From dd3b5428e379603e34a0af3ef36a12bf8f5e344e Mon Sep 17 00:00:00 2001 From: naman-crabnebula Date: Fri, 12 Jul 2024 03:41:58 +0530 Subject: [PATCH 1/6] Add Biometric Plugin Docs --- src/content/docs/plugin/biometric.mdx | 175 ++++++++++++++++++++++++-- 1 file changed, 167 insertions(+), 8 deletions(-) diff --git a/src/content/docs/plugin/biometric.mdx b/src/content/docs/plugin/biometric.mdx index 55002b0a21..222a170859 100644 --- a/src/content/docs/plugin/biometric.mdx +++ b/src/content/docs/plugin/biometric.mdx @@ -1,19 +1,178 @@ --- title: Biometric description: Prompt the user for biometric authentication on Android and iOS. -sidebar: - badge: - text: WIP - variant: caution --- -import Stub from '@components/Stub.astro'; import PluginLinks from '@components/PluginLinks.astro'; +import { Tabs, TabItem, Steps } from '@astrojs/starlight/components'; +import CommandTabs from '@components/CommandTabs.astro'; - +Secure your application by prompting the user for biometric authentication on Android and iOS. -Based on https://github.com/tauri-apps/plugins-workspace/tree/plugins/biometric +## Supported Platforms - +- Android +- iOS + +## Setup + +Install the biometric plugin to get started. + + + + + Use your project's package manager to add the dependency: + + + + + + + 1. Install the biometric plugin by adding the following to your `Cargo.toml` file: + + ```toml title="src-tauri/Cargo.toml" + [dependencies] + tauri-plugin-biometric = "2.0.0-beta" + # alternatively with Git: + tauri-plugin-biometric = { git = "https://github.com/tauri-apps/plugins-workspace", branch = "v2" } + ``` + + 2. Modify `lib.rs` to initialize the plugin: + + ```rust title="src-tauri/src/lib.rs" ins={4} + #[cfg_attr(mobile, tauri::mobile_entry_point)] + fn run() { + tauri::Builder::default() + .plugin(tauri_plugin_biometric::Builder::new().build()) + .run(tauri::generate_context!()) + .expect("error while running tauri application"); + } + ``` + + 3. Install the JavaScript Guest bindings using your preferred JavaScript package manager: + + + + + + +## Usage + +This plugin enables you to verify the availability of Biometric Authentication on a device, prompt the user for biometric authentication, and check the result to determine if the authentication was successful or not. + +### Check Status + +You can check the status of Biometric Authentication, including its availability and the types of biometric authentication methods supported. + + + + +```rust +use tauri_plugin_biometric::BiometricExt; + +fn check_biometric(app_handle: tauri::AppHandle){ + if app_handle.biometric().status().unwrap().is_available { + println!("Yes! Biometric Authentication is available"); + } else { + println!("No! Biometric Authentication is not available due to : {}", app_handle.biometric().status().unwrap().error.unwrap()); + } +} +``` + + + + + +```javascript +import { checkStatus } from '@tauri-apps/plugin-biometric'; + +const status = await checkStatus(); +if (status.isAvailable){ + console.log("Yes! Biometric Authentication is available"); +} else { + console.log("No! Biometric Authentication is not available due to "+status.error); +} +``` + + + +### Authenticate + +To prompt the user for Biometric Authentication, utilize the `authenticate()` method. + + + + +```rust ins={21} +use tauri_plugin_biometric::{BiometricExt, AuthOptions}; + +fn bio_auth(app_handle: tauri::AppHandle) { + + let options = AuthOptions{ + // Set True if you want the user to be able to authenticate using phone password + allow_device_credential:false, + cancel_title: Some("Feature won't work if Canceled".to_string()), + + // iOS only feature + fallback_title: Some("Sorry, authentication failed".to_string()), + + // Android only features + title: Some("Tauri feature".to_string()), + subtitle: Some("Authenticate to access the locked Tauri function".to_string()), + confirmation_required: Some(true), + }; + + // If the authentication was succesfull, the function returns Result::Ok() + // And Result::Error() otherwise + match app_handle.biometric().authenticate("This feature is locked".to_string(), options){ + Ok(_) => { + println!("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!"); + } + Err(e) => { + println!("Oh no! Authentication failed because : {e}"); + } + } +} +``` + + + + +```javascript ins={18} +import { authenticate } from '@tauri-apps/plugin-biometric'; + +const options = { + // Set True if you want the user to be able to authenticate using phone password + allowDeviceCredential:false, + cancelTitle: "Feature won't work if Canceled", + + // iOS only feature + fallbackTitle: "Sorry, authentication failed", + + // Android only features + title: "Tauri feature", + subtitle: "Authenticate to access the locked Tauri function", + confirmationRequired: true, +}; + +try{ + await authenticate("This feature is locked", options); + console.log("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!"); +} catch(err) { + console.log("Oh no! Authentication failed because " + err.message); +} +``` + + + From c32aed27b410333ae9a5b27d665e0e1f16cbdbf3 Mon Sep 17 00:00:00 2001 From: naman-crabnebula Date: Fri, 12 Jul 2024 03:59:01 +0530 Subject: [PATCH 2/6] Add permission section in Biometric Plugin --- src/content/docs/plugin/biometric.mdx | 66 +++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/src/content/docs/plugin/biometric.mdx b/src/content/docs/plugin/biometric.mdx index 222a170859..b2fef5000e 100644 --- a/src/content/docs/plugin/biometric.mdx +++ b/src/content/docs/plugin/biometric.mdx @@ -176,3 +176,69 @@ try{ + +## Permissions + +By default all plugin commands are blocked and cannot be accessed. You must define a list of permissions in your `capabilities` configuration. + +See [Permissions Overview](/security/permissions/) for more information. + + + + + + + + + + + + + + + + + + + + + + + + + + + +
IdentifierDescription
+ +`biometric:allow-authenticate` + + + +Enables the authenticate command without any pre-configured scope. + +
+ +`biometric:deny-authenticate` + + + +Denies the authenticate command without any pre-configured scope. + +
+ +`biometric:allow-status` + + + +Enables the status command without any pre-configured scope. + +
+ +`biometric:deny-status` + + + +Denies the status command without any pre-configured scope. + +
\ No newline at end of file From f5bc5341c7c87c3bbca2afd551ac7f30d62c8c57 Mon Sep 17 00:00:00 2001 From: Lucas Nogueira Date: Mon, 12 Aug 2024 07:55:03 -0300 Subject: [PATCH 3/6] update permissions doc --- src/content/docs/plugin/biometric.mdx | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/content/docs/plugin/biometric.mdx b/src/content/docs/plugin/biometric.mdx index 7e9db1ad6f..f7311ae6e7 100644 --- a/src/content/docs/plugin/biometric.mdx +++ b/src/content/docs/plugin/biometric.mdx @@ -180,8 +180,18 @@ try{ ## Permissions -By default all plugin commands are blocked and cannot be accessed. You must define a list of permissions in your `capabilities` configuration. +By default all potentially dangerous plugin commands and scopes are blocked and cannot be accessed. You must modify the permissions in your `capabilities` configuration to enable these. -See [Permissions Overview](/security/permissions/) for more information. +See the [Capabilities Overview](/security/capabilities/) for more information and the [step by step guide](/learn/security/using-plugin-permissions/) to use plugin permissions. + +```json title="src-tauri/capabilities/main.json" ins={6} +{ + "$schema": "../gen/schemas/desktop-schema.json", + "identifier": "main-capability", + "description": "Capability for the main window", + "windows": ["main"], + "permissions": ["biometric:default"] +} +``` From 14524ee92f2eaa835053e14d9f41480d40ad4da6 Mon Sep 17 00:00:00 2001 From: Lucas Nogueira Date: Mon, 12 Aug 2024 07:55:55 -0300 Subject: [PATCH 4/6] update overview --- src/content/docs/plugin/biometric.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/plugin/biometric.mdx b/src/content/docs/plugin/biometric.mdx index f7311ae6e7..222030434d 100644 --- a/src/content/docs/plugin/biometric.mdx +++ b/src/content/docs/plugin/biometric.mdx @@ -10,7 +10,7 @@ import PluginPermissions from '@components/PluginPermissions.astro'; -Secure your application by prompting the user for biometric authentication on Android and iOS. +Prompt the user for biometric authentication on Android and iOS. ## Supported Platforms From 570281d5dccdd3766a41cba50c0f5c474892574c Mon Sep 17 00:00:00 2001 From: Lucas Nogueira Date: Mon, 12 Aug 2024 07:57:53 -0300 Subject: [PATCH 5/6] js first --- src/content/docs/plugin/biometric.mdx | 93 ++++++++++++++------------- 1 file changed, 50 insertions(+), 43 deletions(-) diff --git a/src/content/docs/plugin/biometric.mdx b/src/content/docs/plugin/biometric.mdx index 222030434d..32fe04f05e 100644 --- a/src/content/docs/plugin/biometric.mdx +++ b/src/content/docs/plugin/biometric.mdx @@ -66,6 +66,7 @@ Install the biometric plugin to get started. /> + ## Usage @@ -77,6 +78,22 @@ This plugin enables you to verify the availability of Biometric Authentication o You can check the status of Biometric Authentication, including its availability and the types of biometric authentication methods supported. + + +```javascript +import { checkStatus } from '@tauri-apps/plugin-biometric'; + +const status = await checkStatus(); +if (status.isAvailable) { + console.log('Yes! Biometric Authentication is available'); +} else { + console.log( + 'No! Biometric Authentication is not available due to ' + status.error + ); +} +``` + + ```rust @@ -92,34 +109,52 @@ fn check_biometric(app_handle: tauri::AppHandle){ ``` + + +### Authenticate + +To prompt the user for Biometric Authentication, utilize the `authenticate()` method. + + -```javascript -import { checkStatus } from '@tauri-apps/plugin-biometric'; +```javascript ins={18} +import { authenticate } from '@tauri-apps/plugin-biometric'; -const status = await checkStatus(); -if (status.isAvailable){ - console.log("Yes! Biometric Authentication is available"); -} else { - console.log("No! Biometric Authentication is not available due to "+status.error); +const options = { + // Set True if you want the user to be able to authenticate using phone password + allowDeviceCredential: false, + cancelTitle: "Feature won't work if Canceled", + + // iOS only feature + fallbackTitle: 'Sorry, authentication failed', + + // Android only features + title: 'Tauri feature', + subtitle: 'Authenticate to access the locked Tauri function', + confirmationRequired: true, +}; + +try { + await authenticate('This feature is locked', options); + console.log( + 'Hooray! Successfully Authenticated! We can now perform the locked Tauri function!' + ); +} catch (err) { + console.log('Oh no! Authentication failed because ' + err.message); } ``` - - -### Authenticate - -To prompt the user for Biometric Authentication, utilize the `authenticate()` method. + - ```rust ins={21} use tauri_plugin_biometric::{BiometricExt, AuthOptions}; fn bio_auth(app_handle: tauri::AppHandle) { - + let options = AuthOptions{ // Set True if you want the user to be able to authenticate using phone password allow_device_credential:false, @@ -135,7 +170,7 @@ fn bio_auth(app_handle: tauri::AppHandle) { }; // If the authentication was succesfull, the function returns Result::Ok() - // And Result::Error() otherwise + // And Result::Error() otherwise match app_handle.biometric().authenticate("This feature is locked".to_string(), options){ Ok(_) => { println!("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!"); @@ -146,34 +181,6 @@ fn bio_auth(app_handle: tauri::AppHandle) { } } ``` - - - - -```javascript ins={18} -import { authenticate } from '@tauri-apps/plugin-biometric'; - -const options = { - // Set True if you want the user to be able to authenticate using phone password - allowDeviceCredential:false, - cancelTitle: "Feature won't work if Canceled", - - // iOS only feature - fallbackTitle: "Sorry, authentication failed", - - // Android only features - title: "Tauri feature", - subtitle: "Authenticate to access the locked Tauri function", - confirmationRequired: true, -}; - -try{ - await authenticate("This feature is locked", options); - console.log("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!"); -} catch(err) { - console.log("Oh no! Authentication failed because " + err.message); -} -``` From 281ac79308d19d42b3876c89e516d3f5739acced Mon Sep 17 00:00:00 2001 From: Lucas Nogueira Date: Mon, 12 Aug 2024 08:00:08 -0300 Subject: [PATCH 6/6] fmt --- src/content/docs/plugin/biometric.mdx | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/content/docs/plugin/biometric.mdx b/src/content/docs/plugin/biometric.mdx index 32fe04f05e..c0ccd30217 100644 --- a/src/content/docs/plugin/biometric.mdx +++ b/src/content/docs/plugin/biometric.mdx @@ -99,11 +99,12 @@ if (status.isAvailable) { ```rust use tauri_plugin_biometric::BiometricExt; -fn check_biometric(app_handle: tauri::AppHandle){ - if app_handle.biometric().status().unwrap().is_available { +fn check_biometric(app_handle: tauri::AppHandle) { + let status = app_handle.biometric().status().unwrap(); + if status.is_available { println!("Yes! Biometric Authentication is available"); } else { - println!("No! Biometric Authentication is not available due to : {}", app_handle.biometric().status().unwrap().error.unwrap()); + println!("No! Biometric Authentication is not available due to: {}", status.error.unwrap()); } } ``` @@ -123,7 +124,7 @@ To prompt the user for Biometric Authentication, utilize the `authenticate()` me import { authenticate } from '@tauri-apps/plugin-biometric'; const options = { - // Set True if you want the user to be able to authenticate using phone password + // Set true if you want the user to be able to authenticate using phone password allowDeviceCredential: false, cancelTitle: "Feature won't work if Canceled", @@ -155,7 +156,7 @@ use tauri_plugin_biometric::{BiometricExt, AuthOptions}; fn bio_auth(app_handle: tauri::AppHandle) { - let options = AuthOptions{ + let options = AuthOptions { // Set True if you want the user to be able to authenticate using phone password allow_device_credential:false, cancel_title: Some("Feature won't work if Canceled".to_string()), @@ -169,9 +170,9 @@ fn bio_auth(app_handle: tauri::AppHandle) { confirmation_required: Some(true), }; - // If the authentication was succesfull, the function returns Result::Ok() - // And Result::Error() otherwise - match app_handle.biometric().authenticate("This feature is locked".to_string(), options){ + // if the authentication was succesfull, the function returns Result::Ok() + // otherwise returns Result::Error() + match app_handle.biometric().authenticate("This feature is locked".to_string(), options) { Ok(_) => { println!("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!"); }