TouchID support - Githubissues

jz709u commented 7 years ago

do you want login to be touch ID supported or maybe notes to have locks and touchID supported?

moughxyz commented 7 years ago

Touch ID just for login. This would be optional, and enabled via the account menu with a table cell that says "Enable TouchID"/"Disable TouchID".

jz709u commented 7 years ago

so what exactly is the flow?

0.) needs to be an existing registered user meaning it has a password associated with it 1.) user can enable/disable TouchID if touch id does not work on phone don't show this field 2.) if User has touch ID enabled the "sign in" button turns into "sign in with touch id" and we hide the password field 3.) touch id sucess call api or touch id failure present alert

with touch id failed present error and 2 choices one to dismiss and one to turn off touch id 3.) separate api or same api call auth/sign_in.json with different paramters
- let parameters: Parameters = ["email": email, "deviceID" : deviceID] 4.) continue as normal flow

some edge cases: 1.) if user turns off touch ID do we keep the deviceID associated with the account or should we invalidate it. 2.) if user has two phones with touchID and he has the same app on both does the login with touch id override the existing or she we provide an exception if a device is already registered or should be allow multiple devices be assoicated per account?

These are just some thoughts I could be misunderstanding your Vision for this feature

moughxyz commented 7 years ago

TouchID wouldn't be for sign in, it would be just for locking the app. Because once you're signed in, you really have no reason to sign out (it would also remove all your notes and you'd have to resync every time)

So TouchID is totally separate from authentication. It's just an app specific thing.

jz709u commented 7 years ago

ok.

1.) user enables touch id 2.) puts app in the background or kills the app 3.) on reenter of the app or restart of the app the touch id should be shown on entrance to the app. 4.) user can either authenticate with finger or enter their pass code. on popup 5.) if user is unable to successfully to log in the popup remains 6.) if user tries to log into too many times what happens?

moughxyz commented 7 years ago

There's no limit to login attempts. Again this is just local authentication and has nothing to do with the server. Eventually if user fingerprint is not recognized, he can just delete the app and reinstall it, and then touchID will be disabled.

jz709u commented 7 years ago

ok I understand thanks

moughxyz commented 7 years ago

That was quick. Touch ID is now in the App Store: https://itunes.apple.com/us/app/standard-notes/id1191215138?ls=1&mt=8

standardnotes / iOS-classic

TouchID support #8