieve the auth token of the current user.

If the user has a valid refresh token and an invalid auth token it will silently attempt to refresh the auth token.

Return Value

String: the users authToken value.

If no valid auth token is found it will return an empty string.

Example

import { PassageUser } from '@passageidentity/passage-elements/passage-user';
 
const user = new PassageUser();
 
const userAuthToken = await user.getAuthToken();

Refresh

Call the refresh method to refresh the auth token of the current user. Refresh tokens must be enabled to use this method.

For most cases we recommend using the getAuthToken method which will silently run the refresh method if the user has an invalid auth token stored.

Return Value

String: the users authToken value.

If no valid auth token is found it will return an empty string.

Example

import { PassageUser } from '@passageidentity/passage-elements/passage-user';
 
const user = new PassageUser();
 
const userAuthToken = await user.refresh();