Rocket.Chat.Electron icon indicating copy to clipboard operation
Rocket.Chat.Electron copied to clipboard
verified publisher icon RocketChat

feat(lock): implement application lock functionality with IPC integration

Open CorneiZeR opened this issue 3 months ago • 2 comments

Summary by CodeRabbit

  • New Features

    • Password-protected full-screen lock overlay with Enter-to-unlock, keyboard support, and per-sender throttling/lockout.
    • Automatic auto-lock on inactivity with configurable timeout (0 = disabled) and resume on user activity; menu/context "Lock Screen" action (Cmd/Ctrl+L).
    • Settings UI to configure timeout and set password; persisted hashed passwords with migration of legacy formats.

  • Chores

    • Bundled lock-screen renderer, preload and HTML shell; secure renderer API for verify/unlock/set password.
    • Store, actions, reducers, migrations, extensive i18n translations, and EditorConfig tweak.

CorneiZeR avatar Oct 06 '25 19:10 CorneiZeR

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Oct 06 '25 19:10 CLAassistant

Walkthrough

Adds an application-level screen-lock feature: build entries and HTML shell, renderer and preload scripts, main-process lock orchestration and IPC handlers, store slices and migrations for password/timeout, settings UI and menu triggers, type augmentations, and translations across many locales.

Changes

Cohort / File(s) Summary of changes
Build config & public asset
rollup.config.mjs, src/public/lockScreen.html		 Adds Rollup bundles for lock-screen renderer and preload; adds static lockScreen HTML shell.
Main startup & wiring
src/main.ts		 Imports lock APIs, calls setupScreenLock() at startup, and shows lock window if persisted locked.
App orchestration & IPC
src/app/main/app.ts, src/app/main/screenLock.ts		 Implements BrowserView-based lock overlay and lifecycle, IPC handlers (lock:verify, lock:unlock, lock:set), password hashing/migration, throttling/backoff, registerLockIpcHandlers() and showLockWindow(), and auto-lock orchestration.
Persisted models & migrations
src/app/PersistableValues.ts		 Adds ScreenLockPasswordStored, extends persistable values (screenLockTimeoutSeconds, screenLockPasswordHash, isScreenLocked) and migrations to initialize and migrate legacy password formats.
Selectors, store & root reducer
src/app/selectors.ts, src/store/rootReducer.ts		 Exposes screenLockTimeoutSeconds, screenLockPasswordHash, isScreenLocked selectors; integrates new reducers into rootReducer (RootState updated).
Redux actions & reducers
src/ui/actions.ts, src/app/actions.ts, src/ui/reducers/screenLockTimeoutSeconds.ts, src/ui/reducers/screenLockPasswordHash.ts, src/app/reducers/isScreenLocked.ts		 Adds action constants and payload mappings; reducers for timeout, password-hash, and isScreenLocked with APP_SETTINGS_LOADED handling.
Settings UI
src/ui/components/SettingsView/GeneralTab.tsx, src/ui/components/SettingsView/features/ScreenLock.tsx		 Adds ScreenLock settings component with timeout numeric input and password input wired to Redux and to preload/IPC for persisting passwords.
Menus & context menus
src/ui/main/menuBar.ts, src/ui/main/serverView/popupMenu.ts		 Adds “Lock Screen” menu/context items (Cmd/Ctrl+L) that focus root window and dispatch MENU_BAR_LOCK_SCREEN_CLICKED.
Lock-screen renderer & preload
src/lockScreen/LockScreen.tsx, src/lockScreen/lock-screen.tsx, src/lockScreen/preload.ts, src/types/electron-api.d.ts, src/preload.ts		 Adds React LockScreen component and renderer bootstrap with i18n; preload exposes electronAPI (verifyPassword, unlockApp) and main preload exposes setLockPassword; adds Window type augmentations.
IPC channels typing
src/ipc/channels.ts		 Adds lock:verify, lock:unlock, and lock:set channel signatures to ChannelToArgsMap.
i18n
src/i18n/*.i18n.json (many locales)		 Adds lockScreen translation keys and settings.options.screenLock / related paths (timeout/password) across many locale files.
Editor config
.editorconfig		 Adds per-file EditorConfig overrides for JSON and Markdown newline/trailing-whitespace handling.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User
  participant Menu as Menu/Context
  participant Timer as Inactivity Timer
  participant Main as Main Process
  participant Root as Root Window
  participant LockView as Lock BrowserView (Renderer)

  Note over Main: registerLockIpcHandlers() on app ready

  User->>Menu: select "Lock Screen"
  Menu->>Main: dispatch MENU_BAR_LOCK_SCREEN_CLICKED
  Timer-->>Main: auto-lock trigger (elapsed)

  Main->>Root: attach BrowserView overlay (load lockScreen.html)
  Root->>LockView: renderer boot (+ i18n)
  User->>LockView: submit password
  LockView->>Main: ipc invoke 'lock:verify'
  Main->>Main: verify (hash/migrate, throttle/backoff)
  alt verified
    Main-->>LockView: true
    LockView->>Main: ipc 'lock:unlock'
    Main->>Root: remove overlay, restore state
  else failed
    Main-->>LockView: false
    LockView->>User: show incorrect/unlockFailed
  end

sequenceDiagram
  autonumber
  participant Settings as Settings store
  participant Orch as setupScreenLock
  participant Timer as Inactivity Timer
  participant Window as Root Window events

  Settings->>Orch: screenLockTimeoutSeconds updated
  alt timeout > 0
    Orch->>Timer: start/reset timer
  else timeout == 0
    Orch->>Timer: clear timer (disabled)
  end

  Window->>Orch: focus/blur/activity events
  Orch->>Timer: clear/reset with blur grace handling
  Timer-->>Orch: elapsed -> dispatch MENU_BAR_LOCK_SCREEN_CLICKED

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Potential review focal points:

  • Password hashing/migration logic and test coverage in src/app/main/app.ts and PersistableValues.ts.
  • IPC authorization and throttling/backoff correctness.
  • Lifecycle and BrowserView attach/detach edge cases in showLockWindow.
  • UI wiring between preload/contextBridge and renderer components.

Suggested labels

build-artifacts

Poem

I'm a rabbit watching keys and locks,
I count small hops in ticking clocks.
A hashed carrot kept safe in store,
I guard the burrow, watch the door.
Tap Cmd+L — hop, unlock, then snore. 🥕🔐

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main feature being implemented: application lock functionality with IPC integration. It is concise, specific, and directly reflects the primary changes throughout the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
  • [ ] 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • [ ] Create PR with unit tests
  • [ ] Post copyable unit tests in a comment

[!TIP]

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

  • Provide your own instructions using the high_level_summary_instructions setting.
  • Format the summary however you like (bullet lists, tables, contributor stats, etc.).
  • Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example:

"Create a concise high-level summary as a bullet-point list. Then include a Markdown table showing lines added and removed by each contributing author."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot] avatar Oct 06 '25 19:10 coderabbitai[bot]