MontaiLL
commented
1 year ago Oh yes definitely!
Open MaudSimon opened 1 year ago
MontaiLL
commented
1 year ago Oh yes definitely!
mvaivre
commented
1 year ago Should be feasible :)
nop33
commented
1 year ago Yep, seems feasible: https://www.electronjs.org/docs/latest/api/system-preferences#systempreferencesprompttouchidreason-macos
We need to investigate further whether there are any security gotcha's
If we wanna implement this, we'd need to change our authentication flow a bit. We'd need to store the user's password in the macOS keychain with a specific config option so that when reading it it would auto-prompt for the Touch ID:
This API itself will not protect your user data; rather, it is a mechanism to allow you to do so. Native apps will need to set Access Control Constants like kSecAccessControlUserPresence on their keychain entry so that reading it would auto-prompt for Touch ID biometric consent. This could be done with node-keytar, such that one would store an encryption key with node-keytar and only fetch it if promptTouchID() resolves.
nop33
commented
6 months ago Integrating Passkey might also be interesting: https://safety.google/authentication/passkey/
diomark
commented
5 months ago May I suggest that on the Windows side, Widnows HELLO is implemented? (which is fingerprint or facial recognition or PIN depending on how it's setup. but windows hello libraries take care of this) https://learn.microsoft.com/en-us/windows/uwp/security/microsoft-passport
The community would love to see support for Touch ID on the Desktop Wallet, for devices like the Macbook Pro that have it supported. Secure, fast, and ultra, ultra-convenient.