Current User and Session

After the user has logged in with Passage, you can perform some basic actions on that user from your frontend application. The current functionality available is:

  • Retrieve and edit basic user information.
  • Check if a user is authenticated.
  • Refresh or revoke user sessions.

This functionality is available using the PassageCurrentUser and PassageSession classes in Passage-JS.

Accessing Passage-JS

Passage-Elements is built on top of Passage-JS and can be used in conjunction with it. If you are using Passage-Elements you already have Passage-JS installed.

Using NPM

If you are using the Passage Elements package you already have Passage-JS installed and can access the package directly.

import { Passage } from '@passageidentity/passage-js';
const passage = new Passage('APP_ID');

Using CDN

If you are using the Passage Elements CDN, the main Passage class from Passage-JS is available on the window.Passage object.

<script src="https://cdn.passage.id/passage-elements/v2.x/passage-elements.js"></script>
<script>
    const passage = new Passage.Api('APP_ID');
</script>

PassageCurrentUser class

The PassageCurrentUser class is used to get information about the currently authenticated user. You can use this class to get the user's public information, update their profile, and check if they are authenticated.

import { Passage, PassageError, PassageErrorCode } from '@passageidentity/passage-js';
const passage = new Passage('APP_ID');
try {
    const currentUserInfo = await passage.currentUser.info();
} catch (error) {
    const statusCode = (error as PassageError).statusCode;
    if(statusCode === PassageErrorCode.PSGLoginRequired || statusCode === PassageErrorCode.Unauthorized){
        // User is not authenticated
    } else {
        // handle other errors
    }
}

PassageSession class

The PassageSession class is used to manage the current user's session. Use this class to get the authentication token for the current session and handle refresh tokens if they are being used. When passing the authentication token to your backend, you should use the PassageSession class to get the token which will automatically handle refreshing the token if it is expired and refresh tokens are being used.

Learn more about session management and refresh tokens.

import { Passage, PassageError, PassageErrorCode } from '@passageidentity/passage-js';
const passage = new Passage('APP_ID');
try {
    const authToken = await passage.session.getAuthToken();
} catch (error) {
    if((error as PassageError)statusCode === PassageErrorCode.PSGLoginRequired){
        // the authToken or refreshToken is expired
        // make the user login again
    } else {
        // handle other errors
    }
}

API Reference

The full reference for the PassageCurrentUser and PassageSession classes can be found in the README of the NPM package @passageidentity/passage-js (opens in a new tab).