This Flutter package helps the user to login quickly. When the user has saved in the platform specific password manager credentials will be filled out by a simple confirmation or account chooser depending on the platform. You can also save the users credentials with a simply API call. On supported platforms those credentials will be synced on all your devices.
On Android and Apple devices you can also store a login token to sign in seamlessly without any interaction. So when your user uses your app on a new device for the first time your user will be already signed in.
You can check the web example app on the GitHub page in supported (Chromium based) browsers.
You can safe and request Credentials and store and read Login Tokens for automatic logins without any user interaction.
| Android | iOS | Linux | MacOS | Web | Windows | |
|---|---|---|---|---|---|---|
| Credentials | ✅ | ✅ | ✅ | ✅* | ✅** | ✅*** |
| LoginToken | ✅ | ✅ | ✅ |
*) It seems that saving is just supported on iOS
**) Just on chromium based browsers
***) The documentation of the API mentions that a "Pro" Version is required
On Android CredentialManager is used. The documentation is not very clear, but it seems that with the PlayServices devices back to Android 4.4 are supported. There is currently no documentation how or if it works on non Google Play certificated devices.
The Android implementation uses the CredentialManager API to query the
credentials. This API requires native asynchronous code. This code is written in
Kotlin and uses Coroutines. Since the CredentialManager starts a System
Activity the Activity lifecycle needs to be maintained, this is managed with
the Android Jetpack's Lifecycle API.
The simplest way to add to your MainActivity the
LiveCycleOwner interface is to change the
base class of your MainActivity to
FlutterFragmentActivity.
If you MainActivity is empty you can directly reference the base class in your
AndroidManifest, then you can delete your MainActivity entirely. In that
case you can simply replace in your AndroidManifest (the default path is
android/app/main/src/AndroidManifest.xml) the line:
android:name=".MainActivity" by
android:name="io.flutter.embedding.android.FlutterFragmentActivity".
Digital asset links is a way to link your app with a website also called App Links. In order to provide a full example, the example app needs to be signed correctly. Right now the signing key is not checked in, but might be the CI will get the ability to sign the example app in the future so that you can test it by your own.
For the demo you need to publish a .well-known/assetlinks.json which is
mirrored in example/web/.well-known/assetlinks.json. However since this is
published on github.io the folder will be visible at
https://rekire.github.io/autologin_plugin/.well-known/assetlinks.json instead
of https://rekire.github.io/.well-known/assetlinks.json, therefore I uploaded
that file in a second repository
rekire/rekire.github.io where the
latest version is actually hosted. In order to publish "dot" directories I had
also to define a _config.yaml.
If you want to test your own setup use the Statement List Generator and Tester.
As simple check if the linking works fine check this link on your Android phone, if that opens in Chrome the Example App without an Intent Chooser then this works correctly.
For storing credentials the
Shared Web Credentials are used. In order
to make this working you need to setup the Associated Domains
Entitlement.
The main documentation can be found on the
Apple Developer site. At least the
apple-app-site-association file must be reachable at
https://<your-domain>/.well-known/apple-app-site-association
and must contain something like:
{
"webcredentials": {
"apps": [
"<your-team-id>.<your-bundle-id>"
]
}
}Your team id can be found e.g. in ios/Runner.xcodeproj/project.pbxproj look
for the key DEVELOPMENT_TEAM, the bundle id is there too look for
PRODUCT_BUNDLE_IDENTIFIER. Apple is caching that requests to the file above
with their CDN, but you can check the cached value here:
https://app-site-association.cdn-apple.com/a/v1/<your-domain>
If you have not setup your app check https://developer.apple.com/account/resources/identifiers/list
In order to use the zero touch login on iOS and MacOS you need to add the iCloud capability and configure iCloud Key-Value Storage in your Xcode project. Here is a step per step guide:
- Open your Xcode project.
- Select your project in the Project Navigator to open the project settings.
- Select your target under "Targets."
- Go to the "Signing & Capabilities" tab.
- Click the "+ Capability" button.
- Scroll down and select "iCloud."
- In the iCloud section, enable the "Key-Value storage" checkbox.
On Linux the D-Bus is used to save an query the password of your app. The native code uses for that like the flutter_secure_storage plugin libsecret. Based on a Blog entry you can store your secrets also directly in KeepassXC, however I was unable to test this integration.
On Web Credential Management API, but be aware that just Chrome, Edge and Opera support this feature (Source).
On Windows the APIs CredRead and CredWrite are
used. Like on Linux that API is used without any user interface.
- Extend installation documentation. In the mean time you can use the example app.
- Build and sign the Android sample app and publish it as artifact (ideally via GitHub Action and as instant app)