Face Id

Introduction

• The biometric recognition is actually a kind of local authentication of mobile device

• Usually used for retrieve sensitive data (secure-store of mobile device) when required to login

Implementation

• The global store for biometric state

biometricStore.ts

import AsyncStorage from "@react-native-async-storage/async-storage";
import * as LocalAuthentication from "expo-local-authentication";
import * as SecureStore from "expo-secure-store";
import { create } from "zustand";
import { createJSONStorage, persist } from "zustand/middleware";

const CREDENTIALS_KEY = "biometric_credentials";

interface BiometricState {
  isBiometricEnabled: boolean;
  storedUserEmail: string | null;
  // Modal state (not persisted)
  isModalOpen: boolean;
  pendingCredentials: { email: string; password: string } | null;
}

interface BiometricActions {
  enableBiometric: (email: string, password: string) => Promise<void>;
  disableBiometric: () => Promise<void>;
  clearBiometric: () => Promise<void>;
  authenticateWithBiometric: () => Promise<{
    email: string;
    password: string;
  } | null>;
  checkBiometricAvailability: () => Promise<boolean>;
  // Modal actions
  promptEnableBiometric: (email: string, password: string) => void;
  confirmEnableBiometric: () => Promise<void>;
  dismissEnableBiometric: () => void;
}

type BiometricStore = BiometricState & BiometricActions;

export const useBiometric = create<BiometricStore>()(
  persist(
    (set, get) => ({
      isBiometricEnabled: false,
      storedUserEmail: null,
      isModalOpen: false,
      pendingCredentials: null,

      checkBiometricAvailability: async () => {
        const hasHardware = await LocalAuthentication.hasHardwareAsync();
        if (!hasHardware) return false;

        const isEnrolled = await LocalAuthentication.isEnrolledAsync();
        return isEnrolled;
      },

      enableBiometric: async (email: string, password: string) => {
        // Store credentials securely with biometric protection
        await SecureStore.setItemAsync(
          CREDENTIALS_KEY,
          JSON.stringify({ email, password }),
          {
            requireAuthentication: true,
            authenticationPrompt: "Authenticate to enable Face ID login",
          },
        );

        set({ isBiometricEnabled: true, storedUserEmail: email });
      },
      clearBiometric: async () => {
        await SecureStore.deleteItemAsync(CREDENTIALS_KEY);
        set({ isBiometricEnabled: false, storedUserEmail: null });
      },
      authenticateWithBiometric: async () => {
        try {
          // Retrieve stored credentials
          const credentialsJson = await SecureStore.getItemAsync(
            CREDENTIALS_KEY,
            {
              requireAuthentication: true,
              authenticationPrompt: "Authenticate to retrieve credentials",
            },
          );

          if (!credentialsJson) {
            return null;
          }

          return JSON.parse(credentialsJson) as {
            email: string;
            password: string;
          };
        } catch {
          return null;
        }
      },

      promptEnableBiometric: (email: string, password: string) => {
        set({ isModalOpen: true, pendingCredentials: { email, password } });
      },

      confirmEnableBiometric: async () => {
        const { pendingCredentials } = get();
        if (pendingCredentials) {
          // Store credentials securely with biometric protection
          await SecureStore.setItemAsync(
            CREDENTIALS_KEY,
            JSON.stringify(pendingCredentials),
            {
              requireAuthentication: true,
              authenticationPrompt: "Authenticate to enable Face ID login",
            },
          );
          set({
            isBiometricEnabled: true,
            storedUserEmail: pendingCredentials.email,
            isModalOpen: false,
            pendingCredentials: null,
          });
        }
      },

      dismissEnableBiometric: () => {
        set({
          isModalOpen: false,
          pendingCredentials: null,
        });
      },
    }),
    {
      name: "biometric-storage",
      storage: createJSONStorage(() => AsyncStorage),
      partialize: (state) => ({
        isBiometricEnabled: state.isBiometricEnabled,
        storedUserEmail: state.storedUserEmail,
      }),
    },
  ),
);

• The login UI with biometric handling

login.tsx

import { useEffect, useRef, useState } from "react";

import { zodResolver } from "@hookform/resolvers/zod";
import { useRouter } from "expo-router";
import { useForm } from "react-hook-form";
import { useTranslation } from "react-i18next";
import { Pressable, View } from "react-native";
import { Toast } from "toastify-react-native";
import { z } from "zod";

import { Button, FormInput, Typography } from "@/lib/components";
import { useAuth } from "@/lib/store/authStore";
import { useBiometric } from "@/lib/store/biometricStore";
import { useDebug } from "@/lib/store/debugStore";
import { FaceId } from "@/lib/svg";

import AuthLayout from "./_auth_layout";

import type { TextInput } from "react-native";

type LoginFormType = {
  email: string;
  password: string;
};

const loginSchema = z.object({
  email: z
    .string()
    .min(1, "請輸入有效的電子郵件地址")
    .email("請輸入有效的電子郵件地址"),
  password: z.string().min(1, "請輸入密碼"),
});

export default function Login() {
  const { signIn } = useAuth();
  const { t } = useTranslation();
  const router = useRouter();
  const passwordRef = useRef<TextInput>(null);
  const { log, error: logError } = useDebug();

  const {
    isBiometricEnabled,
    storedUserEmail,
    checkBiometricAvailability,
    authenticateWithBiometric,
    clearBiometric,
    promptEnableBiometric,
  } = useBiometric();

  const [isBiometricAvailable, setIsBiometricAvailable] = useState(false);
  const [isBiometricLoading, setIsBiometricLoading] = useState(false);

  const { formState, control, handleSubmit } = useForm<LoginFormType>({
    defaultValues:
      process.env.NODE_ENV === "development"
        ? {
            email: "user1@example.com",
            password: "password123",
          }
        : {
            email: "",
            password: "",
          },
    resolver: zodResolver(loginSchema),
    mode: "onChange",
    reValidateMode: "onChange",
  });
  const { isValid } = formState;

  useEffect(() => {
    const checkBiometric = async () => {
      const available = await checkBiometricAvailability();
      setIsBiometricAvailable(available);
    };
    checkBiometric();
  }, [checkBiometricAvailability]);

  const onSubmit = handleSubmit(async (data: LoginFormType) => {
    try {
      log("Login form submitted", { email: data.email });
      // Sign in first
      await signIn(data.email, data.password);

      // After successful login, check if we should prompt for biometric setup
      if (isBiometricAvailable && storedUserEmail !== data.email) {
        // Different user or no stored credentials - clear and prompt
        await clearBiometric();
        // the model prompt out and remind user to activate biometric login
        promptEnableBiometric(data.email, data.password);
      }
      // Navigation happens automatically via auth state redirect
    } catch (error) {
      logError("Login form error", error, { email: data.email });
      if (error instanceof Error) {
        Toast.error(error.message);
      }
    }
  });

  const handleBiometricLogin = async () => {
    setIsBiometricLoading(true);
    try {
      log("Biometric login initiated");
      const credentials = await authenticateWithBiometric();
      if (credentials) {
        await signIn(credentials.email, credentials.password);
        // Navigation happens automatically via auth state redirect
      } else {
        log("Biometric authentication cancelled or no credentials found");
      }
    } catch (error) {
      logError("Biometric login error", error);
      if (error instanceof Error) {
        Toast.error(error.message);
      }
    } finally {
      setIsBiometricLoading(false);
    }
  };

  return (
    <AuthLayout centerTitle={t("hello")} showBackButton={true}>
      <View
        style={{
          marginTop: 16,
          gap: 20,
        }}
      >
        <FormInput
          name="email"
          control={control}
          label={t("email")}
          keyboardType="email-address"
          textContentType="telephoneNumber"
          autoCapitalize="none"
          autoComplete="email"
          placeholder={t("email_placeholder")}
          autoCorrect={false}
          enablesReturnKeyAutomatically
          returnKeyType="next"
          submitBehavior="submit"
          onSubmitEditing={() => passwordRef.current?.focus()}
        />
        <FormInput
          name="password"
          control={control}
          label={t("password")}
          placeholder={t("password_placeholder")}
          textContentType="password"
          ref={passwordRef}
          returnKeyType="done"
          submitBehavior="submit"
          onSubmitEditing={onSubmit}
          clearTextOnFocus
          secureTextEntry
        />
      </View>
      <View style={{ marginTop: "auto", gap: 16 }}>
        <Button
          text={t("login")}
          variant="primary"
          onPress={onSubmit}
          disabled={!isValid}
        />

        {isBiometricEnabled && (
          <Pressable
            onPress={handleBiometricLogin}
            disabled={isBiometricLoading}
            style={{
              width: "100%",
              height: 56,
              borderRadius: 999,
              borderWidth: 2,
              borderColor: "#6C6CB1",
              flexDirection: "row",
              alignItems: "center",
              justifyContent: "center",
              gap: 8,
              opacity: isBiometricLoading ? 0.5 : 1,
            }}
          >
            <FaceId width={24} height={24} color="#6C6CB1" />
            <Typography fontStyle="body2" fontWeight="500" color="purple1">
              {t("login_with_biometric")}
            </Typography>
          </Pressable>
        )}

        <View
          style={{
            flexDirection: "row",
            justifyContent: "center",
            alignItems: "center",
            gap: 4,
          }}
        >
          <Typography fontSize="caption" color="black2">
            {t("no_account")}
          </Typography>
          <Pressable onPress={() => router.push("/auth/signup")}>
            <Typography
              fontSize="caption"
              color="purple1"
              style={{ textDecorationLine: "underline" }}
            >
              {t("register_here")}
            </Typography>
          </Pressable>
        </View>
      </View>
    </AuthLayout>
  );
}

• The biometric login prompting modal

EnableBiometricModal.tsx

import React, { useEffect, useState } from "react";

import * as LocalAuthentication from "expo-local-authentication";
import { useTranslation } from "react-i18next";
import { View } from "react-native";
import Modal from "react-native-modal";
import { createStyleSheet, useStyles } from "react-native-unistyles";

import { useBiometric } from "@/lib/store/biometricStore";
import { FaceId } from "@/lib/svg";
import { logger } from "@/lib/utils/logger";

import { Button } from "./Button";
import { Typography } from "./Typography";

export const EnableBiometricModal = () => {
  const { t } = useTranslation();
  const { styles, theme } = useStyles(stylesheet);
  const [isEnabling, setIsEnabling] = useState(false);
  const [biometricType, setBiometricType] = useState<string>("Face ID");

  const { isModalOpen, confirmEnableBiometric, dismissEnableBiometric } =
    useBiometric();

  useEffect(() => {
    const checkBiometricType = async () => {
      const types =
        await LocalAuthentication.supportedAuthenticationTypesAsync();
      if (
        types.includes(
          LocalAuthentication.AuthenticationType.FACIAL_RECOGNITION,
        )
      ) {
        setBiometricType("Face ID");
      } else if (
        types.includes(LocalAuthentication.AuthenticationType.FINGERPRINT)
      ) {
        setBiometricType("Touch ID");
      }
    };

    if (isModalOpen) {
      checkBiometricType();
    }
  }, [isModalOpen]);

  const handleEnable = async () => {
    setIsEnabling(true);
    try {
      await confirmEnableBiometric();
    } catch (error) {
      logger.debug("error in handleEnable", error);
      // Handle error silently - user may have cancelled biometric prompt
    } finally {
      setIsEnabling(false);
    }
  };

  return (
    <Modal
      isVisible={isModalOpen}
      onBackButtonPress={dismissEnableBiometric}
      onBackdropPress={dismissEnableBiometric}
      style={styles.modal}
    >
      <View style={styles.container}>
        <View style={styles.iconContainer}>
          <FaceId width={64} height={64} color={theme.colors.purple1} />
        </View>

        <Typography fontStyle="h2" style={styles.title}>
          {t("enable_biometric_title", { type: biometricType })}
        </Typography>

        <Typography fontStyle="body2" color="black2" style={styles.description}>
          {t("enable_biometric_description", { type: biometricType })}
        </Typography>

        <View style={styles.buttonContainer}>
          <Button
            text={t("enable_biometric_button", { type: biometricType })}
            variant="primary"
            onPress={handleEnable}
            disabled={isEnabling}
          />
          <Button
            text={t("not_now")}
            variant="red"
            onPress={dismissEnableBiometric}
            outlined
          />
        </View>
      </View>
    </Modal>
  );
};

const stylesheet = createStyleSheet((theme) => ({
  modal: {
    justifyContent: "center",
    margin: theme.spacing.lg,
  },
  container: {
    backgroundColor: "white",
    padding: theme.spacing.lg,
    borderRadius: theme.borderRadius.large,
    alignItems: "center",
  },
  iconContainer: {
    marginBottom: theme.spacing.lg,
  },
  title: {
    textAlign: "center",
    marginBottom: theme.spacing.md,
  },
  description: {
    textAlign: "center",
    marginBottom: theme.spacing.lg,
  },
  buttonContainer: {
    width: "100%",
    gap: theme.spacing.md,
  },
}));