hyprwm/hyprlock
1
0
Fork 0
mirror of https://github.com/hyprwm/hyprlock.git synced 2026-05-22 20:58:08 +02:00
Code Issues Projects Releases Packages Wiki Activity
hyprlock/src/auth/Auth.cpp

140 lines
4 KiB
C++
Raw Normal View History

auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
#include "Auth.hpp"
#include "Pam.hpp"
#include "Fingerprint.hpp"
#include "../config/ConfigManager.hpp"
#include "../core/hyprlock.hpp"
#include "src/helpers/Log.hpp"
#include <hyprlang.hpp>
#include <memory>
CAuth::CAuth() {
core: move to hyprlang config value wrapper (#667)
2025-01-29 22:10:27 +00:00
static const auto ENABLEPAM = g_pConfigManager->getValue<Hyprlang::INT>("auth:pam:enabled");
if (*ENABLEPAM)
core: more hyprutils smart pointer usage and safe references to widgets (#686) * core: move to UP and make widgets use SPs * widgets: make widgets have a self ref to avoid UB * fix shadows and let them have a WP to widgets
2025-03-05 08:35:43 +01:00
m_vImpls.emplace_back(makeShared<CPam>());
core: move to hyprlang config value wrapper (#667)
2025-01-29 22:10:27 +00:00
static const auto ENABLEFINGERPRINT = g_pConfigManager->getValue<Hyprlang::INT>("auth:fingerprint:enabled");
if (*ENABLEFINGERPRINT)
core: more hyprutils smart pointer usage and safe references to widgets (#686) * core: move to UP and make widgets use SPs * widgets: make widgets have a self ref to avoid UB * fix shadows and let them have a WP to widgets
2025-03-05 08:35:43 +01:00
m_vImpls.emplace_back(makeShared<CFingerprint>());
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
RASSERT(!m_vImpls.empty(), "At least one authentication method must be enabled!");
}
void CAuth::start() {
for (const auto& i : m_vImpls) {
i->init();
}
}
void CAuth::submitInput(const std::string& input) {
for (const auto& i : m_vImpls) {
i->handleInput(input);
}
core: move password buffer clearing to handleInput (#708) Makes more sense than clearing the input buffer in the auth impl. Also added a check for the password buffer length to reset the fail color as soon as the password length > 0.
2025-03-17 11:25:51 +00:00
g_pHyprlock->clearPasswordBuffer();
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
}
bool CAuth::checkWaiting() {
core: more hyprutils smart pointer usage and safe references to widgets (#686) * core: move to UP and make widgets use SPs * widgets: make widgets have a self ref to avoid UB * fix shadows and let them have a WP to widgets
2025-03-05 08:35:43 +01:00
return std::ranges::any_of(m_vImpls, [](const auto& i) { return i->checkWaiting(); });
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
}
auth: fixup prompt and fail substitution (#641) BREAKING: - Removed $PROMPT variable. Either use $PAMPROMPT or $FPRINTPROMPT. - Removed $FPRINTMESSAGE. Use $FPRINTPROMPT instead. There is also $FPRINTFAIL.
2025-01-12 17:18:18 +00:00
const std::string& CAuth::getCurrentFailText() {
return m_sCurrentFail.failText;
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
}
std::optional<std::string> CAuth::getFailText(eAuthImplementations implType) {
for (const auto& i : m_vImpls) {
if (i->getImplType() == implType)
return i->getLastFailText();
}
return std::nullopt;
}
std::optional<std::string> CAuth::getPrompt(eAuthImplementations implType) {
for (const auto& i : m_vImpls) {
if (i->getImplType() == implType)
return i->getLastPrompt();
}
return std::nullopt;
}
auth: fixup prompt and fail substitution (#641) BREAKING: - Removed $PROMPT variable. Either use $PAMPROMPT or $FPRINTPROMPT. - Removed $FPRINTMESSAGE. Use $FPRINTPROMPT instead. There is also $FPRINTFAIL.
2025-01-12 17:18:18 +00:00
size_t CAuth::getFailedAttempts() {
return m_sCurrentFail.failedAttempts;
}
core: more hyprutils smart pointer usage and safe references to widgets (#686) * core: move to UP and make widgets use SPs * widgets: make widgets have a self ref to avoid UB * fix shadows and let them have a WP to widgets
2025-03-05 08:35:43 +01:00
SP<IAuthImplementation> CAuth::getImpl(eAuthImplementations implType) {
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
for (const auto& i : m_vImpls) {
if (i->getImplType() == implType)
return i;
}
return nullptr;
}
void CAuth::terminate() {
for (const auto& i : m_vImpls) {
i->terminate();
}
}
feat: add `succ_text` for successful authentication Introduce `input-field:succ_text`, `input-field:succ_color`, and `general:succ_timeout` to provide visual confirmation after successful authentication. - Added `general:succ_timeout` (default 0) to delay unlocking. - Added `input-field:succ_text` and `input-field:succ_color` for custom feedback.
2026-05-14 16:00:26 +08:00
static void passwordSuccCallback(ASP<CTimer> self, void* data) {
g_pAuth->m_bDisplaySuccText = true;
g_pHyprlock->enqueueForceUpdateTimers();
g_pHyprlock->renderAllOutputs();
}
core: use hyprutils atomic pointers (#808) * widgets: move references to hyprutils atomic shared * core: move std::shared_pointers to hyprutils atomic shared pointers * Nix: bump hyprutils input * clang-format * cmake: bump hyprutils to v0.8.0 * and bump nix again
2025-06-28 11:01:28 +02:00
static void unlockCallback(ASP<CTimer> self, void* data) {
core: more obvious api around isUnlocked related logic (#1004)
2026-04-29 17:59:00 +00:00
g_pHyprlock->fadeOutAndUnlock();
core: move fail_timeout from input-field to general (#718)
2025-04-02 22:13:22 +02:00
}
void CAuth::enqueueUnlock() {
feat: add `succ_text` for successful authentication Introduce `input-field:succ_text`, `input-field:succ_color`, and `general:succ_timeout` to provide visual confirmation after successful authentication. - Added `general:succ_timeout` (default 0) to delay unlocking. - Added `input-field:succ_text` and `input-field:succ_color` for custom feedback.
2026-05-14 16:00:26 +08:00
static const auto SUCCTIMEOUT = g_pConfigManager->getValue<Hyprlang::INT>("general:succ_timeout");
if (*SUCCTIMEOUT > 0) {
g_pHyprlock->addTimer(std::chrono::milliseconds(0), passwordSuccCallback, nullptr);
g_pHyprlock->addTimer(std::chrono::milliseconds(*SUCCTIMEOUT), unlockCallback, nullptr);
} else {
g_pHyprlock->addTimer(std::chrono::milliseconds(0), unlockCallback, nullptr);
}
core: move fail_timeout from input-field to general (#718)
2025-04-02 22:13:22 +02:00
}
core: use hyprutils atomic pointers (#808) * widgets: move references to hyprutils atomic shared * core: move std::shared_pointers to hyprutils atomic shared pointers * Nix: bump hyprutils input * clang-format * cmake: bump hyprutils to v0.8.0 * and bump nix again
2025-06-28 11:01:28 +02:00
static void passwordFailCallback(ASP<CTimer> self, void* data) {
auth: fixup prompt and fail substitution (#641) BREAKING: - Removed $PROMPT variable. Either use $PAMPROMPT or $FPRINTPROMPT. - Removed $FPRINTMESSAGE. Use $FPRINTPROMPT instead. There is also $FPRINTFAIL.
2025-01-12 17:18:18 +00:00
g_pAuth->m_bDisplayFailText = true;
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
g_pHyprlock->enqueueForceUpdateTimers();
g_pHyprlock->renderAllOutputs();
}
core: use hyprutils atomic pointers (#808) * widgets: move references to hyprutils atomic shared * core: move std::shared_pointers to hyprutils atomic shared pointers * Nix: bump hyprutils input * clang-format * cmake: bump hyprutils to v0.8.0 * and bump nix again
2025-06-28 11:01:28 +02:00
static void displayFailTimeoutCallback(ASP<CTimer> self, void* data) {
core: move fail_timeout from input-field to general (#718)
2025-04-02 22:13:22 +02:00
if (g_pAuth->m_bDisplayFailText) {
g_pAuth->m_bDisplayFailText = false;
g_pHyprlock->renderAllOutputs();
}
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
}
auth: fixup prompt and fail substitution (#641) BREAKING: - Removed $PROMPT variable. Either use $PAMPROMPT or $FPRINTPROMPT. - Removed $FPRINTMESSAGE. Use $FPRINTPROMPT instead. There is also $FPRINTFAIL.
2025-01-12 17:18:18 +00:00
void CAuth::enqueueFail(const std::string& failText, eAuthImplementations implType) {
auth: use static for getValue (#732)
2025-04-08 16:37:13 +02:00
static const auto FAILTIMEOUT = g_pConfigManager->getValue<Hyprlang::INT>("general:fail_timeout");
core: move fail_timeout from input-field to general (#718)
2025-04-02 22:13:22 +02:00
auth: fixup prompt and fail substitution (#641) BREAKING: - Removed $PROMPT variable. Either use $PAMPROMPT or $FPRINTPROMPT. - Removed $FPRINTMESSAGE. Use $FPRINTPROMPT instead. There is also $FPRINTFAIL.
2025-01-12 17:18:18 +00:00
m_sCurrentFail.failText = failText;
m_sCurrentFail.failSource = implType;
m_sCurrentFail.failedAttempts++;
core: use Hyprutils::CLI (#977) * core: use Hyprutils::CLI::CLogger * core: use Hyprutils::CLI::CArgumentParser and validate config exists
2026-03-31 14:56:08 +00:00
Log::logger->log(Log::INFO, "Failed attempts: {}", m_sCurrentFail.failedAttempts);
auth: fixup prompt and fail substitution (#641) BREAKING: - Removed $PROMPT variable. Either use $PAMPROMPT or $FPRINTPROMPT. - Removed $FPRINTMESSAGE. Use $FPRINTPROMPT instead. There is also $FPRINTFAIL.
2025-01-12 17:18:18 +00:00
core: move fail_timeout from input-field to general (#718)
2025-04-02 22:13:22 +02:00
if (m_resetDisplayFailTimer) {
m_resetDisplayFailTimer->cancel();
m_resetDisplayFailTimer.reset();
}
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
g_pHyprlock->addTimer(std::chrono::milliseconds(0), passwordFailCallback, nullptr);
core: move fail_timeout from input-field to general (#718)
2025-04-02 22:13:22 +02:00
m_resetDisplayFailTimer = g_pHyprlock->addTimer(std::chrono::milliseconds(*FAILTIMEOUT), displayFailTimeoutCallback, nullptr);
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
}
core: move fail_timeout from input-field to general (#718)
2025-04-02 22:13:22 +02:00
void CAuth::resetDisplayFail() {
g_pAuth->m_bDisplayFailText = false;
m_resetDisplayFailTimer->cancel();
m_resetDisplayFailTimer.reset();
auth: add an interface for different authentication methods (#578) * auth: add an interface for different authentication methods * auth: pick inline feedback based on last active implementation * config: move auth options to auth:<auth_impl> BREAKING: - general:pam_module -> auth:pam:module - general:enable_fingerprint -> auth:fingerprint:enabled - general:fingerprint_ready_message -> auth:fingerprint:ready_message - general:fingerprint_present_message -> auth:fingerprint:present_message * auth: don't clear password input for fingerprint auth check * fingerprint: checkAuthenticated when handling verfiy status * Revert conditionally clearing the password input buffer Makes sure the input field can show the fail text for fingerprint auth. * auth: virtual instead of override, remove braces * pam: join the thread * auth: remove isAuthenticated and switch to a control flow based unlock * auth: initialize authentication before aquiring the session lock
2024-12-16 18:58:36 +00:00
}
Reference in a new issue Copy permalink