tessl/npm-dcloudio--uni-app-plus
A runtime library for uni-app's app-plus platform, which provides mobile app functionality for the uni-app cross-platform framework
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
biometric-auth.mddocs/
Biometric Authentication APIs
Secure biometric authentication capabilities including fingerprint, face recognition, and voice authentication using the SOTER security framework.
Capabilities
Authentication Support Detection
Check device biometric authentication capabilities.
/**
* Check if the device supports biometric authentication
* @param options - Options with callbacks for result handling
*/
function checkIsSupportSoterAuthentication(options: CheckIsSupportSoterAuthenticationOptions): void;
/**
* Check if biometric authentication is enrolled on the device
* @param options - Options with authentication type and callbacks
*/
function checkIsSoterEnrolledInDevice(options: CheckIsSoterEnrolledInDeviceOptions): void;
interface CheckIsSupportSoterAuthenticationOptions {
success?: (result: SoterAuthenticationSupport) => void;
fail?: (error: SoterError) => void;
complete?: () => void;
}
interface SoterAuthenticationSupport {
supportMode: string[];
isEnrolled: boolean;
}
interface CheckIsSoterEnrolledInDeviceOptions {
checkAuthMode: 'fingerPrint' | 'facial' | 'speech';
success?: (result: SoterEnrollmentResult) => void;
fail?: (error: SoterError) => void;
complete?: () => void;
}
interface SoterEnrollmentResult {
isEnrolled: boolean;
errMsg: string;
}
interface SoterError {
errCode: number;
errMsg: string;
}Biometric Authentication
Perform biometric authentication with various methods.
/**
* Start biometric authentication process
* @param options - Authentication options with method and configuration
*/
function startSoterAuthentication(options: StartSoterAuthenticationOptions): void;
interface StartSoterAuthenticationOptions {
requestAuthModes: ('fingerPrint' | 'facial' | 'speech')[];
challenge: string;
authContent?: string;
success?: (result: SoterAuthenticationResult) => void;
fail?: (error: SoterAuthenticationError) => void;
complete?: () => void;
}
interface SoterAuthenticationResult {
authMode: string;
resultJSON: string;
resultJSONSignature: string;
errCode: number;
errMsg: string;
}
interface SoterAuthenticationError {
errCode: number;
errMsg: string;
authMode?: string;
}Usage Examples:
import uni from "@dcloudio/uni-app-plus";
// Check if biometric authentication is supported
uni.checkIsSupportSoterAuthentication({
success(result) {
console.log('Supported authentication modes:', result.supportMode);
console.log('Is enrolled:', result.isEnrolled);
if (result.supportMode.includes('fingerPrint')) {
console.log('Fingerprint authentication supported');
}
if (result.supportMode.includes('facial')) {
console.log('Face recognition supported');
}
if (result.supportMode.includes('speech')) {
console.log('Voice recognition supported');
}
},
fail(error) {
console.error('SOTER not supported:', error);
}
});
// Check if fingerprint authentication is enrolled
uni.checkIsSoterEnrolledInDevice({
checkAuthMode: 'fingerPrint',
success(result) {
if (result.isEnrolled) {
console.log('Fingerprint is enrolled');
// Proceed with authentication
startFingerprintAuth();
} else {
console.log('No fingerprint enrolled');
// Prompt user to enroll fingerprint in system settings
}
},
fail(error) {
console.error('Failed to check enrollment:', error);
}
});
// Start fingerprint authentication
function startFingerprintAuth() {
uni.startSoterAuthentication({
requestAuthModes: ['fingerPrint'],
challenge: 'unique-challenge-string-123',
authContent: 'Please verify your fingerprint to continue',
success(result) {
console.log('Authentication successful');
console.log('Auth mode:', result.authMode);
console.log('Result JSON:', result.resultJSON);
console.log('Signature:', result.resultJSONSignature);
// Parse the result for verification
try {
const authResult = JSON.parse(result.resultJSON);
console.log('Parsed result:', authResult);
// Verify signature with your backend
verifyAuthenticationResult(result.resultJSON, result.resultJSONSignature);
} catch (e) {
console.error('Failed to parse auth result:', e);
}
},
fail(error) {
console.error('Authentication failed');
console.log('Error code:', error.errCode);
console.log('Error message:', error.errMsg);
// Handle different error scenarios
switch (error.errCode) {
case 90001:
console.log('User cancelled authentication');
break;
case 90002:
console.log('Authentication failed - try again');
break;
case 90003:
console.log('Authentication method not available');
break;
case 90007:
console.log('Too many failed attempts');
break;
default:
console.log('Unknown authentication error');
}
}
});
}
// Multi-modal authentication (fingerprint or face)
uni.startSoterAuthentication({
requestAuthModes: ['fingerPrint', 'facial'],
challenge: 'secure-challenge-456',
authContent: 'Please verify with fingerprint or face recognition',
success(result) {
console.log(`Authentication successful with ${result.authMode}`);
// Handle successful authentication
proceedWithSecureOperation(result);
},
fail(error) {
console.error('Multi-modal authentication failed:', error);
}
});
// Verify authentication result with backend
function verifyAuthenticationResult(resultJSON, signature) {
// Send to your secure backend for verification
fetch('/api/verify-biometric', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
resultJSON: resultJSON,
signature: signature,
timestamp: Date.now()
})
})
.then(response => response.json())
.then(data => {
if (data.verified) {
console.log('Server verification successful');
// Proceed with authenticated operation
} else {
console.error('Server verification failed');
// Handle verification failure
}
})
.catch(error => {
console.error('Verification request failed:', error);
});
}Authentication Flow Best Practices
// Complete authentication flow with proper error handling
async function authenticateUser() {
try {
// Step 1: Check if SOTER is supported
const supportResult = await new Promise((resolve, reject) => {
uni.checkIsSupportSoterAuthentication({
success: resolve,
fail: reject
});
});
if (!supportResult.supportMode.length) {
throw new Error('No biometric authentication supported');
}
// Step 2: Check enrollment for preferred method
const enrollmentResult = await new Promise((resolve, reject) => {
uni.checkIsSoterEnrolledInDevice({
checkAuthMode: 'fingerPrint', // Or 'facial'
success: resolve,
fail: reject
});
});
if (!enrollmentResult.isEnrolled) {
// Guide user to system settings
showEnrollmentGuide();
return;
}
// Step 3: Perform authentication
const authResult = await new Promise((resolve, reject) => {
uni.startSoterAuthentication({
requestAuthModes: ['fingerPrint'],
challenge: generateSecureChallenge(),
authContent: 'Authenticate to access secure content',
success: resolve,
fail: reject
});
});
// Step 4: Verify with backend
const verified = await verifyWithBackend(authResult);
if (verified) {
console.log('Authentication complete');
return true;
} else {
throw new Error('Backend verification failed');
}
} catch (error) {
console.error('Authentication process failed:', error);
handleAuthenticationError(error);
return false;
}
}
function generateSecureChallenge() {
// Generate a unique challenge string
return `challenge_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
}
function showEnrollmentGuide() {
uni.showModal({
title: 'Biometric Setup Required',
content: 'Please set up fingerprint authentication in your device settings to use this feature.',
showCancel: false,
confirmText: 'OK'
});
}Error Codes
Common SOTER authentication error codes:
90001: User cancelled authentication90002: Authentication failed (biometric not recognized)90003: Authentication method not available90004: SOTER not supported on device90005: Authentication method not enrolled90006: System authentication UI busy90007: Too many failed attempts (temporary lockout)90008: User locked out (requires passcode/pattern)90009: Authentication timeout90010: Invalid challenge parameter
Security Considerations
- Challenge Uniqueness: Always use unique, time-based challenges
- Backend Verification: Never trust client-side authentication results alone
- Signature Validation: Verify the resultJSONSignature on your secure backend
- Timeout Handling: Implement appropriate timeouts for authentication attempts
- Fallback Methods: Provide alternative authentication when biometrics fail
- Privacy: Biometric data never leaves the device - only authentication results are shared
Platform Support
- App-Plus (Android): ✅ Full support (Android 6.0+ required)
- App-Plus (iOS): ✅ Full support (iOS 11.0+ required)
- H5: ❌ Not supported
- Mini-Programs: ❌ Not supported
Requirements
- Android: API level 23+ (Android 6.0+), device with biometric hardware
- iOS: iOS 11.0+, device with Touch ID, Face ID, or equivalent
- Permissions: Biometric authentication permissions handled automatically