Onboarding: saving credentials to Keychain after account creation

Closes: #17085
2025-02-22 11:38:57 +00:00 · 2025-02-18 18:48:10 +01:00 · 2025-02-18 18:48:10 +01:00 · cf2c221c02
commit cf2c221c02
parent c9ba6a25d6
9 changed files with 51 additions and 37 deletions
--- a/src/app/boot/app_controller.nim
+++ b/src/app/boot/app_controller.nim
@ -543,7 +543,8 @@ proc finishAppLoading*(self: AppController) =
    self.startupModule = nil

  if not self.onboardingModule.isNil:
-    self.onboardingModule.onAppLoaded()
+    let account = self.accountsService.getLoggedInAccount()
+    self.onboardingModule.onAppLoaded(account.keyUid)
    self.onboardingModule = nil

  self.mainModule.checkAndPerformProfileMigrationIfNeeded()
--- a/src/app/modules/onboarding/io_interface.nim
+++ b/src/app/modules/onboarding/io_interface.nim
@ -10,7 +10,7 @@ import app/modules/onboarding/post_onboarding/task
 method delete*(self: AccessInterface) {.base.} =
  raise newException(ValueError, "No implementation available")

-method onAppLoaded*(self: AccessInterface) {.base.} =
+method onAppLoaded*(self: AccessInterface, keyUid: string) {.base.} =
  raise newException(ValueError, "No implementation available")

 method onNodeLogin*(self: AccessInterface, error: string, account: AccountDto, settings: SettingsDto) {.base.} =
--- a/src/app/modules/onboarding/module.nim
+++ b/src/app/modules/onboarding/module.nim
@ -65,8 +65,8 @@ method delete*[T](self: Module[T]) =
  self.viewVariant.delete
  self.controller.delete

-method onAppLoaded*[T](self: Module[T]) =
-  self.view.appLoaded()
+method onAppLoaded*[T](self: Module[T], keyUid: string) =
+  self.view.appLoaded(keyUid)
  singletonInstance.engine.setRootContextProperty("onboardingModule", newQVariant())
  self.view.delete
  self.view = nil
--- a/src/app/modules/onboarding/view.nim
+++ b/src/app/modules/onboarding/view.nim
@ -33,7 +33,7 @@ QtObject:

  ### QtSignals ###

-  proc appLoaded*(self: View) {.signal.}
+  proc appLoaded*(self: View, keyUid: string) {.signal.}
  proc accountLoginError*(self: View, error: string, wrongPassword: bool) {.signal.}

  ### QtProperties ###
--- a/storybook/pages/OnboardingLayoutPage.qml
+++ b/storybook/pages/OnboardingLayoutPage.qml
@ -163,11 +163,9 @@ SplitView {
            signal accountLoginError(string error, bool wrongPassword)
        }

-        biometricsAvailable: ctrlBiometrics.checked
-        isBiometricsLogin: ctrlTouchIdUser.checked
+        keychain: keychain

-        onBiometricsRequested: (profileId) => biometricsPopup.open()
-        onDismissBiometricsRequested: biometricsPopup.close()
+        biometricsAvailable: ctrlBiometrics.checked

        onFinished: (flow, data) => {
            console.warn("!!! ONBOARDING FINISHED; flow:", flow, "; data:", JSON.stringify(data))
@ -337,16 +335,22 @@ SplitView {
        }
    }

-    BiometricsPopup {
-        id: biometricsPopup
+    KeychainMock {
+        id: keychain

-        x: root.Window.width - width
+        parent: root

-        onObtainingPasswordSuccess: {
+        readonly property alias touchIdChecked: ctrlTouchIdUser.checked
+        onTouchIdCheckedChanged: onboarding.keychainChanged()
+
+        function hasCredential(account) {
            const isKeycard = onboarding.currentPage instanceof LoginScreen
                            && onboarding.currentPage.selectedProfileIsKeycard

-            onboarding.setBiometricResponse(isKeycard ? mockDriver.pin : mockDriver.password)
+            keychain.saveCredential(account, isKeycard ? mockDriver.pin : mockDriver.password)
+
+            return touchIdChecked ? Keychain.StatusSuccess
+                                  : Keychain.StatusNotFound
        }
    }

--- a/ui/app/AppLayouts/Onboarding2/OnboardingFlow.qml
+++ b/ui/app/AppLayouts/Onboarding2/OnboardingFlow.qml
@ -31,7 +31,7 @@ OnboardingStackView {

    // functions
    required property var generateMnemonic
-    required property var isBiometricsLogin
+    required property var isBiometricsLogin // (string account) => bool
    required property var passwordStrengthScoreFunction
    required property var isSeedPhraseValid
    required property var validateConnectionString
@ -190,7 +190,8 @@ OnboardingStackView {
            keycardRemainingPukAttempts: root.remainingPukAttempts

            loginAccountsModel: root.loginAccountsModel
-            isBiometricsLogin: root.isBiometricsLogin(loginScreen.selectedProfileKeyId)
+            isBiometricsLogin: root.biometricsAvailable &&
+                               root.isBiometricsLogin(loginScreen.selectedProfileKeyId)

            onBiometricsRequested: (profileId) => root.biometricsRequested(profileId)
            onDismissBiometricsRequested: root.dismissBiometricsRequested()
--- a/ui/app/AppLayouts/Onboarding2/OnboardingLayout.qml
+++ b/ui/app/AppLayouts/Onboarding2/OnboardingLayout.qml
@ -20,9 +20,9 @@ Page {
    required property OnboardingStore onboardingStore
    required property Keychain keychain

-    property bool biometricsAvailable: Qt.platform.os === Constants.mac
-
+    property bool biometricsAvailable
    property bool networkChecksEnabled: true
+
    property alias keycardPinInfoPageDelay: onboardingFlow.keycardPinInfoPageDelay

    readonly property alias stack: onboardingFlow
--- a/ui/app/AppLayouts/Onboarding2/stores/OnboardingStore.qml
+++ b/ui/app/AppLayouts/Onboarding2/stores/OnboardingStore.qml
@ -7,7 +7,7 @@ import AppLayouts.Onboarding.enums 1.0
 QtObject {
    id: root

-    signal appLoaded
+    signal appLoaded(string keyUid)

    readonly property QtObject d: StatusQUtils.QObject {
        id: d
--- a/ui/main.qml
+++ b/ui/main.qml
@ -420,7 +420,7 @@ StatusWindow {
    Keychain {
        service: "StatusDesktop"

-        id: keychain
+        id: appKeychain
    }

    Component {
@ -444,21 +444,42 @@ StatusWindow {
            anchors.fill: parent

            networkChecksEnabled: true
+
+            // TODO: cover case when biometrics is globally disabled on mac
            biometricsAvailable: Qt.platform.os === Constants.mac

-            onboardingStore: onboardingStore
-            keychain: keychain
+            onboardingStore: OnboardingStore {
+                id: onboardingStore
+
+                onAppLoaded: {
+                    applicationWindow.appIsReady = true
+                    applicationWindow.storeAppState()
+                    moveToAppMain()
+                }
+                onAccountLoginError: function (error, wrongPassword) {
+                    onboardingLayout.stack.pop()
+                }
+            }
+
+            keychain: appKeychain

            onFinished: (flow, data) => {
                const error = onboardingStore.finishOnboardingFlow(flow, data)

-                if (error != "") {
+                if (error !== "") {
                    // We should never be here since everything should be validated already
                    console.error("!!! ONBOARDING FINISHED WITH ERROR:", error)
                    return
                }
                stack.clear()
                stack.push(splashScreenV2, { runningProgressAnimation: true })
+
+                if (!data.enableBiometrics)
+                    return
+
+                onboardingStore.appLoaded.connect((keyUid) => {
+                    appKeychain.saveCredential(keyUid, data.password || data.pin)
+                })
            }

            onLoginRequested: function (keyUid, method, data) {
@ -473,19 +494,6 @@ StatusWindow {
                }
            }
            onCurrentPageNameChanged: Global.addCentralizedMetricIfEnabled("navigation", {viewId: currentPageName})
-
-            OnboardingStore {
-                id: onboardingStore
-
-                onAppLoaded: {
-                    applicationWindow.appIsReady = true
-                    applicationWindow.storeAppState()
-                    moveToAppMain()
-                }
-                onAccountLoginError: function (error, wrongPassword) {
-                    onboardingLayout.stack.pop()
-                }
-            }
        }
    }