search

Landry333 / Big-Owl

soen 490 project
2 stars 2 forks source link

#13 authentication with fingerprint and user phone number detection after login, to access user account #271

Closed Landry333 closed 3 years ago

Landry333 commented 3 years ago

Closes #13

Description

This is to implement an additional security feature for user account access. On top of the login with userID and password, this feature will be proposed to a user to secure his / her account so that it can be accessible only on a telephony device that carries on sim card_1, the phone number that the user saved in her / his account (the user’s mobile number). Then on such a device, after the usual login with userID and password, the user will be required to authenticate his / her fingerprint the same way it is done on android devices with fingerprint authentication. Therefore, this feature will be available only if the device is equipped with the android fingerprint authentication hardware. For devices not equipped with that hardware, nothing of this feature will be proposed to the user as additional security access to account. Hence, with this feature, a user will still be able to have his account access secured even in case of userID and password privacy loss.

How to check PR

After signing up or signing in with the service not added Check that after signing up or in, the fingerprint authentication screen will be displayed before accessing the home page screen. If phone does not have the hardware and option for android fingerprint authentication, the user will be directly sent to home page screen. If phone has the hardware and option for android fingerprint authentication, the user will be sent to fingerprint authentication screen.

On fingerprint authentication screen Case 1: If the phone number on sim card_1 on user’s device is not the same as the account phone number, the service should be denied to user.

Case 2: If the phone number on sim card_1 on user’s device is the same as the account phone number, the service should be proposed to user. If the user rejects the offer, she / he should be redirected to homepage. If user accepts, he / she should start the fingerprint authentication. This authentication is using the settings done on the user phone android system. On successful fingerprint authentication, the user will be redirected to homepage.

After signing in for user who added the service Case 1: If the phone number on sim card_1 on user’s device is not the same as the account phone number, the access to user account should be denied to user.

Case 2: If the phone number on sim card_1 on user’s device is the same as the account phone number, the user should be able to start the fingerprint authentication. On successful fingerprint authentication, the user will be directed to homepage.

Change choice to add or remove service: This should be possible on edit profile, where user should be able to enter only “yes” or only “no” to make their choice for the service (letter case can be ignored).

codecov-io commented 3 years ago

Codecov Report

Merging #271 (c11b857) into staging (b973729) will decrease coverage by 1.64%. The diff coverage is 18.42%.

Impacted file tree graph

@@              Coverage Diff              @@
##             staging     #271      +/-   ##
=============================================
- Coverage      44.28%   42.63%   -1.65%     
  Complexity         1        1              
=============================================
  Files             88       89       +1     
  Lines           2818     2988     +170     
  Branches         150      167      +17     
=============================================
+ Hits            1248     1274      +26     
- Misses          1529     1669     +140     
- Partials          41       45       +4
Impacted Files Coverage Δ Complexity Δ
...pp/activity/FingerprintAuthenticationActivity.java 0.00% <0.00%> (ø) 0.00 <0.00> (?)
...m/example/bigowlapp/activity/HomePageActivity.java 55.55% <0.00%> (-0.57%) 0.00 <0.00> (ø)
...example/bigowlapp/utils/SupervisorSmsListener.java 0.00% <ø> (ø) 0.00 <0.00> (ø)
...example/bigowlapp/viewModel/HomePageViewModel.java 15.38% <0.00%> (-2.80%) 0.00 <0.00> (ø)
.../example/bigowlapp/activity/LoginPageActivity.java 54.54% <21.05%> (-19.23%) 0.00 <0.00> (ø)
...xample/bigowlapp/activity/EditProfileActivity.java 92.10% <69.23%> (-1.93%) 0.00 <0.00> (ø)
...example/bigowlapp/activity/SignUpPageActivity.java 90.76% <71.42%> (-2.57%) 0.00 <0.00> (ø)
...rc/main/java/com/example/bigowlapp/model/User.java 59.72% <85.71%> (+6.27%) 0.00 <0.00> (ø)
...mple/bigowlapp/viewModel/EditProfileViewModel.java 95.83% <100.00%> (+0.18%) 0.00 <0.00> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update b973729...c11b857. Read the comment docs.

Landry333 commented 3 years ago

I made some updates on the branch for the fingerprint authentication service to be proposed to user only once and after user has signed in with password and user Uid. User can also update choice on profile as before

sonarcloud[bot] commented 3 years ago

SonarCloud Quality Gate failed.

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 6 Code Smells

21.7% 21.7% Coverage
5.6% 5.6% Duplication