expo icon indicating copy to clipboard operation
expo copied to clipboard

[expo-secure-store] `requireAuthentication: true` does not work if there is only passcode is enabled

Open ngima opened this issue 1 year ago • 0 comments

Minimal reproducible example

What platform(s) does this occur on?

iOS

Where did you reproduce the issue?

in a development build

Summary

I was trying to protect data using Biometric auth using requireAuthentication: true. It works if user has enabled the touch/face id. But if only passcode is enabled then it's not working. When I look into the current implementation

SecureStoreModule.swift:107 seem like currently we're using .biometryCurrentSet , which

Constraint to access an item with Touch ID for currently enrolled fingers, or from Face ID with the currently enrolled user.

This is very bad UX if user want to only use passcode and data we want to persist securely does not persist although they have enrolled with passcode.

To provide more option/flexibility, we should use .userPresence

Constraint to access an item with either biometry or passcode.


Is there any other reason we're using .biometryCurrentSet? If there is not such reason then we should definitely need to change it to .userPresence.

Environment

-

Expo Doctor Diagnostics

-

ngima avatar Oct 18 '24 12:10 ngima