iOS生物识别本地身份验证

+ Shubaham Jain

实施TouchID身份验证

TouchID / FaceID是基于称为本地身份验证的框架的功能，该功能提供了用于从具有指定安全策略的用户请求身份验证的功能。

在应用程序中使用时，本地身份验证可以处理TouchID / FaceID的所有内容。 它将通过自定义消息提示您进行身份验证，该消息将告诉用户我们为什么需要身份验证，因此用户可以将手指放在主页按钮上。

本地认证框架

LocalAuthentication框架用于在iOS移动应用程序中实现TouchID或FaceID身份验证。touchId身份验证的使用基于本地身份验证框架。

为了实现touchId功能，我们首先在项目中添加了LocalAuthentication框架。

在项目导航中

->选择目标->进入构建阶段->单击链接二进制文件与库->添加框架

在项目目标中添加LocalAuthentication Framework

现在我们可以编写代码了。 在AppDelegate类中，导入LocalAuthentication.framework

使用以下语句

@import LocalAuthentication; 

下一步是要求框架通过评估策略功能可以将touchID应用于特定设备，它将接受两个参数，一个是我们要评估的策略名称，第二个是错误代码。

在App中实现TouchID时，请确定以下几种情况：

 Case 1 : Device is enabled with Biometric Sensor or not. 
 Case 2 : At Least one Fingerprint is enrolled in device or not to check Biometric sensor availability. 

LAPolicy有两种类型，

1. deviceOwnerAuthenticationWithBiometrics：限制了仅使用生物特征认证来认证设备所有者。

2. deviceOwnerAuthentication：它将允许应用程序使用生物识别或设备密码来验证设备所有者。

情况1：

情况2：

生物特征认证对话框的行为与LAPolicyDeviceOwnerAuthenticationWithBiometrics使用的对话框相似。 但是，不是“输入密码”按钮，而是“输入密码”按钮，当您点击该按钮时，它将切换身份验证方法并允许用户输入设备密码。

注意：

5次尝试失败后，生物特征认证将被锁定。 之后，用户必须通过输入密码来解锁。 可以通过LAPolicyDeviceOwnerAuthentication在锁定屏幕上或甚至在应用程序中输入密码。锁定屏幕解锁是用户的首选体验，因为我们通常不希望用户根据应用程序的要求输入密码。

在AppDelegate中，首次启用带有生物特征传感器的检查设备，并且在首次启动该应用程序时至少在设备中注册了一个指纹

LAContext ： LAContext对象表示身份验证上下文，并提供用于评估身份验证策略的编程接口。

 LAContext *context = [[LAContext alloc] init]; 
 NSError *authError = nil;  Test if fingerprint authentication is available on 
 the device and a fingerprint has been enrolled.  if ([context canEvaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&authError]) { 
 [[NSUserDefaults standardUserDefaults] setBool:YES forKey:HAS_DEVICE_ENROLLED_TOUCH_ID]; 
 [[NSUserDefaults standardUserDefaults] setBool:YES forKey:HAS_DEVICE_BIOMETRY_SENSOR];  Biometric policy is successfully evaluated 
 device is enabled with Biometric sensor and 
 one fingerprint is enrolled in device. 
 } 
 else { 
 Could not evaluate policy; 
 look at authError and present an appropriate message to user 
 if(authError){ 
 if (@available(iOS 11.0, *)) { 
 if(authError.code == LAErrorBiometryNotAvailable){ 
 Device is not enable with Biometry sensor 
 on iOS version 11 onwards 
 } 
 else if(authError.code == LAErrorBiometryNotEnrolled){ 
 Device is enable with Biometry sensor but 
 touchID is not enrolled in Device 
 } 
 } 
 else { 
 Fallback approach on earlier versions   if (authError.code == LAErrorTouchIDNotAvailable){ 
 Device is not enable with Biometry sensor 
 on iOS version is below 11 
 } 
 else if(authError.code == LAErrorTouchIDNotEnrolled){ 
 Device is enable with Biometry sensor but 
 touchID is not enrolled in Device 
 } 
 } 
 } 
 } 
 }  if (authError.code == LAErrorTouchIDNotAvailable){ 
 Device is not enable with Biometry sensor 
 on iOS version is below 11 
 } 
 else if(authError.code == LAErrorTouchIDNotEnrolled){ 
 Device is enable with Biometry sensor but 
 touchID is not enrolled in Device 
 } 
 } 
 } 
 } 
 } 

注意：

 Before iOS 11 it was TouchIDLockout, touchIDNotAvailable, and touchIDNotEnrolled 
 respectively. 

在ViewController类中

首先检查设备是否具有ViewDidLoad方法中的生物特征传感器。如果是，请在应用程序中显示生物特征身份验证选项。

 - (void)viewDidLoad 
 { 
 hasBiometrySensor = [[NSUserDefaults standardUserDefaults] boolForKey:HAS_DEVICE_BIOMETRY_SENSOR]; 
 if(SHOW_FINGERPRINT_LOGIN && hasBiometrySensor){ 
 [self.biometryView setHidden:NO]; 
 } 
 else{ 
 [self.biometryView setHidden:YES]; 
 } 
 } 

之后，如果设备具有生物特征选项，并且触摸ID未在设备中注册，则在touchButton上点击，要求用户将touchID注册到设备中

  -(void)setUPTouchIDInDevice{  UIAlertActionButton *button = [[UIAlertActionButton alloc] initWithTitle:@"OK" 
 style:UIAlertActionStyleDefault 
 andActionHandler:^{ 
 NSURL *url = [NSURL URLWithString:@"App-Prefs:root=TOUCHID_PASSCODE"]; 
 if([[UIApplication sharedApplication] canOpenURL:url]){ 
 [[UIApplication sharedApplication] openURL:url]; 
 NSLog(@"go to device settings to enroll fingerprint"); 
 } 
 }]; 
 UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Touch ID Setup" 
 message:@"Please setup Touch ID in your device" 
 actionButtons:@[button] 
 presentViewController:self 
 animation:YES 
 andCompletionHandler:nil]; 
 [alert showOPActionAlert]; 
 }  UIAlertActionButton *button = [[UIAlertActionButton alloc] initWithTitle:@"OK" 
 style:UIAlertActionStyleDefault 
 andActionHandler:^{ 
 NSURL *url = [NSURL URLWithString:@"App-Prefs:root=TOUCHID_PASSCODE"]; 
 if([[UIApplication sharedApplication] canOpenURL:url]){ 
 [[UIApplication sharedApplication] openURL:url]; 
 NSLog(@"go to device settings to enroll fingerprint"); 
 } 
 }]; 
 UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Touch ID Setup" 
 message:@"Please setup Touch ID in your device" 
 actionButtons:@[button] 
 presentViewController:self 
 animation:YES 
 andCompletionHandler:nil]; 
 [alert showOPActionAlert]; 
 } 

在设备中注册了touchID之后，要求用户在应用程序中注册touchID

 -(void)enrolledTouchIDInAppliction{ 
 
 LAContext *context = [[LAContext alloc] init]; 
 NSError *authError = nil; 
 
 Test if fingerprint authentication is available 
 on the device and a fingerprint has been enrolled. 
 
 NSString *myLocalizedReasonString = @"Please authenticate using your fingerprint."; 
 
 if ([context canEvaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&authError]) { 
 
 [context evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics 
 
 localizedReason:myLocalizedReasonString 
 
 reply:^(BOOL success, NSError *error) { 
 if (success) { 
 NSLog(@"User authenticated successfully, take appropriate action"); 
 } 
 else { 
 NSLog(@"User did not authenticate successfully, look at error and take appropriate action"); 
 if(error.code == -1){ 
 NSLog(@"Application retry limit exceeded"); 
 } 
 else if(error.code == LAErrorUserCancel){ 
 NSLog(@"user has tapped the home button and authentication is canced by user"); 
 } 
 if (@available(iOS 11.0, *)) { 
 if(error.code == LAErrorBiometryLockout){ 
 
 NSLog(@"Authentication was not successful, 
 because there were too many failed biometry attempts(5 consequitive attempts)and biometry is now locked.Passcode is required to unlock biometry"); 
 } 
 else if(error.code == LAErrorSystemCancel){ 
 NSLog(@"Authentication was canceled by system (eg another application went to foreground)."); 
 } 
 else if(error.code == LAErrorSystemCancel){ 
 NSLog(@"Authentication was canceled by system (eg another application went to foreground)."); 
 } 
 else {} 
 } 
 else { 
 // Fallback approach on earlier versions 
 if (error.code == LAErrorTouchIDLockout){ 
 
 NSLog(@"Authentication was not successful,because there were too many failed biometry attempts and biometry is now locked.Passcode is required to unlock biometry"); 
 } 
 else {} 
 } 
 } 
 }]; 
 } 
 else { 
 
 if (authError.code) { 
 
 NSLog(@"There is no need to handle evaluate policy auth error as user is already handled the policy evaluated error in app delegate if user is not handling the policy evaluated error in app delegate then handle the auth error here."); 
 } 
 } 
 } 

一旦用户在应用程序中注册了触摸ID，则用户便可以使用指纹来执行任务，例如登录应用程序。

我尝试创建用于生物特征认证的高级工作流程，这也可能会帮助您了解工作流程。

谢谢

如果您喜欢这篇文章，请在Medium上愚弄我。 当我有新事物要分享时。 这是找出我何时撰写更多此类文章的最佳方法。

iOSBlogger：https://zenshubham.blogspot.com/2018/03/biometric-integration-in-ios-mobile.html

• Swift 4.2 Reduce和CoreLocation：总行驶距离🚗
• Swift 4集合类型

• 检查iPad是否处于静音模式
• 将由date分隔的部分添加到Swift中的UITableView
• 如何从NSURLSessionTask禁用caching
• 如何asynchronous加载dynamicUITableView图像？
• Swift将unix时间转换为date和时间
• 从iOS客户端上传到Dropbox时如何避免“冲突副本”
• 如何使UIImageView自动resize的图像加载的大小
• iOS应用程序崩溃后，UITextField文本input，popup，然后推我的navController（NSISObjectiveLinearExpression coefficientForVariable）
• 在后台线程中加载UIImage会导致ImageIO错误