storePinAfterBiometric method

Future<Map<String, dynamic>> storePinAfterBiometric(
String username,
String pin, {
String? jwtToken,
bool testMode = false,
})
Store PIN after biometric verification
Implementation

Future<Map<String, dynamic>> storePinAfterBiometric(String username, String pin, {String? jwtToken, bool testMode = false}) async {
  try {
    OnairosDebugHelper.log('🔐 Storing PIN after biometric verification');

    // Validate PIN first
    final validation = validatePin(pin);
    if (!validation['isValid']) {
      return {
        'success': false,
        'message': 'PIN does not meet requirements',
        'errors': validation['errors'],
      };
    }

    // NOTE: Temporarily skip local biometric storage to avoid post-PIN prompts
    // await _storage.storePinSecurely(pin, username: username);
    OnairosDebugHelper.log('⚠️ Skipping biometric secure storage (temporary)');

    // Test mode mock response
    if (testMode) {
      await Future.delayed(const Duration(milliseconds: 500));

      await _storage.storeValue('user_pin_stored', 'true');
      await _storage.storeValue('pin_storage_timestamp', DateTime.now().millisecondsSinceEpoch.toString());

      OnairosDebugHelper.log('✅ Test mode: PIN stored successfully');
      return {
        'success': true,
        'message': 'PIN stored successfully (test mode)',
        'testMode': true,
        'strength': validation['strength'],
      };
    }

    // Get JWT token for authentication
    final authToken = jwtToken ?? await _storage.getStoredJwtToken();

    if (authToken == null) {
      return {
        'success': false,
        'message': 'No authentication token available',
        'error': 'MISSING_AUTH_TOKEN',
      };
    }

    // Send PIN to backend using mobile endpoint (JWT-based, matches React Native SDK)
    final response = await _apiKeyService.authenticatedPost(
      'store-pin/mobile',
      body: {
        // Username is optional for mobile; backend primarily uses JWT (userId/email)
        'username': username,
        'pin': pin,
        'timestamp': DateTime.now().toIso8601String(),
        'strength': validation['strength'],
      },
      jwtToken: authToken,
    );

    // Store PIN creation status locally
    if (response['success'] == true) {
      await _storage.storeValue('user_pin_stored', 'true');
      await _storage.storeValue('pin_storage_timestamp', DateTime.now().millisecondsSinceEpoch.toString());
      await _storage.storeValue('pin_backend_id', response['pinId'] ?? 'unknown');
    }

    OnairosDebugHelper.log('✅ PIN stored successfully');
    return response;

  } catch (e) {
    OnairosDebugHelper.log('❌ Error storing PIN: $e');
    return {
      'success': false,
      'message': 'Failed to store PIN. Please try again.',
      'error': e.toString(),
    };
  }
}
storePinAfterBiometric method

Implementation

PinService class
