Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/passageidentity/passage-flex-rust
Passkey Flex for Rust - Add passkey authentication to your own Rust authentication flows with Passage by 1Password
https://github.com/passageidentity/passage-flex-rust
1password authentication biometrics passage passage-sdk passkey-flex passkeys passwordless rust webauthn
Last synced: 3 months ago
JSON representation
Passkey Flex for Rust - Add passkey authentication to your own Rust authentication flows with Passage by 1Password
- Host: GitHub
- URL: https://github.com/passageidentity/passage-flex-rust
- Owner: passageidentity
- License: mit
- Created: 2024-08-16T17:43:28.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-11-19T18:29:26.000Z (3 months ago)
- Last Synced: 2024-11-19T19:45:22.484Z (3 months ago)
- Topics: 1password, authentication, biometrics, passage, passage-sdk, passkey-flex, passkeys, passwordless, rust, webauthn
- Language: Rust
- Homepage: http://docs.passage.id/flex
- Size: 69.3 KB
- Stars: 3
- Watchers: 5
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
 [](#) 
## About
[Passage by 1Password](https://1password.com/product/passage) unlocks the passwordless future with a simpler, more secure passkey authentication experience. Passage handles the complexities of the [WebAuthn API](https://blog.1password.com/what-is-webauthn/), and allows you to implement passkeys with ease.
Use [Passkey Flex](https://docs.passage.id/flex) to add passkeys to an existing authentication experience.
Use [Passkey Complete](https://docs.passage.id/complete) as a standalone passwordless auth solution.
Use [Passkey Ready](https://docs.passage.id/passkey-ready) to determine if your users are ready for passkeys.
### In passage-flex-rust
Use passage-flex-rust to implement Passkey Flex into your Rust backend to authenticate requests and manage users.
| Product | Compatible |
| ---------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------- |
|  Passkey **Flex** | ✅ |
|  Passkey **Complete** | ✖️ For Passkey Complete, check out the [Passkey Complete APIs](https://docs.passage.id/complete/backend-sdks) |
|  Passkey **Ready** | ✖️ For Passkey Ready, check out [Authentikit](https://www.npmjs.com/package/@passageidentity/authentikit) |
## Getting Started
### Check Prerequisites
You'll need a free Passage account and a Passkey Flex app set up in Passage Console to get started.
Learn more about Passage Console →
### Install
```shell
cargo add passage_flex
```
### Import
```rust
use passage_flex::PassageFlex;
```
### Initialize
```rust
let passage_flex = PassageFlex::new(
std::env::var("YOUR_PASSAGE_APP_ID").unwrap(),
std::env::var("YOUR_PASSAGE_API_KEY").unwrap(),
);
```
### Go Passwordless
Find more details about Passkey Flex on our [Passkey Flex Documentation](https://docs.passage.id/flex) and [Docs.rs](https://docs.rs/passage_flex/latest/passage_flex/) pages.
## API Reference
### Retrieve App Info
To retrieve information about the app, use the `get_app` method.
```rust
use passage_flex::PassageFlex;
let passage_flex = PassageFlex::new(
std::env::var("PASSAGE_APP_ID").unwrap(),
std::env::var("PASSAGE_API_KEY").unwrap(),
);
let app_info = passage_flex.get_app().await.unwrap();
println!("{}", app_info.auth_origin);
```
### Create a Registration Transaction
To create a transaction to start a user passkey registration, use the `create_register_transaction` method.
```rust
use passage_flex::PassageFlex;
let passage_flex = PassageFlex::new(
std::env::var("PASSAGE_APP_ID").unwrap(),
std::env::var("PASSAGE_API_KEY").unwrap(),
);
let external_id = "a unique immutable string that represents your user".to_string();
let passkey_display_name =
"the label for the user's passkey that they will see when logging in".to_string();
let transaction = passage_flex
.create_register_transaction(external_id, passkey_display_name)
.await
.unwrap();
```
### Create an Authentication Transaction
To create a transaction to start a user passkey authentication, use the `create_authenticate_transaction` method.
```rust
use passage_flex::PassageFlex;
let passage_flex = PassageFlex::new(
std::env::var("PASSAGE_APP_ID").unwrap(),
std::env::var("PASSAGE_API_KEY").unwrap(),
);
let external_id = "a unique immutable string that represents your user".to_string();
let transaction = passage_flex
.create_authenticate_transaction(external_id)
.await
.unwrap();
```
## Verify a Nonce
To verify a nonce that you received from the end of of passkey registration or authentication ceremony, use the `verify_nonce` method.
```rust
use passage_flex::PassageFlex;
let passage_flex = PassageFlex::new(
std::env::var("PASSAGE_APP_ID").unwrap(),
std::env::var("PASSAGE_API_KEY").unwrap(),
);
let nonce =
"a unique single-use value received from the client after a passkey ceremony".to_string();
match passage_flex.verify_nonce(nonce).await {
Ok(external_id) => {
// use external_id to do things like generate and send your own auth token
}
Err(err) => {
// nonce was invalid or unable to be verified
}
}
```
## Retrieve User Info
To retrieve information about a user by their external ID -- which is the unique, immutable ID you supply to associate the Passage user with your user -- use the `get_user` method.
```rust
use passage_flex::PassageFlex;
let passage_flex = PassageFlex::new(
std::env::var("PASSAGE_APP_ID").unwrap(),
std::env::var("PASSAGE_API_KEY").unwrap(),
);
// this is the same value used when creating a transaction
let external_id = your_user.id;
// get user info
let user_info = passage_flex.get_user(external_id).await.unwrap();
println!("{:?}", user_info.webauthn_devices);
```
## Retrieve a user's passkey devices
To retrieve information about a user's passkey devices, use the `get_devices` method.
```rust
use passage_flex::PassageFlex;
let passage_flex = PassageFlex::new(
std::env::var("PASSAGE_APP_ID").unwrap(),
std::env::var("PASSAGE_API_KEY").unwrap(),
);
// this is the same value used when creating a transaction
let external_id = your_user.id;
// get devices
let passkey_devices = passage_flex.get_devices(external_id).await.unwrap();
for device in passkey_devices {
println!("{}", device.usage_count);
}
```
## Revoke a User's Passkey Device
To revoke a user's passkey device, use the `revoke_device` method.
```rust
use passage_flex::PassageFlex;
use chrono::{Duration, NaiveDate, Utc};
let passage_flex = PassageFlex::new(
std::env::var("PASSAGE_APP_ID").unwrap(),
std::env::var("PASSAGE_API_KEY").unwrap(),
);
// this is the same value used when creating a transaction
let external_id = your_user.id;
let last_year = Utc::now().naive_utc().date() - Duration::days(365);
// get devices
let passkey_devices = passage_flex.get_devices(external_id.clone()).await.unwrap();
for device in passkey_devices {
// revoke old devices that haven't been used in the last year
let last_login_at_parsed =
NaiveDate::parse_from_str(&device.last_login_at, "%Y-%m-%dT%H:%M:%S%z").unwrap();
if last_login_at_parsed < last_year {
if let Err(err) = passage_flex
.revoke_device(external_id.clone(), device.id)
.await
{
// device couldn't be revoked
}
}
}
```
## Support & Feedback
We are here to help! Find additional docs, the best ways to get in touch with our team, and more within our [support resources](https://github.com/passageidentity/.github/blob/main/SUPPORT.md).
---
Passage is a product by 1Password, the global leader in access management solutions with nearly 150k business customers.
This project is licensed under the MIT license. See the LICENSE file for more info.