BiometricConfig class

Configuration object for the BiometricShield SDK.

Pure Dart configuration without Flutter or UI dependencies. Pass this to BiometricShield() constructor. Every field is optional — the SDK works with zero configuration using sensible defaults.

Integration points:

  • tokenLifecycle — Backend-agnostic token refresh (Firebase, REST, Supabase, etc.)
  • policyProvider — Server-driven policy enforcement (admin overrides, compliance)
  • fallbackHandler — Custom fallback UI (PIN, password, custom flows)
  • tokenStore — Custom secure storage backend
  • onEvent — Analytics/audit event stream

Constructors

BiometricConfig({Duration sessionDuration = const Duration(minutes: 15), bool sessionResetsOnActivity = true, int maxAttempts = 3, Duration lockoutDuration = const Duration(minutes: 5), bool persistLockout = true, List<BiometricFallback> fallbackChain = const [BiometricFallback.deviceCredential], FallbackHandler? fallbackHandler, TokenStoreInterface? tokenStore, TokenLifecycle? tokenLifecycle, PolicyProvider? policyProvider, void onEvent(BiometricEvent event)?, String? defaultUserId, Duration authenticationTimeout = const Duration(seconds: 60), bool verbose = false})
const

Properties

authenticationTimeout Duration
Maximum time to wait for the entire authentication flow to complete. Includes platform prompt, fallback chain, and token lifecycle. Default: 60 seconds. If exceeded, returns BiometricResult.error.
final
defaultUserId String?
Default userId for storage namespacing. Can be overridden per-call on BiometricShield.authenticate. If null, uses a device-scoped default (single user scenario).
final
fallbackChain List<BiometricFallback>
Ordered list of fallbacks to attempt if biometric fails or is unavailable. Evaluated in order. Default: BiometricFallback.deviceCredential
final
fallbackHandler FallbackHandler?
Handler for custom fallback UI (PIN/password). If fallbackChain includes BiometricFallback.customPin or BiometricFallback.customPassword, this handler must be provided. Typically implemented by the UI layer (e.g., MaterialFallbackHandler).
final
hashCode int
The hash code for this object.
no setterinherited
lockoutDuration Duration
How long the lockout lasts after maxAttempts is exceeded. Default: 5 minutes. May be extended by server policy.
final
maxAttempts int
Max failed biometric attempts before lockout triggers. Default: 3. May be tightened by server policy.
final
onEvent → void Function(BiometricEvent event)?
Receives all audit events emitted by the SDK. Plug directly into your existing analytics or logging service.
final
persistLockout bool
If true, lockout state persists across app restarts. Default: true
final
policyProvider PolicyProvider?
Server-driven policy enforcement.
final
runtimeType Type
A representation of the runtime type of the object.
no setterinherited
sessionDuration Duration
How long a successful auth remains valid before re-auth is required. Default: 15 minutes. Set to Duration.zero to require auth every time. May be overridden by PolicyProvider.getPolicy at runtime.
final
sessionResetsOnActivity bool
If true, session timer resets on any app interaction. If false, session expires based on wall clock from last auth. Default: true
final
tokenLifecycle TokenLifecycle?
Backend-agnostic token lifecycle handler.
final
tokenStore TokenStoreInterface?
Custom token store implementation. If null, uses the default BiometricTokenStore implementation.
final
verbose bool
If true, the SDK prints debug information to the console. Useful for integrators debugging authentication flows. Default: false. Never enable in production.
final

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
toString() String
A string representation of this object.
inherited
validate() → void
Validate this config at runtime. Call this from BiometricShield constructor to catch misconfiguration even in release builds.

Operators

operator ==(Object other) bool
The equality operator.
inherited