Hi guys,
Wanted to share you my Touch ID Authentication script:
https://gist.github.com/b0c075cfde406280cbf7
If you wanna improve it make a pull request on the gist, for questions reply to the post :-)
Thanks,
Filippo
NOTE: Line 7 doesn't actually steal your fingerprint, there isn't even a way to do that, was only a funny example text xD
Cool stuff!
(How did you figure out how to do this - was there an ObjC example that you followed? I can't make heads or tails of the objc_util module....)
Looks great. Works well for me on iPad Air2. But if intentionally fail it by using the wrong finger it won't authenticate on subsequent tries. I get max tries. I guess something maybe something to do with the policy flag you are passing in that sets the retires or something like that. I have thumb and index finger recorded, using either on on first try works as expected.
But looks like there are going to some very cool things coming to pythonista.
Thanks
The funny thing is i have an ipad air 2(that has touch id) but i cant test the script cause it doesn't recognize my fingerprints.
Can you tell me what error do you get?
I get 2 different type of error messages, listed below. It's hard to tell you when I get one of the other. It's a little mixed. This could be the amount of time between I run the script again etc. I am not sure. I also sometimes get a full screen passcode request coming up, to reset. I think after the 'Biometry is locked out' error
Error Domain=com.apple.LocalAuthentication Code=-1 "Application retry limit exceeded." UserInfo=0x178277dc0 {NSLocalizedDescription=Application retry limit exceeded.}
Error Domain=com.apple.LocalAuthentication Code=-1 "Biometry is locked out." UserInfo=0x178276dc0 {NSLocalizedDescription=Biometry is locked out.}
There are quite a few combos. I can keep testing in a more controlled way if it helps.
I updated the gist to handle theese two errors and added a password alert option.
Tell me if you understand the code cause as i told you i cant help for the 1st try fingerprint. What errors does it print when you use the right finger for the 2nd try?
I don't understand the code. Beyond me at the moment. But seems to be working 100% now. I can do 2 bad tries and the third try, use the right finger and its authenticated. Look, it could have been me. I am sitting in a bar drinking, so my fingers getting wet. I thought I was drying them. Maybe not enough. Also, the glass is cold, which makes my fingers cold. It could have an effect on the sensor, not sure. But seems to be working well now.
Surprised you are having problems on your iPad Air 2.
I don't think I can submit a pull request, but here's my fork with some improvements:
https://gist.github.com/omz/66a763a9db15dc847690
I've refactored the code a little to make it usable as a module. The authenticate() function basically encapsulates all the callback logic, so you can simply call it, and it'll either return True or raise an AuthFailedException (there are subclasses for more specific errors).
It also supports a timeout, and you can specify whether the device passcode should be allowed as an alternative if TouchID fails.
@Phuket2 Glad it works, for my ipad i'll have to take it to the apple store.
@omz thanks, i was planning to do it but you anticipated me :-)
I'd do 2 things:
-Implement it in the keychain module( i wanted to do it but i cant find the keychain module)
-add the ability to set a password instead of a passcode
@hyshai I don't get notifications for Gist comments, so let's move this here... You said that my fork crashes on iPhone 6 / iOS 8.4.1. Could you provide a few more details? Does it crash immediately or after the TouchID dialog is shown. Does @filippocld's version crash as well? Which beta build do you have installed?
@omz sorry about that. I figured out what causes the crash - a policy with the value of 2 causes it. If I change policy = 2 if allow_passcode else 1 to policy = 1 it works fine.
(I'm running 160032 on 8.4.1 iPhone 6)
I made a module based on your code: https://gist.github.com/d44b83d80f2f77e4f832
To run it you just call authenticate() with an optional string if you want to supply a reason. It will return True if the user authenticated (with either TouchID or passcode) and False if it was cancelled.
@ProfSpaceCadet nice. Although rather than doing
while result == None:
pass
while you're waiting for a result (which will likely burn CPU), would probably be better to add a threading.Event, and wait on that event instead of looping.
@gregr , @ProfSpaceCadet , maybe a time out param , maybe default 30 secs
@omz said:
I don't think I can submit a pull request, but here's my fork with some improvements:
https://gist.github.com/omz/66a763a9db15dc847690
I've refactored the code a little to make it usable as a module. The
authenticate()function basically encapsulates all the callback logic, so you can simply call it, and it'll either returnTrueor raise anAuthFailedException(there are subclasses for more specific errors).It also supports a timeout, and you can specify whether the device passcode should be allowed as an alternative if TouchID fails.
@omz is the code still up to date? I noticed if it times out my Pythonista_startup script runs. Is it intentional as part of security or has something broken. Testing in Pythonista v2 beta
Edit: for is_available I returned False. If Touch ID is not available, should it not ask for a passcode rather than just returning a message to the console
@Phuket2 said:
@omz said:
I don't think I can submit a pull request, but here's my fork with some improvements:
https://gist.github.com/omz/66a763a9db15dc847690
I've refactored the code a little to make it usable as a module. The
authenticate()function basically encapsulates all the callback logic, so you can simply call it, and it'll either returnTrueor raise anAuthFailedException(there are subclasses for more specific errors).It also supports a timeout, and you can specify whether the device passcode should be allowed as an alternative if TouchID fails.
@omz is the code still up to date? I noticed if it times out my Pythonista_startup script runs. Is it intentional as part of security or has something broken. Testing in Pythonista v2 beta
Edit: for is_available I returned False. If Touch ID is not available, should it not ask for a passcode rather than just returning a message to the console
@omz , if you call the authenticate method without Params, cashes straight away. I am guessing it has to do with you reason param default ''. It does not like that. If I change the default in the call, it's fine. Also, timeout works differently if I pass a named param timeout = 20 for example. The exception is raised rather than rerunning my Pythonista_startup (a reboot I guess)
@omz Your fork crashes my Pythonista 3 unfortunately, however I've tried HyShai's fix with no change. Here's my implementation.
from func import TouchID
cfg['touchIDEnabled'] = True
...
if cfg['touchIDEnabled'] == True:
fp = TouchID.authenticate('To continue to x, please use fingerprint.', allow_passcode=False)
My TouchID file is the exact same as the original, besides the change HyShai suggested. Probably worth mentioning that my actual script is 1100+ lines long (main reason being I have a very complex UI that I did manually rather than using the builder), which I imagine doesn't help. Any ideas?
Pythonista 3, iOS 10.1.1.
Edit: looks like there's nothing wrong with the module, I tried a similar implementation in another file (obviously massively shorter) and it worked fine. I might have to work on some optimisation, see what happens. I'm on an air2.
Edit2: Simply commenting stuff out, running, uncommenting seems to fix the crashes. Strange but it's happened before to me. ¯\_(ツ)_/¯
@omz
Same problem for me, crash in a big script of 250 lines, no problem with a little test script.
Error is "Fatal Python error: Segmentation fault"
Crash just after the touchid window, either if correct finger, cancel or timeout!