[SG-690] Login Request does not disappear after 15 minutes (#2106)

* [SG-690] Add timeout of 15 for android notifications. Add condition to not prompt login requests if 15mins have passed. Add constant for timeout time. * [SG-690] Added dialog on click confirm/deny if the request is expired. * [SG-690] PR fixes * [SG-690] PR fixes
2024-11-23 11:45:38 +01:00 · 2022-09-30 20:44:56 +01:00 · 2022-09-30 20:44:56 +01:00 · 90e0b5dcf0
commit 90e0b5dcf0
parent 9631988fc2
6 changed files with 6618 additions and 4386 deletions
--- a/src/Android/Services/AndroidPushNotificationService.cs
+++ b/src/Android/Services/AndroidPushNotificationService.cs
@ -74,7 +74,6 @@ namespace Bit.Droid.Services
                throw new ArgumentNullException("notificationId cannot be null or empty.");
            }
            
-
            var context = Android.App.Application.Context;
            var intent = new Intent(context, typeof(MainActivity));
            var pendingIntentFlags = AndroidHelpers.AddPendingIntentMutabilityFlag(PendingIntentFlags.UpdateCurrent, true);
@ -83,6 +82,7 @@ namespace Bit.Droid.Services
               .SetContentIntent(pendingIntent)
               .SetContentTitle(title)
               .SetContentText(message)
+               .SetTimeoutAfter(Constants.PasswordlessNotificationTimeoutInMinutes * 60000)
               .SetSmallIcon(Resource.Drawable.ic_notification)
               .SetColor((int)Android.Graphics.Color.White)
               .SetAutoCancel(true);
--- a/src/App/App.xaml.cs
+++ b/src/App/App.xaml.cs
@ -189,7 +189,10 @@ namespace Bit.App
            });
            await _stateService.SetPasswordlessLoginNotificationAsync(null);
            _pushNotificationService.DismissLocalNotification(Constants.PasswordlessNotificationId);
-            await Device.InvokeOnMainThreadAsync(async () => await Application.Current.MainPage.Navigation.PushModalAsync(new NavigationPage(page)));
+            if (loginRequestData.CreationDate.AddMinutes(Constants.PasswordlessNotificationTimeoutInMinutes) > DateTime.Now)
+            {
+                await Device.InvokeOnMainThreadAsync(() => Application.Current.MainPage.Navigation.PushModalAsync(new NavigationPage(page)));
+            }
        }

        public AppOptions Options { get; private set; }
--- a/src/App/Pages/Accounts/LoginPasswordlessViewModel.cs
+++ b/src/App/Pages/Accounts/LoginPasswordlessViewModel.cs
@ -65,6 +65,13 @@ namespace Bit.App.Pages

        private async Task PasswordlessLoginAsync(bool approveRequest)
        {
+            if (LoginRequest.RequestDate.AddMinutes(Constants.PasswordlessNotificationTimeoutInMinutes) <= DateTime.Now)
+            {
+                await _platformUtilsService.ShowDialogAsync(AppResources.LoginRequestHasAlreadyExpired);
+                await Page.Navigation.PopModalAsync();
+                return;
+            }
+
            await _deviceActionService.ShowLoadingAsync(AppResources.Loading);
            await _authService.PasswordlessLoginAsync(LoginRequest.Id, LoginRequest.PubKey, approveRequest);
            await _deviceActionService.HideLoadingAsync();
--- a/src/App/Resources/AppResources.Designer.cs
+++ b/src/App/Resources/AppResources.Designer.cs
--- a/src/App/Resources/AppResources.resx
+++ b/src/App/Resources/AppResources.resx
@ -2461,4 +2461,7 @@ select Add TOTP to store the key safely</value>
  <data name="Decline" xml:space="preserve">
    <value>Decline</value>
  </data>
+  <data name="LoginRequestHasAlreadyExpired" xml:space="preserve">
+    <value>Login request has already expired.</value>
+  </data>
 </root>
--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@ -36,6 +36,7 @@
        public const int SelectFilePermissionRequestCode = 43;
        public const int SaveFileRequestCode = 44;
        public const int TotpDefaultTimer = 30;
+        public const int PasswordlessNotificationTimeoutInMinutes = 15;

        public static readonly string[] AndroidAllClearCipherCacheKeys =
        {