tatsuyamoriguchi
commented
1 month ago To determine whether any account exists in the Keychain (regardless of the email), you can modify the function to query all items stored under the specific service without specifying an account. This way, if any item is found, it means at least one account exists in the Keychain for that service.
Here's an updated version of your function to check for any account existence:
func checkAnyAccountExists() throws -> Bool {
let query: [String: Any] = [
kSecClass as String: kSecClassGenericPassword,
kSecAttrService as String: Keychain.service,
kSecMatchLimit as String: kSecMatchLimitOne,
kSecReturnAttributes as String: kCFBooleanTrue!
]
var result: AnyObject?
let status = SecItemCopyMatching(query as CFDictionary, &result)
print("checkAnyAccountExists SecItemCopyMatching status: \(status)")
if status == errSecSuccess {
// At least one account exists
return true
} else if status == errSecItemNotFound {
// No account exists
return false
} else {
// An unexpected error occurred
throw KeychainError.unhandledError(status: status)
}
}This function constructs a query that looks for any item associated with the Keychain.service. It does not specify an account, so it will match any item stored under that service. The kSecMatchLimitOne and kSecReturnAttributes options ensure that the query is efficient and only returns attributes (not data) if an item is found. The function then checks the status returned by SecItemCopyMatching:
- If the status is
errSecSuccess, it means at least one item exists in the Keychain for the specified service, so the function returnstrue. - If the status is
errSecItemNotFound, it means no items exist, so the function returnsfalse. - Any other status indicates an unexpected error, which is thrown as an exception.
Error message is displayed, "Wrong eMail address or password" Console shows:
The code is searching for a password, not email address. It's not checking if any user account is already created or not.