type
status
date
slug
summary
tags
category
icon
password
实现效果
什么是隐私屏幕
通俗来说隐私屏幕就是,用来保护用户的隐私,当应用处在后台,或者任务切换时,将覆盖应用的可视区域,比较常见的应用有支付宝,云闪付等
下面是译文部分,文章来自Securing Your Flutter App: Implementing a Privacy Screen | by Ribesh Basnet | wesionaryTEAM
When to Use a Privacy Screen? 何时使用隐私屏幕?
You should consider implementing a privacy screen for apps that:您应该考虑为满足以下条件的应用实现隐私屏幕:
- Handle sensitive user data such as financial information, personal health data, or proprietary business data.
处理敏感的用户数据,例如财务信息、个人健康数据或专有业务数据。
- Are likely to be used in shared or public environments, where over-the-shoulder snooping could be a risk.
可能用于共享或公共环境,在这些环境中,过肩窥探可能存在风险。
Implementing a Privacy Screen in Flutter在 Flutter 中实现隐私屏幕
In flutter, the implementation of a privacy screen involves platform-specific code, as the process varies between Android and iOS.
在 flutter 中,隐私屏幕的实现涉及特定于平台的代码,因为该过程在 Android 和 iOS 之间有所不同。
For android 对于android:
Android provides a built-in mechanism to secure the screen content by using the
WindowManager.LayoutParams.FLAG_SECURE . This flag treats the content of the window as secure, preventing it from appearing in screenshot or from being viewed on non-secure displays.Android 提供了一种内置机制,通过使用 WindowManager.LayoutParams.FLAG_SECURE .此标志将窗口的内容视为安全内容,防止其显示在屏幕截图中或在非安全显示器上查看。In the context of our flutter app, we can harness this feature by writing some Kotlin code to enable or disable it when needed.在我们的 flutter 应用的上下文中,我们可以通过编写一些 Kotlin 代码来利用此功能,以便在需要时启用或禁用它。
Let’s dive into code: 让我们深入了解代码:
The class
MainActivity inherits from FlutterActivity , and we’re overriding the configureFlutterEngine function to set up a method channel. This method channel allows communication between Flutter and Android. We’re listening to two methods from flutter, “enableAppSecurity” and “disableAppSecurity”, to toggle the secure flag.该类
MainActivity 继承自 FlutterActivity ,我们将重写该 configureFlutterEngine 函数以设置方法通道。这个方法通道允许 Flutter 和 Android 之间的通信。我们正在监听 flutter 中的两种方法,“enableAppSecurity”和“disableAppSecurity”,来切换安全标志。The
toggleAppSecurity function checks whether the app has window focus or not. if it has focus, we’re disabling the security flag, otherwise we’re enabling it. We also call enableAppSecurity in the onPause function and disableAppSecurity in the onResume function. This ensures that the app content is secure when the app is not on the foregroung and visible again when the app comes to the foreground.该
toggleAppSecurity 函数检查应用是否具有窗口焦点。 如果它具有焦点,我们将禁用安全标志,否则我们将启用它。我们还调用 enableAppSecurity 函数和 onPause disableAppSecurity onResume 函数。这可确保当应用不在前台时,应用内容是安全的,当应用出现在前台时,应用内容将再次可见。By implementing this, the screen content of our app will be secured when it’s not in the foreground, enhancing the privacy of our app and protecting sensitive data.
通过实现这一点,我们应用程序的屏幕内容将在不在前台时得到保护,从而增强我们应用程序的隐私并保护敏感数据。
For iOS 对于 iOS:
Like Android, iOS also allows us to protect the privacy of our app screen by using blur effect. However, the approach is slightly different due to the difference in iOS and Android platforms.与Android一样,iOS还允许我们通过使用模糊效果来保护应用程序屏幕的隐私。但是,由于 iOS 和 Android 平台的差异,方法略有不同。
Let’s break down the iOS implementation 让我们分解一下 iOS 实现:
We are using
UIApplicationMain to denote the entry point of our iOS app. This is similar to the main() function in a C or C++ program. The AppDelegate class inherits from FlutterAppDelegate which gives us access to the app lifecycle callbacks and the main UIWindow .我们用来
UIApplicationMain 表示 iOS 应用程序的入口点。这类似于 C 或 C++ 程序中的 main() 函数。该 AppDelegate 类继承了该类, FlutterAppDelegate 该类使我们能够访问应用程序生命周期回调和主 UIWindow .In the
application(_:didFinishLaunchingWithOptions:) method, we initialize the FlutterMethodChannel to communicate with Flutter. We use the setMethodCallHanlder(_:) to handle flutter method calls.在该方法中
application(_:didFinishLaunchingWithOptions:) ,我们初始化 FlutterMethodChannel 与 Flutter 通信。我们使用 setMethodCallHanlder(_:) 来处理 flutter 方法调用。When the application enters the background, we set the
isInBackground flag and enable the security feature. This is done in the applicationDidEnterBackground(_:) method.当应用程序进入后台时,我们设置
isInBackground 标志并启用安全功能。这是在方法中 applicationDidEnterBackground(_:) 完成的。On the other hand, when the application becomes active, we check if it was in the background before becoming active. If so, we disable the app security and reset the
isInBackground flag.另一方面,当应用程序处于活动状态时,我们会检查它在激活之前是否在后台运行。如果是这样,我们禁用应用程序安全性并重置标志
isInBackground 。The
enableAppSecurity() function creates a blur effect and applies it to a UIVisualEffectView, which is then added to the window. This effectively obscures the app's UI when viewed from the app switcher or a screenshot.该 enableAppSecurity() 函数创建模糊效果并将其应用于 UIVisualEffectView ,然后将其添加到窗口中。从应用切换器或屏幕截图查看时,这会有效地遮挡应用的 UI。The
disableAppSecurity() function simply removes the UIVisualEffectView from the window, revealing the app's UI.该 disableAppSecurity() 函数只是从窗口中删除, UIVisualEffectView 显示应用程序的 UI。By adopting this approach, we ensure that our app’s UI is protected when it is not in use, enhancing the privacy of the user’s data and adhering to best practices for app security.通过采用这种方法,我们确保应用的 UI 在不使用时受到保护,从而增强用户数据的隐私性,并遵循应用安全的最佳实践。
Flutter Integration Flutter 集成
For apps developed using the cross-platform framework Flutter, MethodChannels can be used to interact with native Android and iOS features.对于使用跨平台框架 Flutter 开发的应用,MethodChannels 可用于与原生 Android 和 iOS 功能进行交互。
Let’s see how to use Flutter to interact with the screen privacy functions we defined in our native code:让我们看看如何使用 Flutter 与我们在原生代码中定义的屏幕隐私函数进行交互:
We start by defining an abstract class
IAppScreenPrivacy with two methods, enableScreenPrivacy() and disableScreenPrivacy(). The AppScreenPrivacyService class, which extends IAppScreenPrivacy, implements these methods.我们首先使用两个方法定义一个抽象类
IAppScreenPrivacy , enableScreenPrivacy() 并且 disableScreenPrivacy() .扩展 IAppScreenPrivacy 的 AppScreenPrivacyService 类实现这些方法。Each method makes an attempt to invoke its respective function in the native code. The
invokeMethod function of the MethodChannel class is used for this, with the method name we wish to invoke being passed as an argument. It is crucial that these names match the ones defined in our native code, hence we use 'enableAppSecurity' and 'disableAppSecurity'.每个方法都尝试在本机代码中调用其各自的函数。
MethodChannel 类 invokeMethod 的函数用于此目的,我们希望调用的方法名称作为参数传递。至关重要的是,这些名称必须与本机代码中定义的名称相匹配,因此我们使用“enableAppSecurity”和“disableAppSecurity”。If the function call is successful, the screen privacy setting will be applied. However, if there’s an issue, the
invokeMethod call will throw a PlatformException. This exception is caught and logged for debugging purposes.如果函数调用成功,将应用屏幕隐私设置。但是,如果出现问题,
invokeMethod 调用将引发 PlatformException .出于调试目的,将捕获并记录此异常。By making use of this setup, we can control our native app security features directly from our Flutter code. This enables us to leverage the control and power of native development while still benefiting from the productivity and ease-of-use that Flutter provides.
通过使用此设置,我们可以直接从 Flutter 代码中控制我们的原生应用安全功能。这使我们能够利用原生开发的控制和功能,同时仍然受益于 Flutter 提供的生产力和易用性。
Through integrating these security practices into our application, we can better protect sensitive user information from being inadvertently exposed via the app switcher or screenshots, ensuring enhanced privacy for our users.
通过将这些安全实践集成到我们的应用程序中,我们可以更好地保护敏感的用户信息,防止通过应用程序切换器或屏幕截图无意中暴露,从而确保增强用户的隐私。
更多相关开源例子
欢迎您在底部评论区留言,一起交流~
- Author:yaojunluo
- URL:https://next.yaojunluo.com/article/a6a14325-91ae-4481-b344-6028a1392610
- Copyright:All articles in this blog, except for special statements, adopt BY-NC-SA agreement. Please indicate the source!