search

2fast-team / 2fast

Two-Factor Authenticator Supporting TOTP (Windows 10 & Android, iOS, Linux and macOS App)
https://2fast-app.de
GNU General Public License v3.0
421 stars 43 forks source link

[Feature] Remove the need for broad file system access #25

Closed dongle-the-gadget closed 5 months ago

dongle-the-gadget commented 2 years ago

Describe the problem this feature would solve

Currently, 2fast relies on the broadFileSystemAccess restricted capability. This (from my knowledge) impairs app certification time and is simply asking for way too much access to users' data.

Describe the solution

Windows.Storage.AccessCache.StorageApplicationPermissions.FutureAccessList allows you to retain access to files you are given permissions to by the user. Since 2fast has already used pickers, the app should also be able to put the file into the future access list in order to use the data file again in future launches without user permission.

Describe alternatives you've considered

N/A

Additional context & Screenshots

N/A

jp-weber commented 2 years ago

I have implemented the broadFileSystemAccess capability because the access to files (FutureAccessList) has caused problems when, for example, the id of the folder has changed due to a cloud service and the file has to be selected again with 2fast. This is impossible for a user to understand. Currently the authorization is also only requested when a datafile is loaded in the first steps of app usage.

The permission would allow the app to access the data that the user has access too. This is the standard for WPF/Forms programs. I therefore do not see any problems here.

Initially the certification process at microsoft took longer, currently a new version is online in a few hours.