github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-03-16 16:57:18 -05:00
Code Issues 144 Packages Projects Releases 116 Wiki Activity

[PR #1781] [MERGED] Usability improvements to handling logout on vault timeout #3121

New Issue
Closed
opened 2025-11-26 23:28:34 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-26 23:28:34 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/bitwarden/android/pull/1781
Author: @mpbw2
Created: 2/15/2022
Status: Merged
Merged: 2/15/2022
Merged by: @mpbw2

Base: accountswitchingHead: accountswitching-timeout-logout

📝 Commits (1)

  • d4de0b1 Usability improvements for logout on vault timeout

📊 Changes

13 files changed (+141 additions, -287 deletions)

View changed files

📝 src/App/Pages/Accounts/LoginPageViewModel.cs (+1 -11)
📝 src/App/Pages/Accounts/LoginSsoPageViewModel.cs (+1 -11)
📝 src/App/Pages/Settings/ExtensionPageViewModel.cs (+2 -6)
📝 src/App/Resources/AppResources.Designer.cs (+6 -0)
📝 src/App/Resources/AppResources.resx (+3 -0)
📝 src/App/Services/MobileStorageService.cs (+0 -4)
📝 src/App/Utilities/AppHelpers.cs (+15 -16)
📝 src/Core/Abstractions/IStateService.cs (+13 -24)
📝 src/Core/Constants.cs (+0 -5)
📝 src/Core/Services/StateMigrationService.cs (+0 -2)
📝 src/Core/Services/StateService.cs (+98 -206)
📝 src/Core/Services/SyncService.cs (+0 -1)
📝 src/Core/Services/VaultTimeoutService.cs (+2 -1)

📄 Description

Type of change

  • Bug fix
  • New feature development
  • Tech debt (refactoring, code cleanup, dependency upgrades, etc)
  • Build/deploy pipeline (DevOps)
  • Other

Objective

Improvements to the handling and presentation of logging out on vault timeout. Some high-level details:

  • Being "logged out" on timeout is presented to the user the same way as being "locked" (i.e. the account is still displayed in the account switcher and can be selected as the active account)
  • User settings are maintained so when the user logs back in the app behaves like they're picking up where they left off. Vault data however (pretty much everything encrypted for that matter) is removed, otherwise it would defeat the purpose of logging out on timeout. Logging back in will sync and reconstruct that data.
  • When the user logs out via the settings menu (known internally as "user initiated"), then we clean house of all settings and data, making subsequent logins by the same user a from-scratch affair.
  • This flow feels the most natural in the mobile app since we don't run timers to manage account auth states

Code changes

  • AppHelpers.cs: Flow updates and added automatic account switch toast on user initiated logout
  • StateService.cs: Added support for userInitiated bool to logout and account removal flow to keep or remove data accordingly, removed userId support for non user-specific data, removed unused methods
  • StateMigrationService.cs/SyncService.cs: Removed support for ForcePasswordReset value since that was moved to the auth flow awhile back
  • VaultTimeoutService.cs: Check for "lock" action set before establishing isLocked to prevent result from having multiple meanings
  • Constants.cs/MobileStorageService.cs: Removed unused storage/pref keys
  • AppResources.resx: Added string for automatic account switch toast
  • LoginPageViewModel.cs: Removed RememberEmail property since it was never set and is always true
  • LoginSsoPageViewModel.cs: Removed RememberOrgIdentifier property since it was never set and is always true
  • ExtensionPageViewModel.cs: Removed use of StateService since the values were never set and defaulted to false

Testing requirements

Use "Logout" and "Lock" vault timeout actions with multiple accounts simultaneously

Before you submit

  • I have added unit tests where it makes sense to do so (encouraged but not required)
  • This change requires a documentation update (notify the documentation team)
  • This change has particular deployment requirements (notify the DevOps team)

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/bitwarden/android/pull/1781 **Author:** [@mpbw2](https://github.com/mpbw2) **Created:** 2/15/2022 **Status:** ✅ Merged **Merged:** 2/15/2022 **Merged by:** [@mpbw2](https://github.com/mpbw2) **Base:** `accountswitching` ← **Head:** `accountswitching-timeout-logout` --- ### 📝 Commits (1) - [`d4de0b1`](https://github.com/bitwarden/android/commit/d4de0b1e6bfc24d0ac29b6fd7fa9ebf8b0ad46ba) Usability improvements for logout on vault timeout ### 📊 Changes **13 files changed** (+141 additions, -287 deletions) <details> <summary>View changed files</summary> 📝 `src/App/Pages/Accounts/LoginPageViewModel.cs` (+1 -11) 📝 `src/App/Pages/Accounts/LoginSsoPageViewModel.cs` (+1 -11) 📝 `src/App/Pages/Settings/ExtensionPageViewModel.cs` (+2 -6) 📝 `src/App/Resources/AppResources.Designer.cs` (+6 -0) 📝 `src/App/Resources/AppResources.resx` (+3 -0) 📝 `src/App/Services/MobileStorageService.cs` (+0 -4) 📝 `src/App/Utilities/AppHelpers.cs` (+15 -16) 📝 `src/Core/Abstractions/IStateService.cs` (+13 -24) 📝 `src/Core/Constants.cs` (+0 -5) 📝 `src/Core/Services/StateMigrationService.cs` (+0 -2) 📝 `src/Core/Services/StateService.cs` (+98 -206) 📝 `src/Core/Services/SyncService.cs` (+0 -1) 📝 `src/Core/Services/VaultTimeoutService.cs` (+2 -1) </details> ### 📄 Description ## Type of change - [ ] Bug fix - [X] New feature development - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - [ ] Build/deploy pipeline (DevOps) - [ ] Other ## Objective <!--Describe what the purpose of this PR is. For example: what bug you're fixing or what new feature you're adding--> Improvements to the handling and presentation of logging out on vault timeout. Some high-level details: - Being "logged out" on timeout is presented to the user the same way as being "locked" (i.e. the account is still displayed in the account switcher and can be selected as the active account) - User settings are maintained so when the user logs back in the app behaves like they're picking up where they left off. Vault data however (pretty much everything encrypted for that matter) is removed, otherwise it would defeat the purpose of logging out on timeout. Logging back in will sync and reconstruct that data. - When the user logs out via the settings menu (known internally as "user initiated"), then we clean house of all settings and data, making subsequent logins by the same user a from-scratch affair. - This flow feels the most natural in the mobile app since we don't run timers to manage account auth states ## Code changes <!--Explain the changes you've made to each file or major component. This should help the reviewer understand your changes--> <!--Also refer to any related changes or PRs in other repositories--> * **AppHelpers.cs:** Flow updates and added automatic account switch toast on user initiated logout * **StateService.cs:** Added support for `userInitiated` bool to logout and account removal flow to keep or remove data accordingly, removed userId support for non user-specific data, removed unused methods * **StateMigrationService.cs/SyncService.cs:** Removed support for ForcePasswordReset value since that was moved to the auth flow awhile back * **VaultTimeoutService.cs:** Check for "lock" action set before establishing `isLocked` to prevent result from having multiple meanings * **Constants.cs/MobileStorageService.cs:** Removed unused storage/pref keys * **AppResources.resx:** Added string for automatic account switch toast * **LoginPageViewModel.cs:** Removed `RememberEmail` property since it was never set and is always true * **LoginSsoPageViewModel.cs:** Removed `RememberOrgIdentifier` property since it was never set and is always true * **ExtensionPageViewModel.cs:** Removed use of `StateService` since the values were never set and defaulted to false ## Testing requirements <!--What functionality requires testing by QA? This includes testing new behavior and regression testing--> Use "Logout" and "Lock" vault timeout actions with multiple accounts simultaneously ## Before you submit - [ ] I have added **unit tests** where it makes sense to do so (encouraged but not required) - [ ] This change requires a **documentation update** (notify the documentation team) - [ ] This change has particular **deployment requirements** (notify the DevOps team) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-26 23:28:34 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#3121
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?