LoginStoreProtocol

public protocol LoginStoreProtocol : AnyObject, Sendable

  • Declaration

    Swift

    func add(login: LoginEntry) throws -> Login

  • Declaration

    Swift

    func addMany(logins: [LoginEntry]) throws -> [BulkResultEntry]

  • Declaration

    Swift

    func addManyWithMeta(entriesWithMeta: [LoginEntryWithMeta]) throws -> [BulkResultEntry]

  • Declaration

    Swift

    func addOrUpdate(login: LoginEntry) throws -> Login

  • Declaration

    Swift

    func addWithMeta(entryWithMeta: LoginEntryWithMeta) throws -> Login

  • Checks multiple logins for password reuse in a single batch operation.

    Returns the GUIDs of logins whose passwords match any password in the breach database. This is more efficient than calling is_potentially_vulnerable_password() repeatedly, as it decrypts the breach database only once.

    Declaration

    Swift

    func arePotentiallyVulnerablePasswords(ids: [String]) throws -> [String]

  • Declaration

    Swift

    func count() throws -> Int64

  • Declaration

    Swift

    func countByFormActionOrigin(formActionOrigin: String) throws -> Int64

  • Declaration

    Swift

    func countByOrigin(origin: String) throws -> Int64

  • Declaration

    Swift

    func delete(id: String) throws -> Bool

  • Declaration

    Swift

    func deleteMany(ids: [String]) throws -> [Bool]

  • The delete_undecryptable_records_for_remote_replacement function locally deletes stored logins that cannot be decrypted and sets the last sync time to 0 so any existing server records can be downloaded and overwrite the locally deleted records.

    NB: This function was created to unblock iOS logins users who are unable to sync logins and should not be used outside of this use case.

    Declaration

    Swift

    func deleteUndecryptableRecordsForRemoteReplacement() throws -> LoginsDeletionMetrics

  • Declaration

    Swift

    func findLoginToUpdate(look: LoginEntry) throws -> Login?

  • Declaration

    Swift

    func get(id: String) throws -> Login?

  • Declaration

    Swift

    func getByBaseDomain(baseDomain: String) throws -> [Login]

  • Declaration

    Swift

    func getCheckpoint() throws -> String?

  • Declaration

    Swift

    func hasLoginsByBaseDomain(baseDomain: String) throws -> Bool

  • Determines whether a breach alert has been dismissed, based on the breach date and the alert dismissal timestamp.

    Declaration

    Swift

    func isBreachAlertDismissed(id: String) throws -> Bool

  • Declaration

    Swift

    func isEmpty() throws -> Bool

  • Determines whether a login’s password is potentially breached, based on the breach date and the time of the last password change.

    Declaration

    Swift

    func isPotentiallyBreached(id: String) throws -> Bool

  • Checks if a login’s password matches any password in the local breach database.

    Returns true if this login’s password appears in the breachesL table, indicating that the same password has been breached on a different domain (password reuse). This is independent of whether this specific login has been marked as breached.

    Declaration

    Swift

    func isPotentiallyVulnerablePassword(id: String) throws -> Bool

  • Declaration

    Swift

    func list() throws -> [Login]

  • Stores a known breach date for a login. In Firefox Desktop this is updated once per session from Remote Settings.

    Declaration

    Swift

    func recordBreach(id: String, timestamp: Int64) throws

  • Stores that the user dismissed the breach alert for a login.

    Declaration

    Swift

    func recordBreachAlertDismissal(id: String) throws

  • Stores the time at which the user dismissed the breach alert for a login.

    Declaration

    Swift

    func recordBreachAlertDismissalTime(id: String, timestamp: Int64) throws

  • Records a list of potentially vulnerable passwords in the breach database.

    This is used to bulk-populate the breachesL table with known breached passwords, typically during import operations or when syncing breach data. Passwords are encrypted before storage and duplicates are automatically filtered out.

    Declaration

    Swift

    func recordPotentiallyVulnerablePasswords(passwords: [String]) throws

  • Declaration

    Swift

    func registerWithSyncManager()

  • Declaration

    Swift

    func reset() throws

  • Removes all recorded breaches for all logins (i.e. sets time_of_last_breach to null).

    Declaration

    Swift

    func resetAllBreaches() throws

  • Run maintenance on the DB

    This is intended to be run during idle time and will take steps / to clean up / shrink the database.

    Declaration

    Swift

    func runMaintenance() throws

  • Declaration

    Swift

    func setCheckpoint(checkpoint: String) throws

  • Declaration

    Swift

    func shutdown()

  • Declaration

    Swift

    func touch(id: String) throws

  • Declaration

    Swift

    func update(id: String, login: LoginEntry) throws -> Login

  • Clear out locally stored logins data

    If sync is enabled, then we will try to recover the data on the next sync.

    The main reason to call this is when regenerating a new encryption key. In that case, there’s no reason to keep around the local data since it can’t be decrypted. Calling wipe_local is better than keeping around these un-decryptable logins, since we might be able to recover the data via sync.

    This is a no-op for freshly created databases, so it’s safe to call this whenever a key is generated.

    Declaration

    Swift

    func wipeLocal() throws