- Notifications
You must be signed in to change notification settings - Fork1
A simple and sophisticated session and authentication solution written in Swift
License
vitormesquita/MSession
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
It is a simple and easy solution to build a security and modular app with the latest apple biometric authentication.
MSessions usesKeychain to authenticate users and save sessions (Secret Key, User). It's really flexible, easy and scalable use in your app.
- Xcode 10.0+
- Swift 5.0+
- Swift 4.2: 0.1.6
- Swift 5.0: 1*
You can use each solution (Session/Auth) separately but by default, these solutions are together.
pod'MSession'
The subspec if you want to use App session solution
pod'MSession/Session'
The subspec if you want to use App authentication solution
pod'Mession/Auth'
If you don't use any dependency managers, you can integrate MSession in your project manually just adding the files which contain:
Session module contains all classes to manage an app session.
All this module runs around theSessionManager<T: AnyObject> class. This class is in charge to deal withcreate, update, expire and logout app session. By default, SessionManager needs anAnyObject to save on session. This object will be your "user" or "client" into the application.
So basically to use this module you need to have an instance of this class or create your own.
Create a shared instante:
staticletshared=SessionManager<User>(service:"MyAppService")
If you want to improve more things in your app session, like put an expire time or something else is more appropriate to create your own class.
Create your own class:
import MSessionclassAppSessionManager:SessionManager<User>{staticletshared=AppSessionManager(service:"MyAppService")...}
Create your own class is the most appropriate
To create aSessionManager instance you will need to provide aservice, it is an identifier to save and restore your app session
SessionManager by default has aDataStore implementation calledSessionDataStore, this implementation is usingNSKeyedArchiver andKeychain to save the session.
If you want to create a local store with realm or core data you can use MSession as well. You just need to create your own DataStore and implementSessionDataStoreProtocol.
import MSessionclassAppSessionDataStore:SessionDataStoreProtocol{ // implement all methods}
And pass the new DataStore to your SessionManager
import MSessionclassAppSessionManager:SessionManager<User>{staticletshared=AppSessionManager(dataStore:AppSessionDataStore())...}
OBS: If you are using default DataStore (SessionDataStore) yourUser MUST extendsNSObject & NSCoding
Auth module contains all classes to manage authentication usingBiometry (FaceID) andKeychain.AuthManager class contains all methods which you will need to ensure a secure authentication in your app.
As the Session module, you need to have an instance ofAuthManager class or create your own.
Create a shared instance:
staticletshared=AuthManager(service:"MyAppService")
Create your own class:
import MSessionclassAppAuthManager:AuthManager{staticletshared=AppAuthManager(service:"MyAppService")...}
To create anAuthManager instance you will need to provide aservice and optionally aoccupationGroup
service: Identifier to save and restore saved accounts and passwords.occupationGroup: An access group will create items across apps.
Not specifying anoccupationGroup(access group) will create items specific to each app.
AuthManager can be separated into two sections:
- Save accounts and passwords (Keychain)
- Use biometric authentication (Face/Touch ID)
AuthManager provides some functions to interact with Keychain and to secure users accounts and passwords. These functions are:
openfunc deleteAllAccounts()openfunc getSavedAccounts()throws->[MAccount]openfunc renameAccount(_ account:String, newAccount:String)throwsopenfunc saveAccount(account:String, password:String, deleteOthers:Bool=false)throws
MAccount is a typealias to a tuple that returnaccount: String andpassword: String
AuthManager provides some functions to interact with biometric authentication usingLAContext. These functions are:
publicvarbiometryType:BiometryTypepublicvarautomaticallyBiometryAuth:Boolopenfunc biometryIsAvailable()->Boolopenfunc biometryAuthentication(reason:String, completion:@escaping((BiometryError?)->Void))
LAContext is just available to iOS 11 or later, but you don't need to check any function to call. MSession handles it to you, but of course, some functions will return an error if you try to use it on iOS 10.
If you think that we can do the MSession more powerful please contribute to this project. And let's improve it to help other developers.
Create a pull request or let's talk about something in issues. Thanks a lot.
Vitor Mesquita,vitor.mesquita09@gmail.com
MSession is available under the MIT license. See the LICENSE file for more info.
About
A simple and sophisticated session and authentication solution written in Swift