Roadmap
Help Center
Changelog
Back to all posts

Add biometric auth support to the mobile app

Objective

  • Enable biometric unlock (Face ID / Touch ID / Android biometrics) for the inspector mobile app, backed by server-side auth support compatible with Better Auth and the Expo client.
  • Use inclusive product copy (“biometrics” / device terminology), not Face-ID-only wording, on both platforms.

Background

  • Today, inspector sign-in flows through Better Auth on mobile: authClient in lib/api.ts targets /auth/inspector with @better-auth/expo (expoClient, expo-secure-store, attikmobile scheme, authjs cookie prefix) and manual saveSessionCookie for iOS cookie behavior.
  • Screens such as app/(auth)/login.tsx and app/(auth)/verify-otp.tsx use authClient.$fetch / signIn.social — there is no biometric enrollment or unlock path in the scanned mobile tree.
  • The backend centralizes inspector Better Auth in src/util/functions/betterAuth/auth.ts (createInspectorAuth, expo plugin, basePath: '/auth/inspector', trusted origins including attikmobile://), with related endpoints under inspectorAuthEndpoints, login.ts (toNodeHandler / Better Auth), and session.ts.

Scope

Attik Backend

  • Add or extend Better Auth–compatible endpoints / session flows so mobile can register and verify biometric credentials in a way that fits the existing inspector auth instance (auth.ts, inspectorAuthEndpoints.ts, and route mounting in login.ts).
  • Persist whatever identifiers or keys the chosen approach requires (exact storage model is a decision for the implementer, aligned with Better Auth + Expo security guidance).

Attik Mobile

  • Integrate OS biometric APIs (e.g. Expo Local Authentication or equivalent) with the post-login experience: optional enrollment, re-prompt when returning to the app, and fallback to existing OTP / social login if biometrics fail or are unavailable.
  • Keep lib/api.ts session storage behavior coherent with @better-auth/expo and SecureStore.
  • Audit user-visible strings in auth-related screens and settings for Face ID-specific copy; replace with biometric-neutral wording where appropriate.

References

  • Backend: attik-backend/src/util/functions/betterAuth/auth.ts, attik-backend/src/util/functions/betterAuth/inspector/inspectorAuthEndpoints.ts, attik-backend/src/routes/login.ts, attik-backend/src/routes/session.ts
  • Mobile: attik-mobile/lib/api.ts, attik-mobile/app/(auth)/login.tsx, attik-mobile/app/(auth)/verify-otp.tsx, attik-mobile/package.json (better-auth, @better-auth/expo)

Please authenticate to join the conversation.

Upvoters
Status

Planned

Board
🏠

Main App

Date

About 2 months ago

Author

Linear

Subscribe to post

Get notified by email when there are changes.