Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

improve security and authentication requirements #1417

Closed
true-jared opened this issue May 1, 2024 · 0 comments · Fixed by #1447
Closed

improve security and authentication requirements #1417

true-jared opened this issue May 1, 2024 · 0 comments · Fixed by #1447
Assignees
@HonzaR
Labels
enhancement New feature or request P-high High priority
Milestone
Android Zashi 1.1

Comments

@true-jared
Copy link

true-jared commented May 1, 2024
edited

  • use system authentication (Face ID, Touch ID) or a password) when accessing the Delete Wallet screen
  • use system authentication (Face ID, Touch ID) or a password) when accessing the Export private data screen
  • use system authentication once the user taps on the button Send on the confirmation screen
  • use system authentication once the user wants to access the Seed screen
@true-jared true-jared added enhancement New feature or request P-high High priority labels May 1, 2024
@true-jared true-jared added this to the Android Zashi 1.1 milestone May 1, 2024
@true-jared true-jared added the S-in-progress Status: Work is currently in progress on this item. label May 9, 2024
HonzaR added a commit that referenced this issue May 20, 2024
@HonzaR
[#1417] Add authentication
d57e5ce 
- Closes #1417
- Closes #326
- Partially addresses [Electric-Coin-Company/zashi#7] too
- Creates reusable AuthenticationVM component with all necessary logic that reports authentication status to its callers
- Addresses authentication requirements for the Send funds, Delete wallet, Export private data, and Recovery phrase. The App access authentication use case is prepared and can be turned on anytime.
- The new logic also counts with possible future user customization via the app UI of the default on/off states for all implemented authentication use cases
- Send.Confirmation logic simplification
- This also adds the welcome screen (splash) animation to all the app entry points (the app recreation caused by system included)
HonzaR added a commit that referenced this issue May 20, 2024
@HonzaR
[#1417] Add authentication
2995618 
- Closes #1417
- Closes #326
- Partially addresses [Electric-Coin-Company/zashi#7] too
- Creates reusable AuthenticationVM component with all necessary logic that reports authentication status to its callers
- Addresses authentication requirements for the Send funds, Delete wallet, Export private data, and Recovery phrase. The App access authentication use case is prepared and can be turned on anytime.
- The new logic also counts with possible future user customization via the app UI of the default on/off states for all implemented authentication use cases
- Send.Confirmation logic simplification
- This also adds the welcome screen (splash) animation to all the app entry points (the app recreation caused by system included)
HonzaR added a commit that referenced this issue May 20, 2024
@HonzaR
[#1417] Add authentication
383d655 
- Closes #1417
- Closes #326
- Partially addresses [Electric-Coin-Company/zashi#7] too
- Creates reusable AuthenticationVM component with all necessary logic that reports authentication status to its callers
- Addresses authentication requirements for the Send funds, Delete wallet, Export private data, and Recovery phrase. The App access authentication use case is prepared and can be turned on anytime.
- The new logic also counts with possible future user customization via the app UI of the default on/off states for all implemented authentication use cases
- Send.Confirmation logic simplification
- This also adds the welcome screen (splash) animation to all the app entry points (the app recreation caused by system included)
HonzaR added a commit that referenced this issue May 21, 2024
@HonzaR
[#1417] Add authentication
d827115 
- Closes #1417
- Closes #326
- Partially addresses [Electric-Coin-Company/zashi#7] too
- Creates reusable AuthenticationVM component with all necessary logic that reports authentication status to its callers
- Addresses authentication requirements for the Send funds, Delete wallet, Export private data, and Recovery phrase. The App access authentication use case is prepared and can be turned on anytime.
- The new logic also counts with possible future user customization via the app UI of the default on/off states for all implemented authentication use cases
- Send.Confirmation logic simplification
- This also adds the welcome screen (splash) animation to all the app entry points (the app recreation caused by system included)
@HonzaR HonzaR mentioned this issue May 21, 2024
Merged
13 tasks
@true-jared true-jared added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. and removed S-in-progress Status: Work is currently in progress on this item. labels May 22, 2024
HonzaR added a commit that referenced this issue May 22, 2024
@HonzaR
[#1417] Add in-app authentication
00db536 
* [#1417] Add authentication

- Closes #1417
- Closes #326
- Partially addresses [Electric-Coin-Company/zashi#7] too
- Creates reusable AuthenticationVM component with all necessary logic that reports authentication status to its callers
- Addresses authentication requirements for the Send funds, Delete wallet, Export private data, and Recovery phrase. The App access authentication use case is prepared and can be turned on anytime.
- The new logic also counts with possible future user customization via the app UI of the default on/off states for all implemented authentication use cases
- Send.Confirmation logic simplification
- This also adds the welcome screen (splash) animation to all the app entry points (the app recreation caused by system included)

* Allow unauthenticated access

- In case no authentication method is available on the device

* Build supported authenticators for the device

- Based on the device Android SDK version

* Disable broken screenshot testing

- This is a temporary change until #1448 is addressed

* Changelog update

* Add temporary placeholder screenshot test

To suppress no test error
@HonzaR HonzaR removed the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label May 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@HonzaR HonzaR

Labels
enhancement New feature or request P-high High priority
Projects
None yet
Milestone
Android Zashi 1.1
Development

Successfully merging a pull request may close this issue.

[#1417] Add in-app authentication Electric-Coin-Company/zashi-android
2 participants
@HonzaR @true-jared