Skip to content

Explain the Keychain prompt and raise the Import window reliably#10

Merged
gek0z merged 1 commit intomainfrom
feat/import-heads-up-touchid
Apr 14, 2026
Merged

Explain the Keychain prompt and raise the Import window reliably#10
gek0z merged 1 commit intomainfrom
feat/import-heads-up-touchid

Conversation

@gek0z
Copy link
Copy Markdown
Owner

@gek0z gek0z commented Apr 14, 2026

Summary

Three UX follow-ups on top of the import-from-browser flow in #9:

  • Heads-up banner in the Import window. Conditional on the selected browser:
    • Chromium family → "macOS will ask for your login password once … click Always Allow to skip it on later imports. Touch ID may appear on Macs that support it."
    • Safari → the Full Disk Access note up-front (previously only shown after a failed attempt).
    • Firefox → nothing (no OS prompt on that path).
  • Touch ID best-effort. Attach an LAContext via kSecUseAuthenticationContext and a custom kSecUseOperationPrompt to the SecItemCopyMatching query for the Chromium Safe Storage key. In practice Chromium browsers don't create their Safe Storage entry with biometric-compatible ACL flags, so macOS still falls back to the password prompt — but attaching the context costs nothing, gives a nicer in-prompt message, and will upgrade to Touch ID the day a fork (or Chromium itself) flips the ACL.
  • Fix "Sign in button did nothing". NSApp.activate(ignoringOtherApps:) was softened in macOS 14 and no longer reliably pulls a fresh window forward from an LSUIElement app. Switch to NSApp.activate(), and poll NSApp.windows for the target window for up to 500 ms instead of assuming a single-runloop defer is enough. Fixes the symptom where clicking Sign in left the Import window hidden behind the frontmost app.

Test plan

  • Build + swift-format lint clean.
  • Keychain prompt text now reads "read [Browser]'s cookie-encryption key" instead of the generic message.
  • Confirm the banner text shows for Chromium / Safari and is absent for Firefox.
  • Confirm Import window comes to front every time on a fresh launch (regression the PR fixes).

@gek0z
Explain the Keychain prompt and raise the Import window reliably
c19b95e 
Three UX fixes for the import flow shipped in #9:

- Add a per-browser heads-up banner in the Import window. Chromium
  browsers get a note about the one-time Keychain password prompt and
  that clicking "Always Allow" removes it from future runs. Safari gets
  the Full Disk Access note up-front instead of only after a failed
  attempt. Firefox stays quiet — no OS prompt there.

- Attach an LAContext to the Chromium Safe-Storage keychain query
  (`kSecUseAuthenticationContext`) and a `kSecUseOperationPrompt`
  message. In practice Chromium-family browsers don't create their
  Safe-Storage entry with biometric-compatible ACL flags, so macOS
  still falls back to the password prompt today — but attaching the
  context is free, gives a nicer in-prompt message, and upgrades to
  Touch ID automatically the day a fork (or Chromium itself) flips
  the ACL.

- Fix "Sign in button did nothing": `NSApp.activate(ignoringOtherApps:)`
  was softened in macOS 14 and doesn't reliably pull a fresh window
  forward from an LSUIElement app. Switch to `NSApp.activate()`, and
  poll `NSApp.windows` for the new window for up to 500 ms rather than
  assuming a single-runloop defer is enough — the window isn't always
  in the list when onAppear fires on first open.
@gek0z gek0z merged commit 12104a9 into main Apr 14, 2026
1 check passed
@gek0z gek0z deleted the feat/import-heads-up-touchid branch April 14, 2026 14:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gek0z