Skip to content

Adding the documentation of the new method of biometric plugin #3182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: v2
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
112 changes: 107 additions & 5 deletions src/content/docs/plugin/biometric.mdx
Original file line number Diff line number Diff line change
@@ -89,16 +89,16 @@ In the `src-tauri/Info.ios.plist` file, add the following snippet:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSFaceIDUsageDescription</key>
<string>Authenticate with biometric</string>
</dict>
<dict>
<key>NSFaceIDUsageDescription</key>
<string>Authenticate with biometric</string>
</dict>
</plist>
```

## Usage

This plugin enables you to verify the availability of Biometric Authentication on a device, prompt the user for biometric authentication, and check the result to determine if the authentication was successful or not.
This plugin enables you to verify the availability of Biometric Authentication on a device, prompt the user for biometric authentication, and check the result to determine if the authentication was successful or not. On Android, it also allows you to encrypt/decrypt data using assymmetric keys that can be accessed only if the user authenticates using their registered biometric authentication method.

### Check Status

@@ -213,6 +213,108 @@ fn bio_auth(app_handle: tauri::AppHandle) {
</TabItem>
</Tabs>

### Biometric protected cryptography

:::caution[Android-only feature]
This feature is available only for Android.
:::

To encrypt/decrypt data using an asymmetric cryptography method that is protected behind the user Biometric Authentication, utilize the `biometricCipher()` method.

<Tabs syncKey="lang">

<TabItem label="JavaScript">

```javascript
import { biometricCipher } from '@tauri-apps/plugin-biometric';

// Encrypts data
const encryptOptions = {
// ... other options
dataToEncrypt: getOriginalData(),
};

try {
const encrypted = await biometricCipher(
'Passwordless authentication',
encryptOptions
);
console.log(
'Hooray! Successfully encrypted data! We can now store it to decrypt later, when needed'
);
} catch (err) {
console.log('Oh no! Authentication failed because ' + err.message);
}

// Decrypts data back to the original
const decryptOptions = {
// ... other options
dataToDecrypt: encrypted.data,
};

try {
const original = await biometricCipher(
'Passwordless authentication',
decryptOptions
);
console.log(
'Hooray! Successfully decrypted data after the user authenticated with their biometric method.'
);
const valid = originalData() == dataToDecrypt.data;
} catch (err) {
console.log('Oh no! Authentication failed because ' + err.message);
}
```

</TabItem>

<TabItem label="Rust">

```rust
use tauri_plugin_biometric::{BiometricExt, AuthOptions};

fn bio_cipher(app_handle: tauri::AppHandle, original_data: Option<String>) {

let encrypt_options = AuthOptions {
// ... other options
data_to_encrypt: original_data.unwrap()
};

// if the encryption was successful, the function returns Result::Ok(CipherResult)
// otherwise returns Result::Error()
match app_handle.biometric().biometric_cipher("Passwordless authentication".to_string(), encrypt_options) {
Ok(encrypted) => {
println!("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!");
}
Err(e) => {
println!("Oh no! Authentication failed because : {e}");
}
}

let decrypt_options = AuthOptions {
// ... other options
data_to_decrypt: encrypted.data
};

// if the encryption was successful, the function returns Result::Ok(CipherResult)
// otherwise returns Result::Error()
match app_handle.biometric().biometric_cipher("Passwordless authentication".to_string(), decrypt_options) {
Ok(decrypted) => {
println!("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!");
}
Err(e) => {
println!("Oh no! Authentication failed because : {e}");
}
}

assert_equal!(decrypted.data, original_data.unwrap());

}
```

</TabItem>
</Tabs>

## Permissions

By default all potentially dangerous plugin commands and scopes are blocked and cannot be accessed. You must modify the permissions in your `capabilities` configuration to enable these.