Authenticator
Authenticator copied to clipboard
mattrubin
Prototype of using privacy screen and LocalAuthentication
Adds Component that:
- Checks if device can use LocalAuthentication
- Checks if a successful auth challenge has occurred
Given that LocalAuthentication is available on the device:
When the application becomes foreground after launching a privacy screen is presented. A successful LocalAuthentication dismisses the privacy screen.
When the application enters the background state the privacy screen is presented. This prevents tokens from being displayed during app switching.
None of the keychain items are using LocalAuthentication for encryption. This is purely UI related so the security/encryption of the keychain items have not been changed by this feature.
Tokens are still readable/displayable by the app no matter what the state of the LocalAuthentication challenge is.
Codecov Report
Merging #219 into develop will increase coverage by
1.98%. The diff coverage is60.6%.
@@ Coverage Diff @@
## develop #219 +/- ##
===========================================
+ Coverage 38.48% 40.47% +1.98%
===========================================
Files 40 40
Lines 1863 1895 +32
===========================================
+ Hits 717 767 +50
+ Misses 1146 1128 -18
| Impacted Files | Coverage Δ | |
|---|---|---|
| Authenticator/Source/RootViewController.swift | 35.53% <28.57%> (+14.48%) |
:arrow_up: |
| Authenticator/Source/AppController.swift | 35.71% <50%> (+9.04%) |
:arrow_up: |
| Authenticator/Source/OTPAppDelegate.swift | 50% <50%> (ø) |
:arrow_up: |
| Authenticator/Source/Root.swift | 72.94% <77.77%> (+0.88%) |
:arrow_up: |
| Authenticator/Source/UITableView+Updates.swift | 100% <0%> (+4%) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 9ed3357...5c9d8a9. Read the comment docs.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
@mattrubin not sure if you'll be referencing this PR at all for the local auth feature but I merged it with develop so it's in a buildable state again.
Thanks for the offer, @BrunoMiguens!
I've built out this feature more on top of Beau's work - you can see the latest at https://github.com/mattrubin/Authenticator/pull/304. The description on that PR contains a list of improvements that need to be made before the feature is ready for release. The two that are most important - and are perhaps the best place for someone to lend a hand - are:
- switch to using a separate UIWindow for the lock screen, rather than a modal view controller. I haven't found a good way to reliably present the modal lock screen on launch, so launching to the lock screen as a the key window is likely more reliable and secure. There's a
FIXMEcomment to that effect in PR #304. - adding a toggle to the settings screen to enable/disable screen lock. This should only be available to the user if a device password is set, as checked by LocalAuthentication's
canEvaluatePolicy. (checking out the previous user setting added in https://github.com/mattrubin/Authenticator/pull/290 might help provide a template for how to add and store a preference toggle.)
If either of those seems like something you'd like to work on, PRs are always welcome! I am away from my computer for the next week, but have set aside some time to work on Authenticator when I return, so while I can't review any code immediately, I will have time to look at it next week.
Any idea on the time issue when submitting code?
“That is not the right code, please make Sure your systems time is correct”
