Skip to content

Local Authentication#304

Open
mattrubin wants to merge 25 commits intodevelopfrom
local-authentication
Open

Local Authentication#304
mattrubin wants to merge 25 commits intodevelopfrom
local-authentication

Conversation

@mattrubin
Copy link
Owner

@mattrubin mattrubin commented Mar 9, 2019
edited
Loading

Based off of #219, this PR adds a "screen lock" feature which hides the tokens by default when the app launches and whenever it resigns active. The app then prompts for Face ID, Touch ID, or passcode authentication when the app becomes active.

This PR is ready to be merged for beta testing, but there are several known places this feature can be improved before release:

  • A toggle to enable/disable this feature on the settings screen.
  • Improved UI and explanation on the lock screen.
  • Possibly, the use of a separate window for the lock screen, rather than a modal view controller.
  • Thorough testing on devices with and without various combinations of Face ID, Touch ID, or passcode.
  • Possibly, the use of security features of the Keychain API to make the stored tokens only accessible to the app after authentication has succeeded.
  • Improved UX design for the case where the user disables Face ID, Touch ID, or passcode while the app is running (or is not running but has screen lock enabled in its settings), leaving the app with no system-provided authentication mechanism.

beaucollins and others added 20 commits October 27, 2017 13:50
@beaucollins
Prototype of using privacy screen and LocalAuthentication
4eda5c7 
- Adds Component that:
  - Checks if device can use LocalAuthentication
  - Checks if a successful auth challenge has occurred

Given that LocalAuthentication is available on the device:

When the application becomes foreground after launching a privacy screen is presented. A successful
LocalAuthentication dismisses the privacy screen.

When the application enters the background state the privacy screen is presented. This prevents
tokens from being displayed during app switching.

None of the keychain items are using LocalAuthentication for encryption. This is purely UI related
so the security/encryption of the keychain items have not been changed by this feature.

Tokens are still readable/displayable by the app no matter what the state of the LocalAuthentication
challenge is.
@beaucollins
A less abrasive prototype UI
40ba192
@beaucollins
Merge remote-tracking branch 'origin/develop' into feature/local-auth
3970da4
@beaucollins
Conforms to changed protocol update(with: ActionType) method
5c9d8a9
@mattrubin
Merge develop into feature/local-auth
3cc736a
@mattrubin
Move the Auth component to a dedicated file
9e456c0
@mattrubin
Clean up several lint issues
c1b1f9b
@mattrubin
Nest the Auth view model type inside the component type
a6322d8
@mattrubin
Refactor checkForLocalAuth()
f1a056e
@mattrubin
Add an NSFaceIDUsageDescription
c04dd39
@mattrubin
Delegate LocalAuthentication challenge to the AppController
94015a8
@mattrubin
Re-route authentication events
eade8b7
@mattrubin
Delete unused Auth Effects
5331864
@mattrubin
Refactor Auth actions
e9a9ad7
@mattrubin
Lock the screen on Event.applicationDidEnterBackground
5f2235f
@mattrubin
Lock the screen earlier, in applicationWillResignActive
d4fee61
@mattrubin
Automatically prompt for authentication on applicationDidBecomeActive
f1b291b
@mattrubin
Add an internal State enum to Auth
1aff3cc
@mattrubin
Don't automatically re-attempt failed or cancelled authentication
ca5319b
@mattrubin
Add a localizedReason for the password entry screen
06def31 
Face ID uses the NSFaceIDUsageDescription from Info.plist, but if Face ID fails and falls back to manual password entry, this string is used.
@mattrubin mattrubin added this to the 2.2 milestone Mar 9, 2019
@mattrubin mattrubin mentioned this pull request Apr 18, 2019
Open
@savyyy001

This comment has been minimized.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Feature: LocalAuthentication

Projects

None yet

Milestone

2.2

Development

Successfully merging this pull request may close these issues.

3 participants

@mattrubin @savyyy001 @beaucollins