Flutter Lockerđź”’
Flutter plugin that secures your secrets in keychain using biometric authentication (Fingerprint, Touch ID, Face ID...).
It uses:
- Locker on iOS (https://github.com/infinum/Locker)
- Goldfinger on Android (https://github.com/infinum/Android-Goldfinger)
Migrate to 2.1.0
The models now accept named parameters instead of unnamed, e.g.:
RetrieveSecretRequest(
key: 'key',
androidPrompt: AndroidPrompt(title: 'title', cancelLabel: 'cancel'),
iOsPrompt: IOsPrompt(touchIdText: 'description'),
)
Usage
FlutterLocker.canAuthenticate();
Checks if the devices has biometric features.
await FlutterLocker.save(SaveSecretRequest(
key: 'key',
secret: 'secret',
androidPrompt: AndroidPrompt(title: 'Authenticate', cancelLabel: 'Cancel'),
));
Saves the secret. On Android prompt is shown, while on iOS there is no need for the prompt when saving.
await FlutterLocker.retrieve(RetrieveSecretRequest(
key: key,
androidPrompt: AndroidPrompt(title: 'Authenticate', cancelLabel: 'Cancel'),
iOsPrompt: IOsPrompt(touchIdText: 'Authenticate'),
));
Retrieves the secret. You need to provide a prompt for Android and iOS. Prompt for iOS is used only with TouchID. FaceID uses strings from Info.plist
.
await FlutterLocker.delete('key');
Deletes the secret.
Exceptions
For common exceptions, a LockerException
is thrown.
Use LockerException.reason
to find out what went wrong:
secretNotFound
- Happens when you try to retrieve a secret that was never saved for that keyauthenticationCanceled
- User canceled the authentication promptauthenticationFailed
- User failed authentication, e.g. by too many wrong attempts
For other exception, a PlatformException
is thrown. You can use PlatformException.message
to get more info.
Notes
- iOS only: app will not show authentication dialog when saving (authentication will always succeed)
- please follow Locker and Goldfinger setup to prevent any issues
Setup
iOS
To use Locker you need to add the NSFaceIDUsageDescription
to you Info.plist
.
If NSFaceIDUsageDescription
is not provided, the app will crash with the following error:
This app has crashed because it attempted to access privacy-sensitive data without a usage description. The app's Info.plist must contain an NSFaceIDUsageDescription key with a string value explaining to the user how the app uses this data.
Android
Ensure MainActivity
extends FlutterFragmentActivity
.
class MainActivity: FlutterFragmentActivity() {
// ...
}
When showing authentication prompt, the app might crash on some Samsung devices if you don't use an appropriate theme: https://github.com/infinum/flutter-plugins-locker/commit/fcb1f6401d89f860d24ea9a75027d62a03e87926.