Passage provides an SDK to easily authenticate HTTP requests. Example source code can be found on GitHub, here.
For this example app, we'll need to provide our application with a Passage App ID and API Key. Your App ID and API Key can be found in the Passage Console in your App Settings. You'll need to set the following environment variables with your respective credentials:
PASSAGE_APP_ID=
PASSAGE_API_KEY=
PORT=5000To run this example app, make sure you have Go installed on your computer.
Run the following command:
go run main.goCreate your docker image with the following command:
$ docker build -t example-go-2 .Run your docker container using the example-go-2 image:
$ docker run -p 5000:5000 example-go-2A Go server can easily authenticate an HTTP request using the Passage SDK, as shown below.
import (
"net/http"
"github.com/passageidentity/passage-go"
)
func exampleHandler(w http.ResponseWriter, r *http.Request) {
// Authenticate this request using the Passage SDK.
psg := passage.New("<Passage App ID>")
_, err := psg.AuthenticateRequest(r)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
// Successful authentication. Proceed...
}It is important to remember that the psg.AuthenticateRequest() function validates that a request is properly authenticated, but makes no assertions about who it is authorized for. To perform an authorization check, the Passage User Handle can be referenced.
func exampleHandler(w http.ResponseWriter, r *http.Request) {
// Authenticate this request using the Passage SDK.
psg := passage.New("<Passage App ID>")
passageUserID, err := psg.AuthenticateRequest(r)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
// Check that the user with `passageHandle` is allowed to perform
// a certain action on a certain resource.
err = authorizationCheck(passageUserID)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
// Successful authentication AND authorization. Proceed...
}To get user information, you can use the Passage SDK with an API key. This will authenticate your web server to Passage and grant you management access to user information. API keys should never be hard-coded in source code, but stored in environment variables or a secrets storage mechanism.
psg := passage.New("<Passage App ID>", "<API_KEY>")
passageUserID, err := psg.AuthenticateRequest(r)
if err != nil {
w.WriteHeader(http.StatusUnauthorized)
return
}
//information regarding the user will exist in the user variable
user, err := psg.GetUser(passageUserID)
if err != nil {
fmt.Println("Could not get user: ", err)
return
}The easiest way to add authentication to a web frontend is with a Passage Element. The HTML below will automatically embed a complete UI/UX for user sign-in and sign-up.
<!-- Passage will populate this custom element with a complete authentication UI/UX. -->
<passage-auth app-id="<Passage App ID>"></passage-auth>
<!-- Include the passage-web JavaScript from the Passage CDN. -->
<script src="https://cdn.passage.id/passage-web.js"></script>The profile page is created using the Passage Profile Element that can be imported from the the @passageidentity/passage-elements pacakge. In this example application, we automatically use the PASSAGE_APP_ID environment variable in the app-id attribute.
<!-- Passage will populate this div with a complete authentication UI/UX. -->
<passage-profile app-id="<Passage App ID>"></passage-profile>
<!-- Include the passage-web JavaScript from the Passage CDN. -->
<script src="https://cdn.passage.id/passage-web.js"></script>