Mike/Kordant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a8a5930ced0ffba6037475ea003798c4fbf024c7
Kordant/packages/mobile/src/store/settingsStore.ts
Michael Freno a8a5930ced security: fix 10 security review findings (FRE-4572) 
CRITICAL:
- SEC-001: Auth tokens now stored in SecureStore (Keychain/Keystore)
- SEC-002: Biometric bypass removed - alerts user and disables when unavailable

HIGH:
- SEC-003: Push projectId moved to EXPO_PUBLIC_EAS_PROJECT_ID env var
- SEC-004: Token refresh mechanism added with refreshSession/hydrateTokens
- SEC-005: debug already gated on __DEV__ (confirmed)

MEDIUM:
- SEC-006: All PII stores (darkwatch, voiceprint, spamshield, settings, auth) now use encrypted AsyncStorage
- SEC-007: Certificate pinning documented with TODO for production
- SEC-008: Login brute force protection: 5 attempts then 5-minute lockout

LOW:
- SEC-009: Watch list input validation with format checks per entity type
- SEC-010: Upgrade Plan button shows billing coming soon alert
2026-05-17 19:15:42 -04:00

46 lines
1.2 KiB
TypeScript
Raw Blame History

import { create } from 'zustand';
import { persist } from 'zustand/middleware';
import type { NotificationPreference } from '@/types';
import { encryptedStorage } from '@/services/encryptedStorage';
/**
* TODO: Wire updatePreferences to notificationService.updatePreferences() for production.
* Current implementation is local-only (AsyncStorage) for offline-first MVP.
*/
interface SettingsState {
preferences: NotificationPreference;
isBiometricEnabled: boolean;
updatePreferences: (prefs: Partial<NotificationPreference>) => void;
toggleBiometric: (enabled: boolean) => void;
}
const defaultPreferences: NotificationPreference = {
emailNotifications: true,
pushNotifications: true,
darkwatchAlert: true,
spamBlocked: true,
voiceprintAnalysis: true,
};
export const useSettingsStore = create<SettingsState>()(
persist(
(set) => ({
preferences: defaultPreferences,
isBiometricEnabled: false,
updatePreferences: (prefs) => {
set((state) => ({
preferences: { ...state.preferences, ...prefs },
}));
},
toggleBiometric: (enabled) => set({ isBiometricEnabled: enabled }),
}),
{
name: '@shieldai_settings',
storage: encryptedStorage,
}
)
);
Reference in New Issue View Git Blame Copy Permalink