Build a Go App with Biometric Authentication

Cole Hecht
May 25, 2022

Passage provides developers with a frictionless way to add device-native biometric authentication to a web app. When device-native authentication isn’t possible, Passage will automatically fall back to a text or email link. In this guide we’ll walk through implementing Passage in a Go web application using the gin framework.

The full source code can be found on GitHub here. Let’s get started.

Getting Started

We’ll begin by setting up a new directory called example-go. In our new directory, create the following files:

Now, run the following command from the example-go directory:

Before we start writing code, let’s briefly cover what each file is for:

  • main.go will contain all of our server code (there’s not much!)
  • html/index.html will be our home page and will include the sign up and sign in forms
  • html/dashboard.html will be an example authenticated page for after sign in
  • html/unauthorized.html will be an error page informing users that they’re not signed in

Building the Server

In our main.go file, we will begin adding some server code:

This code uses the gin framework to route the “/” and “/dashboard” routes to the html/index.html and html/dashboard.html files respectively. As you can see, there isn’t much code here. We’ll be adding a bit more code to handle authentication for us, but first let’s set up our HTML files.

Building our HTML Files

We’re going to keep things simple here, so there won’t be much in the way of styling, but go ahead and add the following HTML:

html/index.html

html/dashboard.html

html/unauthorized.html

Easy, right? Now that the boilerplate code is out of the way we’ll add authentication using Passage.

Create an App in Passage

First, you’ll need to create an app in the Passage Console with the settings below. It’s entirely free and takes about 60 seconds.

App Settings:

  • Name - My First Passage App
  • Domain - localhost:8080
  • Redirect URL - /dashboard

After creating your app, you’ll be given an App ID. Keep it handy because we’ll be using it below.

Add Authentication with Passage

Now that we have an App ID, we can quickly add authentication to our app. We’ll accomplish that in two steps:

  1. Add a Passage Element to our home page
  2. Use the Passage SDK to authenticate requests on our server

First, we’ll add an element to our home page. We can add a complete sign up and sign in experience to our html/index.html page with the two lines of code below:

Second, we’ll use the Passage SDK to add authentication to our server. Let’s begin by importing the github.com/passageidentity/passage-go package, then updating the main() function of main.go to apply an authRequired() middleware to the “/dashboard” route:

Finally, we can implement this authRequired() function above or below our main() function:

Now, our server will use the Passage SDK in the authRequired() function to validate that all requests are properly authenticated. If a request is not authenticated, the server will render html/unauthorized.html instead.

Interacting with the Passage SDK (optional)

We now have device-native authentication all set up. It’s common to use the Passage SDK to manage users, so here we will show a simple example retrieving a user’s email address from Passage. To do so, we’ll complete the following steps:

  1. Use the Passage SDK to lookup an authenticated user’s email address
  2. Pass the email address to the dashboard as a template variable
  3. Render the template variable to show the user their email address

Before we continue, we’ll need to create an API Key for our app in the Passage Console. Once we have an API Key, we can update our authRequired() function to lookup an authenticated user’s email address:

Now, we will have access to the userEmail variable in every request. We can update our main function to pass the userEmail variable to the html/dashboard.tmpl file (previously known as html/dashboard.html). Our new main() function will look like this:

Finally, we will make sure to rename html/dashboard.html to html/dashboard.tmpl and update the HTML code to include the email variable, as follows:

Try It Out!

To start your server, run the following commands:

Now, open the app in a browser on localhost:8080. Sign up to see device-native biometric authentication in action!

Learn More About Passage

To learn more about Passage and modern authentication for web applications, you can:

‍Passage is in beta and actively seeking feedback on the product. If you have feedback, bug reports, or feature requests, we would love to hear from you. You can email me at cole@passage.id or fill out this form.