UI for password encrypted message functionality

[DenBond7]

See FlowCrypt/flowcrypt-ios#1221

[DenBond7]

Actually, it's an interesting issue :). It seems we have a not simple logic here.

[DenBond7]

Before starting to work on this issue need to understand what exactly we do here.

As I understand we have the following:

1. During creating a new encrypted message we can have recipients that don't have public keys.
2. We show a hint for a user: you can import missing public keys or protect the current message with a pass phrase for recipients with missing public keys.
3. After that the user should provide missing public keys or a pass phrase that will be used for a password encrypted message.
4. Let's imagine the user has provided a pass phrase. What do we do next?
5. It seems we should create an encrypted message that will be sent as attachment, do all things from prepare API model / client class for sending through web portal #1615, receive some URL and send a message with text

[email protected] has sent you a password-encrypted email Click here to Open Message

Alternatively copy and paste the following link: https://flowcrypt.com/HoHoHoHo

and attachments(noname, encryped.asc)

Just a simplified version what I see.

@tomholub Please correct me if needed

[IvanPizhenko]

We also should take into account that enterprise customers may have their own FES instance.

[DenBond7]

We also should take into account that enterprise customers may have their own FES instance.

Yes, it relates to #1621 and #1622

[DenBond7]

as an example to discuss

[tomholub]

I wanted to do this on one platform first (iOS in this case) so that we can see it in action and settle the exact UI before doing it on a second platform (Android). That's why I tried to assign you non-ui tasks here and assign Roman UI tasks there, so I don't have to be potentially wrong twice per platform for all tasks (because I'm not too sure until I see it).

[tomholub]

We show a hint for a user: you can import missing public keys or protect the current message with a pass phrase for recipients with missing public keys.

we call it a password in this case to differentiate, though it's true it doesn't sound that different

[tomholub]

Let's imagine the user has provided a pass phrase. What do we do next?
It seems we should create an encrypted message that will be sent as attachment, do all things from prepare API model / client class for sending through web portal #1615, receive some URL and send a message with text

This is outside of scope of this issue, so we don't have to discuss it in detail yet. But basically

1. call FES to get a reply token
2. encode the reply token into the message & encrypt a message with both public keys (my own + recipients if any) and the provided password
3. upload the message to FES
4. format the message with the sentence + link + encrypted data in attachment
5. send message formatted this way through gmail

[tomholub]

This is pretty good. The only problem is, it only shows after user already tapped send which is a bit too late. It would be better to have some banner.

Also:

• the password option should be first, when available
• switch to standard email should be removed when FES available

[tomholub]

@sosnovsky you can have a look at the sketches above in case it helps you with FlowCrypt/flowcrypt-ios#1221

[sosnovsky]

@sosnovsky you can have a look at the sketches above in case it helps you with FlowCrypt/flowcrypt-ios#1221

Looks good, I currently have more basic UI implementation:

[tomholub]

I think the screenshots on both platforms are appropriate (for the level of implementation / features already available for that platform). So it looks on a good track.

I think on iOS, above the password, we could add another paragraph of text about the user being responsible to share the password. Per the Android screenshot "You are responsible ..."

[DenBond7]

@tomholub

I wanted to do this on one platform first (iOS in this case) so that we can see it in action and settle the exact UI before doing it on a second platform (Android).

I've provided only UI (after checking the web version.). Just sketches without logic. I have not added logic yet :)

The only problem is, it only shows after user already tapped send which is a bit too late.

It depends on our needs. For example, we can show floatActionButton when we found at least one recipient without a public key. Similar to the web version does.

[tomholub]

Yes. And do UI is not bad. So you can use this.

[tomholub]

The float sounds good.

[tomholub]

@DenBond7 does Android have any database entry that indicates if FES is available for that user?

[DenBond7]

We store OrgRules. If it contains such info (some entry that indicates FES) my answer - yes.

[DenBond7]

@tomholub Can we fetch clientConfiguration when FES doesn't work?

edit: when FES is not available for a user

[DenBond7]

@tomholub It seems FlowCrypt/flowcrypt-ios#1221 is already closed.

I wanted to do this on one platform first (iOS in this case) so that we can see it in action and settle the exact UI before doing it on a second platform (Android). That's why I tried to assign you non-ui tasks here and assign Roman UI tasks there, so I don't have to be potentially wrong twice per platform for all tasks (because I'm not too sure until I see it).

I can to come back to this issue. How can I test the last changes for iOS? Would you like to share any instruction for UI for this issue?

[tomholub]

Your UI example, with my comments here #1620 (comment) looks good to me for Android.

[tomholub]

I'll build you the iOS app so you can test it too.

[DenBond7]

@tomholub I think UI is done. Please look at the video. Maybe you would like to change something

Screencast.2022-01-12.10.43.12.mp4

[tomholub]

This is good. Please, for now, hide the strength evaluation - there will be different rules for evaluating strength of passwords (as opposed to pass phrases). Else this looks great.