AuthGrace class
Smart biometric authentication with an automatic grace period.
AuthGrace wraps local_auth and adds a grace window — if the device was
unlocked recently the biometric prompt is skipped entirely, giving the same
frictionless experience as Google Pay.
Typical lifecycle
// 1. Create once (e.g. in a singleton or provider)
final auth = AuthGrace(
options: const AuthGraceOptions(gracePeriodSeconds: 30),
);
// 2. Initialise at app startup — generates the Keystore/Keychain key
await auth.init();
// 3. Authenticate whenever the app moves to the foreground
final result = await auth.authenticate();
if (result.isSuccess) {
// allow access
}
// 4. Reset on logout or account switch
await auth.reset();
Platform notes
- Android — grace period is enforced by the Android Keystore at the hardware (TEE) level using a time-bound AES key. The key validity window is set via AuthGraceOptions.gracePeriodSeconds.
- iOS — grace period is approximated by recording a Keychain timestamp
after every successful
local_authprompt and comparing it on the next call. This is not hardware-enforced like the Android implementation.
Constructors
- AuthGrace({AuthGraceOptions? options})
- Creates an AuthGrace instance.
Properties
- hashCode → int
-
The hash code for this object.
no setterinherited
- options → AuthGraceOptions
-
The options controlling grace period behaviour.
final
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
authenticate(
) → Future< AuthResult> - Authenticates the user, honouring the configured grace period.
-
init(
) → Future< void> - Initialises the plugin.
-
isAvailable(
) → Future< bool> -
Returns
trueif the device supports biometric or device-credential authentication. -
isHardwareBacked(
) → Future< bool> -
Returns
trueif the device has a hardware-backed secure element (TEE on Android, Secure Enclave on iOS). -
isWithinGracePeriod(
) → Future< bool> -
Returns
trueif the device was unlocked within the grace window, without showing any authentication prompt. -
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
reset(
) → Future< void> - Deletes the Keystore key (Android) and Keychain timestamp (iOS), ending the current grace window immediately.
-
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited