Forum Academy Marketplace Showcase Pricing Features

📲 Face & Touch ID Authenticator Plugin

Hi there, I might be missing something, but the login workflow is kinda particular . Why don’t you use directly sign in wih apple instead of “ convert regular login password to registered biometric workflow that still generates a password” ?

plus having access to the password is a big red flag in gdpr world.

1 Like

Hello, sign in with Apple is not a broswer api, it requires the developer to make a call to Apple server after registering their application for oauth.

This plugin does not generate a password, it returns a credential id via javascript promises, as outlined on the plugin page.

We included two extra actions to encrypt and decrypt the password using salt (the same technology Bubble uses). So the developer does not have direct access to the password stored in the database.

Sure but as an app developer i can change this, right ?
Anyways, congrats on launch. Is this the same as https://webkit.org/blog/11312/meet-face-id-and-touch-id-for-the-web/ ?

1 Like

I dont understand your first question, could you rephrase it please? Yes it’s the same process described by Webkit.

If you are concerned about storing passwords, an option is to use ‘generate temporary password action’. This will circumvent the need to do any encryption, although it resets the users password each time.

Then when your user would like to sign without Face/Touch ID, you would send them an email with a special magic link containing a secret parameter. On page load, cross reference the secret and log the user in accordingly. This flow is similar to Bubble’s native password reset.