Ionic Native Fingerprint AIO process

Question

I'm trying to figure out how the Fingerprint AIO / touchId login would work with our API authentication.

After the user logs in and enables touchId, do we need to generate an access token with long expiry for future fingerprint logins?

Looking through some sample implementations of the feature online I was hoping there was some kind of signature or hash that touchId would return that we could store and validate against.

But all I was finding is that mostly just returns with a success or failure status.

Is there a flow that’s typical here?

Any insight would be helpful.

Thanks!

Answer 1

maybe you can build your own encrypted signature store in ionic native storage.

For example, encrypt your userid+password (just example) and store inside the local storage, when calling the fingerprint aio, you call it out and put it in the "fingerprintOptions" > clientId/clientSecret. If user successfully authenticated, then you call out the clientId/clientSecret by "this.fingerprintOptions.clientId/clientSecret" which will get your encrypted signature and then send it to your server to do decryption. After the decryption and return success message and let the user to login. Those are just my concept to share with you.

My concept would be:

1. Ask user to key in (first time setup)username and password to create the encrypted signature and send back to your server to store it and store one in ionic native storage. (used to send to server to authenticate)
2. when user got in the app, check if the user registered the signature and popup the fingerprint. After successful authenticate will auto login to the app.

Note: How to do encryption and decryption for the signature is up to you, this is just a concept.

The ionic native storage can be found here: https://ionicframework.com/docs/storage/

Hope this help you out for your though, and sorry for the bad English.