[RESOLVED] How to implements Touch ID Auth in a app with bubble as backend?


#1

I have done some research in the forum with little almost no luck, also the documentations I believe is really vague in what it tells you, https://help.dropsource.com/docs/getting-started/dropsource-faqs/?query=Touch%20ID%20

Could somebody explain to me how can I use it in an iOS app?

My app already is authenticating the user trough the bubble API, and this is something I am really looking. I do not understand “Enter a reason to display the user when they are prompted to authenticate” and how should I use the successful o r failed auth respond, should I use a go to page, how to connect it to the Run Api request - dropsource Login.

I hope I am clear explaining what I need.

Thanks guys.


#2

Hello @caeroa,

When you authenticate with touch id, your phone is verifying the person is who they are supposed to be on that device. There’s often a prompt that can come in when authenticating and giving a reason for why the user is be prompted to authenticate is a part of the user experience in places the devices deems necessary so it’s a step in the setup process.

As for the Success/Failure events, this is contextual to whatever you want to occur in your app. Perhaps you want to send a Bubble API call to obtain a the API key since you know the user is internally authenticated or something. Perhaps you just want to move the user to another page. The success/failure events are there so you can do something based on where the touch id authentication successfully identified the user or not.


#3

Thanks @wade . So to understand the touch id and to clarify my thinking, before the phone use face/touch id for the first time when you install an app, you should use your credentials (user and password) and then the phone save them and connect them to your finger/face, so each time you use face/touch id the phone retrieve this info?

Is it like an internal phone system password manager?
Am I right?


#4

So my understanding here is that to use your Bubble API you need to pass a access token with the requests that is unique to the user. Once you have that access token, you can make requests. I’m guessing that where the touch id comes in is to prove the person is who they say they are and if so, then you use those stored credentials they set up the 1st time to reach out and “login” without their need to type them in again.

That’s my thought here on this. Does that help?


#5

Thank you @wade, I did it, thanks to your post reply and this medium publication https://medium.com/@euginedubinin/touch-id-ux-for-ios-app-efe4de3bc245 I understood how it works, and it was this way:

  • 01 First of all the authentication user trough the bubble API it is working fine, this app is based on the photo saver wit bubble backend

  • 02 I created two new Device variables, string,: TIDS u & TIDS p (touch id user - touch id password)
    image

  • 03 I created a page variable, Boolean, in the login page ( nuevo touch id)
    image

  • 04 when tapped the button before to run the api to login I apply true to the page variable (nuevo touch id = true)

and the run the api request for login

  • 05 When I get the 200 response in the login just before the go to page (next page where I show the photos) I checked if the page variable (nuevo touch id ) it is true ,(i do this tho check always if the user has entered the credentials by keyboard and no by touch id or face id

if it is true, I launch a Authenticate with Touch ID / Face ID with the reason (Activa tu id) this means it is the first time I am going to use the touch id / face id and I am going to initialize, if the user use his finger or face it means is a Successful Authentication, so I set the values the new devices variables, for the TIDS u, the value will be the user email field text,

and for the TIDS p will be the user password field text,

all this means the device has saved the user email and password and it is working as a system password manager and I can retrieve that credentials with touch id / face id .
If the the Authentication Failed or the user cancel the touch id / face id it just continues without save anything to the next page, and everything works fine.

  • 06 So now when I run the app, when the login page appeared I check if I have saved the device variables for user email and password , (if they are empty it just ignore al this an do nothing) if they are not empty, any of those variables I used TIDS u( which means I already save the user credentials) ,

I launch another Authenticate with Touch ID / Face ID with the reason (utiliza tu id) with means use your touch id, which is already saved in the phone, if the user use it and is Successful Authentication I set the value of user email text field with device variable TIDS u which contains the user email already saved by the first touch id / face id

I do the same with the password field text:

then i set the value of the page variable (nuevo touch id to false)

and then run the api request for login

  • 07 so when the API for login is called and we have a 200 response and check if the page variable (nuevo touch id) is false or not, and because we just set it up as false, it does not call this Authenticate with Touch ID / Face ID and no save the devise variable which already have the user credentials and just go to the next page and everything worked like magic :slight_smile:

So this is the way I setup a Authenticate with Touch ID / Face ID and made it work, I know still need a little touches but it is in the right way and working fine the way it is supposed to be.

I hope this helps to somebody and do not hesitate to ask anything and if I happen to know the answer I will help ypu gladly.

(please forgive my typos and bad grammar)

Cheers!!!


#6

I just did a little change that make all this workflow safer, instead of using Device variables i have used “Save a value to the Keychain”, one for the password and one for the user email, and created a Boolean device variable to check if th touch ID / face ID was already launched or not.

this way all the credentials are safe in the phone keychain.

Cheers!


#7

I lost track of this post in my own troubleshooting. Thank you for updating me. Yea using Keychain for credentials is a more secure way to go. Nice work solving!