Сохраняем логин/пароль/токен в Keychain (#292)

* Добавил пакет SWKeychain

Храним логин/пароль в `Keychain`, а токен генерируем при необходимости из этой модели

* Поправил смену пароля

Больше не делаем принудительный логаут

Author: easydev991

SwiftUI-WorkoutApp.xcodeproj/project.pbxproj

@@ -83,6 +83,7 @@
 		67D916862838F0DD0098D3CB /* DialogScreen.swift in Sources */ = {isa = PBXBuildFile; fileRef = 67D916852838F0DD0098D3CB /* DialogScreen.swift */; };
 		67D9169628396C1E0098D3CB /* SendMessageScreen.swift in Sources */ = {isa = PBXBuildFile; fileRef = 67D9169528396C1E0098D3CB /* SendMessageScreen.swift */; };
 		67EA685C2A71A99700697C88 /* PhotoDetailScreen.swift in Sources */ = {isa = PBXBuildFile; fileRef = 67EA685B2A71A99700697C88 /* PhotoDetailScreen.swift */; };
+		67F2ABAB2D7451C3008F9928 /* SWKeychain in Frameworks */ = {isa = PBXBuildFile; productRef = 67F2ABAA2D7451C3008F9928 /* SWKeychain */; };
 		67F9534F2964A5700077DFDC /* ImagePicker in Frameworks */ = {isa = PBXBuildFile; productRef = 67F9534E2964A5700077DFDC /* ImagePicker */; };
 		67FBF64F28338A2E008A7968 /* EventDetailsScreen.swift in Sources */ = {isa = PBXBuildFile; fileRef = 67FBF64E28338A2E008A7968 /* EventDetailsScreen.swift */; };
 /* End PBXBuildFile section */
@@ -176,6 +177,7 @@
 		67D916852838F0DD0098D3CB /* DialogScreen.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DialogScreen.swift; sourceTree = "<group>"; };
 		67D9169528396C1E0098D3CB /* SendMessageScreen.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SendMessageScreen.swift; sourceTree = "<group>"; };
 		67EA685B2A71A99700697C88 /* PhotoDetailScreen.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PhotoDetailScreen.swift; sourceTree = "<group>"; };
+		67F2ABA92D74508E008F9928 /* SWKeychain */ = {isa = PBXFileReference; lastKnownFileType = wrapper; path = SWKeychain; sourceTree = "<group>"; };
 		67FBF64E28338A2E008A7968 /* EventDetailsScreen.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = EventDetailsScreen.swift; sourceTree = "<group>"; };
 /* End PBXFileReference section */
 
@@ -192,6 +194,7 @@
 			buildActionMask = 2147483647;
 			files = (
 				67795FB22D1C05D90087132F /* SWModels in Frameworks */,
+				67F2ABAB2D7451C3008F9928 /* SWKeychain in Frameworks */,
 				67D67DE52AE8526600F7A8B0 /* SWDesignSystem in Frameworks */,
 				67B7EB812D4FED510004A40D /* SWUtils in Frameworks */,
 				67D322972AE993F90045B92F /* MapView991 in Frameworks */,
@@ -462,6 +465,7 @@
 		67AE08472D1C049F0097B59F /* Libraries */ = {
 			isa = PBXGroup;
 			children = (
+				67F2ABA92D74508E008F9928 /* SWKeychain */,
 				67B7EB7F2D4FECD90004A40D /* SWUtils */,
 				678CE36A2D1C510900F060C6 /* SWNetwork */,
 				67AE08482D1C05020097B59F /* SWModels */,
@@ -521,6 +525,7 @@
 				67795FB12D1C05D90087132F /* SWModels */,
 				67795FB32D1C05D90087132F /* SWNetworkClient */,
 				67B7EB802D4FED510004A40D /* SWUtils */,
+				67F2ABAA2D7451C3008F9928 /* SWKeychain */,
 			);
 			productName = "SwiftUI-WorkoutApp";
 			productReference = 6798AA3A280AEDC900DB76F1 /* WorkoutApp.app */;
@@ -874,7 +879,7 @@
 				CLANG_TIDY_MISC_REDUNDANT_EXPRESSION = YES;
 				CLANG_WARN_SEMICOLON_BEFORE_METHOD_BODY = YES;
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 2;
+				CURRENT_PROJECT_VERSION = 3;
 				DEVELOPMENT_ASSET_PATHS = "SwiftUI-WorkoutApp/Preview\\ Content/PreviewContent.swift SwiftUI-WorkoutApp/Preview\\ Content";
 				DEVELOPMENT_TEAM = CR68PP2Z3F;
 				ENABLE_PREVIEWS = YES;
@@ -927,7 +932,7 @@
 				CLANG_TIDY_MISC_REDUNDANT_EXPRESSION = YES;
 				CLANG_WARN_SEMICOLON_BEFORE_METHOD_BODY = YES;
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 2;
+				CURRENT_PROJECT_VERSION = 3;
 				DEVELOPMENT_ASSET_PATHS = "SwiftUI-WorkoutApp/Preview\\ Content/PreviewContent.swift SwiftUI-WorkoutApp/Preview\\ Content";
 				DEVELOPMENT_TEAM = CR68PP2Z3F;
 				ENABLE_PREVIEWS = YES;
@@ -1048,6 +1053,10 @@
 			package = 67D67DE32AE8526600F7A8B0 /* XCRemoteSwiftPackageReference "SWDesignSystem" */;
 			productName = SWDesignSystem;
 		};
+		67F2ABAA2D7451C3008F9928 /* SWKeychain */ = {
+			isa = XCSwiftPackageProductDependency;
+			productName = SWKeychain;
+		};
 		67F9534E2964A5700077DFDC /* ImagePicker */ = {
 			isa = XCSwiftPackageProductDependency;
 			package = 67F9534D2964A5700077DFDC /* XCRemoteSwiftPackageReference "ImagePicker" */;

SwiftUI-WorkoutApp/Libraries/SWKeychain/.gitignore

@@ -0,0 +1,8 @@
+.DS_Store
+/.build
+/Packages
+xcuserdata/
+DerivedData/
+.swiftpm/configuration/registries.json
+.swiftpm/xcode/package.xcworkspace/contents.xcworkspacedata
+.netrc

SwiftUI-WorkoutApp/Libraries/SWKeychain/Package.swift

@@ -0,0 +1,18 @@
+// swift-tools-version: 5.10
+// The swift-tools-version declares the minimum version of Swift required to build this package.
+
+import PackageDescription
+
+let package = Package(
+    name: "SWKeychain",
+    platforms: [.iOS(.v15)],
+    products: [
+        .library(
+            name: "SWKeychain", targets: ["SWKeychain"]
+        )
+    ],
+    targets: [
+        .target(name: "SWKeychain"),
+        .testTarget(name: "SWKeychainTests", dependencies: ["SWKeychain"])
+    ]
+)

SwiftUI-WorkoutApp/Libraries/SWKeychain/Sources/SWKeychain/AuthData.swift

@@ -0,0 +1,25 @@
+import Foundation
+
+public struct AuthData: Codable {
+    /// Логин
+    ///
+    /// Нужен для генерации токена
+    let login: String
+    /// Пароль
+    ///
+    /// - Нужен для генерации токена
+    /// - Используется при смене логина, когда нужно сгенерировать новый токен, чтобы не выбросило из аккаунта
+    public let password: String
+    /// Токен авторизации, который отправляем на сервер
+    public var token: String? {
+        guard [login, password].allSatisfy({ !$0.trimmingCharacters(in: .whitespacesAndNewlines).isEmpty }) else {
+            return nil
+        }
+        return (login + ":" + password).data(using: .utf8)?.base64EncodedString()
+    }
+
+    public init(login: String, password: String) {
+        self.login = login
+        self.password = password
+    }
+}

SwiftUI-WorkoutApp/Libraries/SWKeychain/Sources/SWKeychain/KeychainWrapper.swift

@@ -0,0 +1,23 @@
+import Foundation
+import SwiftUI
+
+@propertyWrapper
+public struct KeychainWrapper: DynamicProperty {
+    private let label: String
+    private let storage = SecureStorage()
+
+    public init(_ label: String) {
+        self.label = label
+    }
+
+    public var wrappedValue: AuthData? {
+        get { storage.getCredentials(with: label) }
+        set {
+            if let newValue {
+                storage.updateCredentials(newValue, with: label)
+            } else {
+                storage.deleteCredentials(with: label)
+            }
+        }
+    }
+}

SwiftUI-WorkoutApp/Libraries/SWKeychain/Sources/SWKeychain/SecureStorage.swift

@@ -0,0 +1,139 @@
+import Foundation
+import OSLog
+import Security
+
+final class SecureStorage {
+    private let logger = Logger(
+        subsystem: Bundle.main.bundleIdentifier!,
+        category: String(describing: SecureStorage.self)
+    )
+
+    enum KeychainError: Error, LocalizedError {
+        case itemAlreadyExist
+        case itemNotFound
+        case errorStatus(String?)
+
+        var errorDescription: String? {
+            switch self {
+            case .itemAlreadyExist:
+                "Элемент уже существует"
+            case .itemNotFound:
+                "Элемент не найден"
+            case let .errorStatus(message):
+                message
+            }
+        }
+
+        init(status: OSStatus) {
+            switch status {
+            case errSecDuplicateItem:
+                self = .itemAlreadyExist
+            case errSecItemNotFound:
+                self = .itemNotFound
+            default:
+                let message = SecCopyErrorMessageString(status, nil) as String?
+                self = .errorStatus(message)
+            }
+        }
+    }
+
+    func addItem(query: [CFString: Any]) throws {
+        let status = SecItemAdd(query as CFDictionary, nil)
+
+        if status != errSecSuccess {
+            throw KeychainError(status: status)
+        }
+    }
+
+    func findItem(query: [CFString: Any]) throws -> [CFString: Any]? {
+        var query = query
+        query[kSecReturnAttributes] = kCFBooleanTrue
+        query[kSecReturnData] = kCFBooleanTrue
+
+        var searchResult: AnyObject?
+
+        let status = withUnsafeMutablePointer(to: &searchResult) {
+            SecItemCopyMatching(query as CFDictionary, $0)
+        }
+
+        if status != errSecSuccess {
+            throw KeychainError(status: status)
+        } else {
+            return searchResult as? [CFString: Any]
+        }
+    }
+
+    func updateItem(query: [CFString: Any], attributesToUpdate: [CFString: Any]) throws {
+        let status = SecItemUpdate(query as CFDictionary, attributesToUpdate as CFDictionary)
+
+        if status != errSecSuccess {
+            throw KeychainError(status: status)
+        }
+    }
+
+    func deleteItem(query: [CFString: Any]) throws {
+        let status = SecItemDelete(query as CFDictionary)
+
+        if status != errSecSuccess {
+            throw KeychainError(status: status)
+        }
+    }
+}
+
+extension SecureStorage {
+    func addCredentials(_ credentials: AuthData, with label: String) {
+        var query: [CFString: Any] = [:]
+        query[kSecClass] = kSecClassGenericPassword
+        query[kSecAttrLabel] = label
+        query[kSecAttrAccount] = credentials.login
+        query[kSecValueData] = credentials.password.data(using: .utf8)
+
+        do {
+            try addItem(query: query)
+        } catch {
+            logger.error("\(error.localizedDescription), label: \(label)")
+            return
+        }
+    }
+
+    func updateCredentials(_ credentials: AuthData, with label: String) {
+        deleteCredentials(with: label)
+        addCredentials(credentials, with: label)
+    }
+
+    func getCredentials(with label: String) -> AuthData? {
+        var query: [CFString: Any] = [:]
+        query[kSecClass] = kSecClassGenericPassword
+        query[kSecAttrLabel] = label
+
+        var result: [CFString: Any]?
+
+        do {
+            result = try findItem(query: query)
+        } catch {
+            logger.error("\(error.localizedDescription), label: \(label)")
+            return nil
+        }
+
+        if let account = result?[kSecAttrAccount] as? String,
+           let data = result?[kSecValueData] as? Data,
+           let password = String(data: data, encoding: .utf8) {
+            return AuthData(login: account, password: password)
+        } else {
+            return nil
+        }
+    }
+
+    func deleteCredentials(with label: String) {
+        var query: [CFString: Any] = [:]
+        query[kSecClass] = kSecClassGenericPassword
+        query[kSecAttrLabel] = label
+
+        do {
+            try deleteItem(query: query)
+        } catch {
+            logger.error("\(error.localizedDescription), label: \(label)")
+            return
+        }
+    }
+}

SwiftUI-WorkoutApp/Libraries/SWKeychain/Tests/SWKeychainTests/AuthDataTests.swift

@@ -0,0 +1,31 @@
+@testable import SWKeychain
+import Testing
+
+struct AuthDataTests {
+    private static let validLogin = "user@domain.com"
+    private static let validPassword = "p@ss!123"
+
+    @Test
+    func validCredentialsGenerateCorrectToken() throws {
+        let login = Self.validLogin
+        let password = Self.validPassword
+        let model = AuthData(login: login, password: password)
+        let token = try #require(model.token)
+        #expect(model.login == login)
+        #expect(model.password == password)
+        #expect(token == "dXNlckBkb21haW4uY29tOnBAc3MhMTIz")
+    }
+
+    @Test(arguments: [
+        ("", Self.validPassword),
+        (Self.validLogin, ""),
+        ("", ""),
+        (" ", Self.validPassword),
+        (Self.validLogin, " "),
+        ("   ", "   ")
+    ])
+    func invalidCredentialsProduceNilToken(login: String, password: String) {
+        let model = AuthData(login: login, password: password)
+        #expect(model.token == nil)
+    }
+}

SwiftUI-WorkoutApp/Libraries/SWModels/Sources/SWModels/AuthData.swift

@@ -110,7 +110,7 @@ private extension SWNetworkService {
     func logSuccess(request: URLRequest, data: Data) {
         logger.info(
             """
-            Обработали ответ сервера
+            Получили успешный ответ сервера
             \nURL запроса: \(request.urlString, privacy: .public)
             \nJSON в ответе: \(data.prettyJson, privacy: .public)
             """

SwiftUI-WorkoutApp/Libraries/SWNetwork/Sources/SWNetwork/SWNetwork.swift

@@ -10,7 +10,7 @@ let package = Package(
         .library(name: "SWUtils", targets: ["SWUtils"])
     ],
     targets: [
-        .target(name: "SWUtils", dependencies: []),
+        .target(name: "SWUtils"),
         .testTarget(name: "SWUtilsTests", dependencies: ["SWUtils"])
     ]
 )