Passage provides developers with a frictionless way to add device-native biometric authentication to a web app. When device-native authentication isn’t possible, Passage will automatically fall back to a text or email link. In this guide we’ll walk through implementing Passage in a Go web application using the gin framework.
The full source code can be found on GitHub here. Let’s get started.
We’ll begin by setting up a new directory called example-go. In our new directory, create the following files:
Now, run the following command from the example-go directory:
Before we start writing code, let’s briefly cover what each file is for:
In our main.go file, we will begin adding some server code:
This code uses the gin framework to route the “/” and “/dashboard” routes to the html/index.html and html/dashboard.html files respectively. As you can see, there isn’t much code here. We’ll be adding a bit more code to handle authentication for us, but first let’s set up our HTML files.
We’re going to keep things simple here, so there won’t be much in the way of styling, but go ahead and add the following HTML:
html/index.html
html/dashboard.html
html/unauthorized.html
Easy, right? Now that the boilerplate code is out of the way we’ll add authentication using Passage.
First, you’ll need to create an app in the Passage Console with the settings below. It’s entirely free and takes about 60 seconds.
App Settings:
After creating your app, you’ll be given an App ID. Keep it handy because we’ll be using it below.
Now that we have an App ID, we can quickly add authentication to our app. We’ll accomplish that in two steps:
First, we’ll add an element to our home page. We can add a complete sign up and sign in experience to our html/index.html page with the two lines of code below:
Second, we’ll use the Passage SDK to add authentication to our server. Let’s begin by importing the github.com/passageidentity/passage-go package, then updating the main() function of main.go to apply an authRequired() middleware to the “/dashboard” route:
Finally, we can implement this authRequired() function above or below our main() function:
Now, our server will use the Passage SDK in the authRequired() function to validate that all requests are properly authenticated. If a request is not authenticated, the server will render html/unauthorized.html instead.
We now have device-native authentication all set up. It’s common to use the Passage SDK to manage users, so here we will show a simple example retrieving a user’s email address from Passage. To do so, we’ll complete the following steps:
Before we continue, we’ll need to create an API Key for our app in the Passage Console. Once we have an API Key, we can update our authRequired() function to lookup an authenticated user’s email address:
Now, we will have access to the userEmail variable in every request. We can update our main function to pass the userEmail variable to the html/dashboard.tmpl file (previously known as html/dashboard.html). Our new main() function will look like this:
Finally, we will make sure to rename html/dashboard.html to html/dashboard.tmpl and update the HTML code to include the email variable, as follows:
To start your server, run the following commands:
Now, open the app in a browser on localhost:8080. Sign up to see device-native biometric authentication in action!
To learn more about Passage and modern authentication for web applications, you can:
Passage is in beta and actively seeking feedback on the product. If you have feedback, bug reports, or feature requests, we would love to hear from you. You can email me at cole@passage.id or fill out this form.