• Stars
    star
    177
  • Rank 215,985 (Top 5 %)
  • Language
    Dart
  • License
    MIT License
  • Created over 5 years ago
  • Updated 4 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Flutter plugin to store data behind biometric authentication (ie. fingerprint)

biometric_storage

Pub

Encrypted file store, optionally secured by biometric lock for Android, iOS, MacOS and partial support for Linux, Windows and Web.

Meant as a way to store small data in a hardware encrypted fashion. E.g. to store passwords, secret keys, etc. but not massive amounts of data.

  • Android: Uses androidx with KeyStore.
  • iOS and MacOS: LocalAuthentication with KeyChain.
  • Linux: Stores values in Keyring using libsecret. (No biometric authentication support).
  • Windows: Uses wincreds.h to store into read/write into credential store.
  • Web: Warning Uses unauthenticated, unencrypted storage in localStorage. If you have a better idea for secure storage on web platform, please open an Issue.

Check out AuthPass Password Manager for a app which makes heavy use of this plugin.

Getting Started

Installation

Android

  • Requirements:
    • Android: API Level >= 23 (android/app/build.gradle minSdkVersion 23)

    • Make sure to use the latest kotlin version:

      • android/build.gradle: ext.kotlin_version = '1.4.31'
    • MainActivity must extend FlutterFragmentActivity

    • Theme for the main activity must use Theme.AppCompat thme. (Otherwise there will be crases on Android < 29) For example:

      AndroidManifest.xml:

      <activity
      android:name=".MainActivity"
      android:launchMode="singleTop"
      android:theme="@style/LaunchTheme"

      xml/styles.xml:

          <style name="LaunchTheme" parent="Theme.AppCompat.NoActionBar">
          <!-- Show a splash screen on the activity. Automatically removed when
               Flutter draws its first frame -->
          <item name="android:windowBackground">@drawable/launch_background</item>
      
          <item name="android:windowNoTitle">true</item>
          <item name="android:windowActionBar">false</item>
          <item name="android:windowFullscreen">true</item>
          <item name="android:windowContentOverlay">@null</item>
      </style>
Resources

iOS

https://developer.apple.com/documentation/localauthentication/logging_a_user_into_your_app_with_face_id_or_touch_id

  • include the NSFaceIDUsageDescription key in your app’s Info.plist file
  • Requires at least iOS 9

Known Issue: since iOS 15 the simulator seem to no longer support local authentication: https://developer.apple.com/forums/thread/685773

Mac OS

  • include the NSFaceIDUsageDescription key in your app’s Info.plist file
  • enable keychain sharing and signing. (not sure why this is required. but without it You will probably see an error like:

    SecurityError, Error while writing data: -34018: A required entitlement isn't present.

  • Requires at least Mac OS 10.12

Usage

You basically only need 4 methods.

  1. Check whether biometric authentication is supported by the device
  final response = await BiometricStorage().canAuthenticate()
  if (response != CanAuthenticateResponse.success) {
    // panic..
  }
  1. Create the access object
  final store = BiometricStorage().getStorage('mystorage');
  1. Read data
  final data = await storageFile.read();
  1. Write data
  final myNewData = 'Hello World';
  await storageFile.write(myNewData);

See also the API documentation: https://pub.dev/documentation/biometric_storage/latest/biometric_storage/BiometricStorageFile-class.html#instance-methods