github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-05-08 04:16:40 -05:00
Code Issues 1.1k Packages Projects Releases 122 Wiki Activity

[PR #6034] [MERGED] [PM-26810] Add OTP support to VerifyPasswordScreen #36755

New Issue
Closed
opened 2026-04-21 03:53:58 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-04-21 03:53:58 -05:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/bitwarden/android/pull/6034
Author: @SaintPatrck
Created: 10/15/2025
Status: Merged
Merged: 10/16/2025
Merged by: @SaintPatrck

Base: mainHead: PM-26810/cxf-prompt-for-otp-verification

📝 Commits (1)

  • 8d3011a Add OTP support to VerifyPasswordScreen

📊 Changes

6 files changed (+880 additions, -404 deletions)

View changed files

📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordScreen.kt (+164 -40)
📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModel.kt (+163 -7)
📝 app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/handlers/VerifyPasswordHandlers.kt (+7 -3)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordScreenTest.kt (+46 -11)
📝 app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModelTest.kt (+498 -343)
📝 ui/src/main/res/values/strings.xml (+2 -0)

📄 Description

🎟️ Tracking

PM-26810

📔 Objective

This commit introduces support for One-Time Passcode (OTP) verification on the "Verify Password" screen, in addition to the existing master password verification. This is primarily for TDE users who do not have a master password set on their account.

The behavioral changes are as follows:

  • If a user does not have a master password, they will be prompted to enter a 6-digit OTP code that is automatically sent to their email address.
  • The UI displays a "Resend code" button for the OTP flow.
  • The primary action button label has been changed from "Unlock" to "Continue" to accommodate both verification flows.

Specific changes include:

  • ViewModel:
    • VerifyPasswordViewModel now checks if the active account has a master password.
    • If no master password exists, it automatically requests an OTP and updates the UI to reflect the OTP verification flow.
    • New actions (ResendCodeClick, SendOtpCodeResultReceive, VerifyOtpResultReceive) and events (ShowSnackbar) have been added to handle the OTP logic.
    • The UnlockClick action has been renamed to ContinueClick.
    • The state has been updated to include a title, subtext, and showResendCodeButton to dynamically adjust the screen content.
  • UI (Screen & Composables):
    • VerifyPasswordScreen.kt and its content composable have been updated to conditionally display either the master password field or the OTP code field based on the view model's state.
    • A "Resend code" button is now shown for the OTP flow.
    • The main button is now labeled "Continue" and triggers the ContinueClick action.
    • A snackbar is now used to show feedback, for instance when an OTP code has been resent.
  • Strings:
    • New string resources have been added for the OTP verification flow, such as "Verify your account email address".
  • Tests:
    • VerifyPasswordViewModelTest and VerifyPasswordScreenTest have been extensively updated to cover the new OTP verification logic, state changes, and UI interactions. Existing tests were refactored to align with the new logic.

📸 Screenshots

Master Password verification

Before After

OTP Verification

Before After
N/A

Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/bitwarden/android/pull/6034 **Author:** [@SaintPatrck](https://github.com/SaintPatrck) **Created:** 10/15/2025 **Status:** ✅ Merged **Merged:** 10/16/2025 **Merged by:** [@SaintPatrck](https://github.com/SaintPatrck) **Base:** `main` ← **Head:** `PM-26810/cxf-prompt-for-otp-verification` --- ### 📝 Commits (1) - [`8d3011a`](https://github.com/bitwarden/android/commit/8d3011a1d8f664143f3fe4c41c81275ff46024fb) Add OTP support to VerifyPasswordScreen ### 📊 Changes **6 files changed** (+880 additions, -404 deletions) <details> <summary>View changed files</summary> 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordScreen.kt` (+164 -40) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModel.kt` (+163 -7) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/handlers/VerifyPasswordHandlers.kt` (+7 -3) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordScreenTest.kt` (+46 -11) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModelTest.kt` (+498 -343) 📝 `ui/src/main/res/values/strings.xml` (+2 -0) </details> ### 📄 Description ## 🎟️ Tracking PM-26810 ## 📔 Objective This commit introduces support for One-Time Passcode (OTP) verification on the "Verify Password" screen, in addition to the existing master password verification. This is primarily for TDE users who do not have a master password set on their account. The behavioral changes are as follows: * If a user does not have a master password, they will be prompted to enter a 6-digit OTP code that is automatically sent to their email address. * The UI displays a "Resend code" button for the OTP flow. * The primary action button label has been changed from "Unlock" to "Continue" to accommodate both verification flows. Specific changes include: * **ViewModel:** * `VerifyPasswordViewModel` now checks if the active account has a master password. * If no master password exists, it automatically requests an OTP and updates the UI to reflect the OTP verification flow. * New actions (`ResendCodeClick`, `SendOtpCodeResultReceive`, `VerifyOtpResultReceive`) and events (`ShowSnackbar`) have been added to handle the OTP logic. * The `UnlockClick` action has been renamed to `ContinueClick`. * The state has been updated to include a `title`, `subtext`, and `showResendCodeButton` to dynamically adjust the screen content. * **UI (Screen & Composables):** * `VerifyPasswordScreen.kt` and its content composable have been updated to conditionally display either the master password field or the OTP code field based on the view model's state. * A "Resend code" button is now shown for the OTP flow. * The main button is now labeled "Continue" and triggers the `ContinueClick` action. * A snackbar is now used to show feedback, for instance when an OTP code has been resent. * **Strings:** * New string resources have been added for the OTP verification flow, such as "Verify your account email address". * **Tests:** * `VerifyPasswordViewModelTest` and `VerifyPasswordScreenTest` have been extensively updated to cover the new OTP verification logic, state changes, and UI interactions. Existing tests were refactored to align with the new logic. ## 📸 Screenshots ### Master Password verification | Before | After | |--------|--------| | <img width="365" src="https://github.com/user-attachments/assets/c1e6a108-a78f-4938-8093-735ce074b7e6" /> | <img width="365" src="https://github.com/user-attachments/assets/afe29845-47e2-4764-9a2f-d1901155e57e" /> | ### OTP Verification | Before | After | |--------|--------| | N/A | <img width="365" src="https://github.com/user-attachments/assets/216d5782-04e2-46cf-a2a2-6d1e07dc86ce" /> | ## ⏰ Reminders before review - Contributor guidelines followed - All formatters and local linters executed and passed - Written new unit and / or integration tests where applicable - Protected functional changes with optionality (feature flags) - Used internationalization (i18n) for all UI strings - CI builds passed - Communicated to DevOps any deployment requirements - Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team ## 🦮 Reviewer guidelines <!-- Suggested interactions but feel free to use (or not) as you desire! --> - 👍 (`:+1:`) or similar for great changes - 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info - ❓ (`:question:`) for questions - 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - 🎨 (`:art:`) for suggestions / improvements - ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or concerns needing attention - 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or indications of technical debt - ⛏ (`:pick:`) for minor or nitpick changes --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-04-21 03:53:58 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#36755
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?