shihaam/thijooree
1
0
Fork 1
Code Issues 12 Pull Requests 2 Actions Packages Projects Releases 20 Wiki Activity
Files
1d27bc40680b2c8798558f13bc2772bbd03bd4c8
thijooree/docs/thijooree/03-login.md
T
shihaam 86e1e66a20
Auto Tag on Version Change / check-version (push) Failing after 14m45s
Details
update docs
2026-05-30 19:33:15 +05:00

2.7 KiB
Raw Blame History

Login

LoginActivity handles adding bank accounts. It is shown on first launch (after onboarding) and also opened from Settings → Logins → Add Account.

Fragment Flow

LoginActivity
  └─ BankSelectionFragment   ← pick a bank
       └─ CredentialsFragment ← enter credentials for that bank

Bank Selection — BankSelectionFragment

A scrollable list of supported banks presented as selectable cards:

Bank Notes
MIB (Maldives Islamic Bank) Username + password
BML (Bank of Maldives) Username + password
Fahipay Mobile number + password

Tapping a card navigates to CredentialsFragment with the selected bank pre-set.

Credentials — CredentialsFragment

MIB Login

Fields:

  • Username
  • Password

Flow on submit:

  1. MibLoginFlow.login() — performs Diffie-Hellman key exchange, then authenticates with Blowfish/ECB-encrypted credentials
  2. On success, fetches operatingProfiles — the list of CIF profiles (Individual, Sole Propr, etc.)
  3. Each profile is stored as a MibAccount with bank = "MIB" and cifType from the API
  4. Sessions are stored in BasedBankApp.mibSessions

BML Login

Fields:

  • Username (customer ID)
  • Password

Flow on submit:

  1. BmlLoginFlow.login() — OAuth password grant → access token + refresh token
  2. Fetches dashboard → list of CASA accounts + cards
  3. Each account/card stored as MibAccount with bank = "BML"
  4. Tokens stored in BasedBankApp.bmlSessions

Fahipay Login

Fields:

  • Mobile number (7-digit local, auto-prefixed with +960)
  • Password

Flow on submit:

  1. FahipayLoginFlow.login() — authenticates against Fahipay API
  2. On success, stores authID + __Secure-sess cookie
  3. Single wallet account stored with bank = "FAHIPAY"

Multi-Profile Support

Each MIB login can have multiple CIF profiles (e.g., an individual and a business account under the same username). Each profile appears as a separate entry in the accounts list and can be toggled independently in Settings → Logins.

BML and Fahipay each yield a single profile per login.

Adding the same bank login a second time merges its profiles into the existing login rather than creating a duplicate.

Credential Storage

All credentials (username, password, tokens, session cookies) are encrypted via CredentialStore, which uses Android EncryptedSharedPreferences backed by a hardware-keystore key where available.

After Login

CredentialsFragment calls app.autoRefresh() after a successful login, then navigates back to LoginActivity's result which routes to HomeActivity (or back to Settings if called from there).

 

← Lock Screen     Next → Accounts

Reference in New Issue View Git Blame Copy Permalink