Show disable email verification for all users (#200)

got rid of "there is" because i forgot to delete that for some reason when editing my guide before publishing it

.github/workflows/ci.yml

@@ -41,7 +41,7 @@ jobs:
 
             # Build independent apk.
             - name: Build
-              run: flutter build apk --release --flavor independent && mv build/app/outputs/flutter-apk/app-independent-release.apk build/app/outputs/flutter-apk/ente-auth.apk
+              run: flutter build apk --release --flavor independent --dart-define=app.flavor=independent && mv build/app/outputs/flutter-apk/app-independent-release.apk build/app/outputs/flutter-apk/ente-auth.apk
               env:
                   SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
                   SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
@@ -50,7 +50,7 @@ jobs:
 
             # Build Play store aab.
             - name: Build
-              run: flutter build appbundle --release --flavor playstore
+              run: flutter build appbundle --release --flavor playstore --dart-define=app.flavor=playstore
               env:
                   SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
                   SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}

README.md

@@ -94,7 +94,7 @@ tokens has been documented [here](architecture/README.md).
 1. [Install Flutter](https://flutter.dev/docs/get-started/install)
 2. Clone this repository with `git clone git@github.com:ente-io/auth.git` 
 3. Pull in all submodules with `git submodule update --init --recursive`
-4. For Android, run `flutter build apk --release --flavor independent`
+4. For Android, [setup your keystore](https://docs.flutter.dev/deployment/android#create-an-upload-keystore) and run `flutter build apk --release --flavor independent`
 5. For iOS, run `flutter build ios` 
 
 For maintainers, there is [additional documentation](RELEASES.md) on

analysis_options.yaml

@@ -48,4 +48,5 @@ analyzer:
     avoid_renaming_method_parameters: ignore # incorrect warnings for `equals` overrides
 
   exclude:
-    - thirdparty/**
+    - thirdparty/**
+    - flutter/**

android/build.gradle

@@ -1,5 +1,5 @@
 buildscript {
-    ext.kotlin_version = '1.6.10'
+    ext.kotlin_version = '1.8.22'
     repositories {
         google()
         mavenCentral()

ios/Podfile.lock

@@ -64,7 +64,7 @@ PODS:
   - FMDB (2.7.5):
     - FMDB/standard (= 2.7.5)
   - FMDB/standard (2.7.5)
-  - local_auth (0.0.1):
+  - local_auth_ios (0.0.1):
     - Flutter
   - move_to_background (0.0.1):
     - Flutter
@@ -94,7 +94,7 @@ PODS:
   - shared_preferences_foundation (0.0.1):
     - Flutter
     - FlutterMacOS
-  - sqflite (0.0.2):
+  - sqflite (0.0.3):
     - Flutter
     - FMDB (>= 2.7.5)
   - SwiftyGif (5.4.4)
@@ -117,7 +117,7 @@ DEPENDENCIES:
   - flutter_secure_storage (from `.symlinks/plugins/flutter_secure_storage/ios`)
   - flutter_sodium (from `.symlinks/plugins/flutter_sodium/ios`)
   - fluttertoast (from `.symlinks/plugins/fluttertoast/ios`)
-  - local_auth (from `.symlinks/plugins/local_auth/ios`)
+  - local_auth_ios (from `.symlinks/plugins/local_auth_ios/ios`)
   - move_to_background (from `.symlinks/plugins/move_to_background/ios`)
   - open_filex (from `.symlinks/plugins/open_filex/ios`)
   - package_info_plus (from `.symlinks/plugins/package_info_plus/ios`)
@@ -168,8 +168,8 @@ EXTERNAL SOURCES:
     :path: ".symlinks/plugins/flutter_sodium/ios"
   fluttertoast:
     :path: ".symlinks/plugins/fluttertoast/ios"
-  local_auth:
-    :path: ".symlinks/plugins/local_auth/ios"
+  local_auth_ios:
+    :path: ".symlinks/plugins/local_auth_ios/ios"
   move_to_background:
     :path: ".symlinks/plugins/move_to_background/ios"
   open_filex:
@@ -207,28 +207,28 @@ SPEC CHECKSUMS:
   flutter_native_splash: 52501b97d1c0a5f898d687f1646226c1f93c56ef
   flutter_secure_storage: 23fc622d89d073675f2eaa109381aefbcf5a49be
   flutter_sodium: c84426b4de738514b5b66cfdeb8a06634e72fe0b
-  fluttertoast: eb263d302cc92e04176c053d2385237e9f43fad0
+  fluttertoast: fafc4fa4d01a6a9e4f772ecd190ffa525e9e2d9c
   FMDB: 2ce00b547f966261cd18927a3ddb07cb6f3db82a
-  local_auth: 1740f55d7af0a2e2a8684ce225fe79d8931e808c
+  local_auth_ios: c6cf091ded637a88f24f86a8875d8b0f526e2605
   move_to_background: 39a5b79b26d577b0372cbe8a8c55e7aa9fcd3a2d
   MTBBarcodeScanner: f453b33c4b7dfe545d8c6484ed744d55671788cb
   open_filex: 6e26e659846ec990262224a12ef1c528bb4edbe4
   OrderedSet: aaeb196f7fef5a9edf55d89760da9176ad40b93c
   package_info_plus: 6c92f08e1f853dc01228d6f553146438dafcd14e
-  path_provider_foundation: 37748e03f12783f9de2cb2c4eadfaa25fe6d4852
+  path_provider_foundation: 29f094ae23ebbca9d3d0cec13889cd9060c0e943
   qr_code_scanner: bb67d64904c3b9658ada8c402e8b4d406d5d796e
   Reachability: 33e18b67625424e47b6cde6d202dce689ad7af96
   SDWebImage: 9bec4c5cdd9579e1f57104735ee0c37df274d593
   Sentry: 4c9babff9034785067c896fd580b1f7de44da020
-  sentry_flutter: b10ae7a5ddcbc7f04648eeb2672b5747230172f1
+  sentry_flutter: 1346a880b24c0240807b53b10cf50ddad40f504e
   share_plus: 056a1e8ac890df3e33cb503afffaf1e9b4fbae68
-  shared_preferences_foundation: 297b3ebca31b34ec92be11acd7fb0ba932c822ca
-  sqflite: 6d358c025f5b867b29ed92fc697fd34924e11904
+  shared_preferences_foundation: 5b919d13b803cadd15ed2dc053125c68730e5126
+  sqflite: 31f7eba61e3074736dff8807a9b41581e4f7f15a
   SwiftyGif: 93a1cc87bf3a51916001cf8f3d63835fb64c819f
   Toast: 91b396c56ee72a5790816f40d3a94dd357abc196
   uni_links: d97da20c7701486ba192624d99bffaaffcfc298a
-  url_launcher_ios: ae1517e5e344f5544fb090b079e11f399dfbe4d2
+  url_launcher_ios: 08a3dfac5fb39e8759aeb0abbd5d9480f30fc8b4
 
 PODFILE CHECKSUM: b4e3a7eabb03395b66e81fc061789f61526ee6bb
 
-COCOAPODS: 1.11.3
+COCOAPODS: 1.12.1

ios/Runner.xcodeproj/project.pbxproj

@@ -225,6 +225,7 @@
 			files = (
 			);
 			inputPaths = (
+				"${TARGET_BUILD_DIR}/${INFOPLIST_PATH}",
 			);
 			name = "Thin Binary";
 			outputPaths = (

lib/app/view/app.dart

@@ -12,6 +12,7 @@ import "package:ente_auth/l10n/l10n.dart";
 import 'package:ente_auth/locale.dart';
 import "package:ente_auth/onboarding/view/onboarding_page.dart";
 import 'package:ente_auth/services/update_service.dart';
+import 'package:ente_auth/services/user_service.dart';
 import 'package:ente_auth/ui/home_page.dart';
 import 'package:ente_auth/ui/settings/app_update_dialog.dart';
 import 'package:flutter/foundation.dart';
@@ -49,6 +50,7 @@ class _AppState extends State<App> {
       }
     });
     _signedInEvent = Bus.instance.on<SignedInEvent>().listen((event) {
+      UserService.instance.getUserDetailsV2().ignore();
       if (mounted) {
         setState(() {});
       }

lib/core/configuration.dart

@@ -4,7 +4,6 @@ import 'dart:typed_data';
 
 import 'package:bip39/bip39.dart' as bip39;
 import 'package:ente_auth/core/constants.dart';
-import 'package:ente_auth/core/errors.dart';
 import 'package:ente_auth/core/event_bus.dart';
 import 'package:ente_auth/events/signed_in_event.dart';
 import 'package:ente_auth/events/signed_out_event.dart';
@@ -18,6 +17,7 @@ import 'package:flutter_sodium/flutter_sodium.dart';
 import 'package:logging/logging.dart';
 import 'package:path_provider/path_provider.dart';
 import 'package:shared_preferences/shared_preferences.dart';
+import 'package:tuple/tuple.dart';
 
 class Configuration {
   Configuration._privateConstructor();
@@ -146,6 +146,7 @@ class Configuration {
       utf8.encode(password) as Uint8List,
       kekSalt,
     );
+    final loginKey = await CryptoUtil.deriveLoginKey(derivedKeyResult.key);
 
     // Encrypt the key with this derived key
     final encryptedKeyData =
@@ -175,10 +176,11 @@ class Configuration {
       Sodium.bin2hex(recoveryKey),
       Sodium.bin2base64(keyPair.sk),
     );
-    return KeyGenResult(attributes, privateAttributes);
+    return KeyGenResult(attributes, privateAttributes, loginKey);
   }
 
-  Future<KeyAttributes> updatePassword(String password) async {
+
+  Future<Tuple2<KeyAttributes, Uint8List>> getAttributesForNewPassword(String password) async {
     // Get master key
     final masterKey = getKey();
 
@@ -189,6 +191,7 @@ class Configuration {
       utf8.encode(password) as Uint8List,
       kekSalt,
     );
+    final loginKey = await CryptoUtil.deriveLoginKey(derivedKeyResult.key);
 
     // Encrypt the key with this derived key
     final encryptedKeyData =
@@ -196,42 +199,41 @@ class Configuration {
 
     final existingAttributes = getKeyAttributes();
 
-    return existingAttributes!.copyWith(
+    final updatedAttributes = existingAttributes!.copyWith(
       kekSalt: Sodium.bin2base64(kekSalt),
       encryptedKey: Sodium.bin2base64(encryptedKeyData.encryptedData!),
       keyDecryptionNonce: Sodium.bin2base64(encryptedKeyData.nonce!),
       memLimit: derivedKeyResult.memLimit,
       opsLimit: derivedKeyResult.opsLimit,
     );
+    return Tuple2(updatedAttributes, loginKey);
   }
 
-  Future<void> decryptAndSaveSecrets(
+  // decryptSecretsAndGetLoginKey decrypts the master key and recovery key
+  // with the given password and save them in local secure storage.
+  // This method also returns the keyEncKey that can be used for performing
+  // SRP setup for existing users.
+  Future<Uint8List> decryptSecretsAndGetKeyEncKey(
     String password,
     KeyAttributes attributes,
+  {
+    Uint8List? keyEncryptionKey,
+  }
   ) async {
     _logger.info('Start decryptAndSaveSecrets');
-    // validatePreVerificationStateCheck(
-    //   attributes,
-    //   password,
-    //   getEncryptedToken(),
-    // );
-    _logger.info('state validation done');
-    final kek = await CryptoUtil.deriveKey(
-      utf8.encode(password) as Uint8List,
-      Sodium.base642bin(attributes.kekSalt),
-      attributes.memLimit,
-      attributes.opsLimit,
-    ).onError((e, s) {
-      _logger.severe('deriveKey failed', e, s);
-      throw KeyDerivationError();
-    });
+    keyEncryptionKey ??= await CryptoUtil.deriveKey(
+        utf8.encode(password) as Uint8List,
+        Sodium.base642bin(attributes.kekSalt),
+        attributes.memLimit,
+        attributes.opsLimit,
+      );
 
     _logger.info('user-key done');
     Uint8List key;
     try {
       key = CryptoUtil.decryptSync(
         Sodium.base642bin(attributes.encryptedKey),
-        kek,
+        keyEncryptionKey,
         Sodium.base642bin(attributes.keyDecryptionNonce),
       );
     } catch (e) {
@@ -256,6 +258,7 @@ class Configuration {
     await setToken(
       Sodium.bin2base64(token, variant: Sodium.base64VariantUrlsafe),
     );
+    return keyEncryptionKey;
   }
 
   Future<void> recover(String recoveryKey) async {
@@ -306,6 +309,10 @@ class Configuration {
     return _cachedToken;
   }
 
+  bool isLoggedIn() {
+    return getToken() != null;
+  }
+
   Future<void> setToken(String token) async {
     _cachedToken = token;
     await _preferences.setString(tokenKey, token);
@@ -413,7 +420,7 @@ class Configuration {
     final keyAttributes = getKeyAttributes()!;
     return CryptoUtil.decryptSync(
       Sodium.base642bin(keyAttributes.recoveryKeyEncryptedWithMasterKey),
-      getKey(),
+      getKey()!,
       Sodium.base642bin(keyAttributes.recoveryKeyDecryptionNonce),
     );
   }

lib/core/constants.dart

@@ -7,6 +7,7 @@ const String sentryDSN =
     "https://ed4ddd6309b847ba8849935e26e9b648@sentry.ente.io/9";
 const String sentryTunnel = "https://sentry-reporter.ente.io";
 const String roadmapURL = "https://roadmap.ente.io";
+const String githubIssuesUrl = "https://github.com/ente-io/auth/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc";
 const int microSecondsInDay = 86400000000;
 const int android11SDKINT = 30;
 const int galleryLoadStartTime = -8000000000000000; // Wednesday, March 6, 1748

lib/core/errors.dart

@@ -41,4 +41,6 @@ class InvalidStateError extends AssertionError {
 
 class KeyDerivationError extends Error {}
 
+class SrpSetupNotCompleteError extends Error {}
+
 class AuthenticatorKeyNotFound extends Error {}

lib/core/network.dart

@@ -1,18 +1,29 @@
 import 'dart:io';
 
 import 'package:dio/dio.dart';
+import 'package:ente_auth/core/configuration.dart';
+import 'package:ente_auth/core/constants.dart';
 import 'package:fk_user_agent/fk_user_agent.dart';
+import 'package:flutter/foundation.dart';
 import 'package:package_info_plus/package_info_plus.dart';
+import 'package:shared_preferences/shared_preferences.dart';
 import 'package:uuid/uuid.dart';
 
 int kConnectTimeout = 15000;
 
 class Network {
+  // apiEndpoint points to the Ente server's API endpoint
+  static const apiEndpoint = String.fromEnvironment(
+    "endpoint",
+    defaultValue: kDefaultProductionEndpoint,
+  );
   late Dio _dio;
+  late Dio _enteDio;
 
   Future<void> init() async {
     await FkUserAgent.init();
     final packageInfo = await PackageInfo.fromPlatform();
+    final preferences = await SharedPreferences.getInstance();
     _dio = Dio(
       BaseOptions(
         connectTimeout: kConnectTimeout,
@@ -24,6 +35,18 @@ class Network {
       ),
     );
     _dio.interceptors.add(RequestIdInterceptor());
+    _enteDio = Dio(
+      BaseOptions(
+        baseUrl: apiEndpoint,
+        connectTimeout: kConnectTimeout,
+        headers: {
+          HttpHeaders.userAgentHeader: FkUserAgent.userAgent,
+          'X-Client-Version': packageInfo.version,
+          'X-Client-Package': packageInfo.packageName,
+        },
+      ),
+    );
+    _enteDio.interceptors.add(EnteRequestInterceptor(preferences, apiEndpoint));
   }
 
   Network._privateConstructor();
@@ -31,6 +54,7 @@ class Network {
   static Network instance = Network._privateConstructor();
 
   Dio getDio() => _dio;
+  Dio get enteDio => _enteDio;
 }
 
 class RequestIdInterceptor extends Interceptor {
@@ -41,3 +65,27 @@ class RequestIdInterceptor extends Interceptor {
     return super.onRequest(options, handler);
   }
 }
+
+class EnteRequestInterceptor extends Interceptor {
+  final SharedPreferences _preferences;
+  final String enteEndpoint;
+
+  EnteRequestInterceptor(this._preferences, this.enteEndpoint);
+
+  @override
+  void onRequest(RequestOptions options, RequestInterceptorHandler handler) {
+    if (kDebugMode) {
+      assert(
+      options.baseUrl == enteEndpoint,
+      "interceptor should only be used for API endpoint",
+      );
+    }
+    // ignore: prefer_const_constructors
+    options.headers.putIfAbsent("x-request-id", () => Uuid().v4().toString());
+    final String? tokenValue = _preferences.getString(Configuration.tokenKey);
+    if (tokenValue != null) {
+      options.headers.putIfAbsent("X-Auth-Token", () => tokenValue);
+    }
+    return super.onRequest(options, handler);
+  }
+}

lib/l10n/arb/app_de.arb

@@ -11,6 +11,10 @@
   "importScanQrCode": "Scannen eines QR-Codes",
   "importEnterSetupKey": "Einen Setup-Schlüssel eingeben",
   "importAccountPageTitle": "Kontodaten eingeben",
+  "secretCanNotBeEmpty": "Geheimnis darf nicht leer sein",
+  "bothIssuerAndAccountCanNotBeEmpty": "Sowohl Aussteller als auch Konto können nicht leer sein",
+  "incorrectDetails": "Falsche Angaben",
+  "pleaseVerifyDetails": "Überprüfe die Angaben und versuche es erneut",
   "codeIssuerHint": "Aussteller",
   "codeSecretKeyHint": "Geheimer Schlüssel",
   "codeAccountHint": "Konto (you@domain.com)",
@@ -98,6 +102,7 @@
   "scan": "Scannen",
   "scanACode": "Scannen eines Codes",
   "verify": "Überprüfen Sie",
+  "verifyEmail": "E-Mail-Adresse verifizieren",
   "enterCodeHint": "Geben Sie den 6-stelligen Code \naus Ihrer Authentifikator-App ein.",
   "lostDeviceTitle": "Gerät verloren?",
   "twoFactorAuthTitle": "Zwei-Faktor-Authentifizierung",
@@ -173,6 +178,19 @@
   "privacyPolicyTitle": "Datenschutzbestimmungen",
   "termsOfServicesTitle": "Bedingungen",
   "encryption": "Verschlüsselung",
+  "setPasswordTitle": "Passwort setzen",
+  "changePasswordTitle": "Passwort ändern",
+  "resetPasswordTitle": "Passwort zurücksetzen",
+  "encryptionKeys": "Verschlüsselungsschlüssel",
+  "passwordWarning": "Wir speichern dieses Passwort nicht. Wenn du es vergisst, <underline>können wir deine Daten nicht entschlüsseln</underline>",
+  "enterPasswordToEncrypt": "Gib ein Passwort ein, mit dem wir deine Daten verschlüsseln können",
+  "enterNewPasswordToEncrypt": "Gib ein neues Passwort ein, mit dem wir deine Daten verschlüsseln können",
+  "passwordChangedSuccessfully": "Passwort erfolgreich geändert",
+  "generatingEncryptionKeys": "Generierung von Verschlüsselungsschlüsseln...",
+  "continueLabel": "Weiter",
+  "insecureDevice": "Unsicheres Gerät",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "Es tut uns leid, wir konnten keine sicheren Schlüssel auf diesem Gerät generieren.\n\nBitte registrieren Sie sich auf einem anderen Gerät.",
+  "howItWorks": "So funktioniert's",
   "ackPasswordLostWarning": "Ich verstehe, dass der Verlust meines Passworts zum Verlust meiner Daten führen kann, denn diese ist <underline>Ende-zu-Ende verschlüsselt</underline>.",
   "loginTerms": "Durch das Klicken auf den Login-Button, stimme ich <u-terms>den Nutzungsbedingungen</u-terms> und den <u-policy>Datenschutzbestimmungen</u-policy> zu",
   "logInLabel": "Einloggen",
@@ -228,5 +246,26 @@
   "sorry": "Entschuldigen sie",
   "importFailureDesc": "Ausgewählte Datei ließ sich nicht verarbeiten.\nBitte wenden sie sich an support@ente.io für Hilfe!",
   "pendingSyncs": "Warnung",
-  "pendingSyncsWarningBody": "Einige Codes wurden nicht gesichert.\n\nBitte gehen sie sicher, dass sie einen Backupcode für diese Codes haben bevor sie sich ausloggen."
+  "pendingSyncsWarningBody": "Einige Codes wurden nicht gesichert.\n\nBitte gehen sie sicher, dass sie einen Backupcode für diese Codes haben bevor sie sich ausloggen.",
+  "checkInboxAndSpamFolder": "Bitte überprüfe deinen E-Mail-Posteingang (und Spam), um die Verifizierung abzuschließen",
+  "tapToEnterCode": "Antippen, um den Code einzugeben",
+  "resendEmail": "E-Mail erneut senden",
+  "weHaveSendEmailTo": "Wir haben eine E-Mail an <green>{email}</green> gesendet",
+  "@weHaveSendEmailTo": {
+    "description": "Text to indicate that we have sent a mail to the user",
+    "placeholders": {
+      "email": {
+        "description": "The email address of the user",
+        "type": "String",
+        "example": "example@ente.io"
+      }
+    }
+  },
+  "activeSessions": "Aktive Sitzungen",
+  "somethingWentWrongPleaseTryAgain": "Ein Fehler ist aufgetreten, bitte versuche es erneut",
+  "thisWillLogYouOutOfThisDevice": "Dadurch wirst du von diesem Gerät abgemeldet!",
+  "thisWillLogYouOutOfTheFollowingDevice": "Dadurch wirst du von folgendem Gerät abgemeldet:",
+  "terminateSession": "Sitzungen beenden?",
+  "terminate": "Beenden",
+  "thisDevice": "Dieses Gerät"
 }

lib/l10n/arb/app_en.arb

@@ -1,4 +1,3 @@
-
 {
   "account": "Account",
   "recoveryKey": "Recovery key",
@@ -10,10 +9,15 @@
   "onBoardingGetStarted": "Get Started",
   "setupFirstAccount": "Setup your first account",
   "importScanQrCode": "Scan a QR Code",
+  "qrCode": "QR Code",
   "importEnterSetupKey": "Enter a setup key",
   "importAccountPageTitle": "Enter account details",
+  "secretCanNotBeEmpty": "Secret can not be empty",
+  "bothIssuerAndAccountCanNotBeEmpty": "Both issuer and account can not be empty",
+  "incorrectDetails": "Incorrect details",
+  "pleaseVerifyDetails": "Please verify the details and try again",
   "codeIssuerHint": "Issuer",
-  "codeSecretKeyHint" : "Secret Key",
+  "codeSecretKeyHint": "Secret Key",
   "codeAccountHint": "Account (you@domain.com)",
   "accountKeyType": "Type of key",
   "sessionExpired": "Session expired",
@@ -21,7 +25,7 @@
     "description": "Title of the dialog when the users current session is invalid/expired"
   },
   "pleaseLoginAgain": "Please login again",
-  "loggingOut" : "Logging out...",
+  "loggingOut": "Logging out...",
   "timeBasedKeyType": "Time based (TOTP)",
   "counterBasedKeyType": "Counter based (HOTP)",
   "saveAction": "Save",
@@ -54,6 +58,9 @@
     }
   },
   "contactSupport": "Contact support",
+  "rateUsOnStore" : "Rate us on {storeName}",
+  "blog": "Blog",
+  "merchandise": "Merchandise",
   "verifyPassword": "Verify password",
   "pleaseWait": "Please wait...",
   "generatingEncryptionKeysTitle": "Generating encryption keys...",
@@ -63,16 +70,28 @@
   "incorrectPasswordTitle": "Incorrect password",
   "welcomeBack": "Welcome back!",
   "madeWithLoveAtPrefix": "made with ❤️ at ",
-  "supportDevs" : "Subscribe to <bold-green>ente</bold-green> to support this project.",
-  "supportDiscount" : "Use coupon code \"AUTH\" to get 10% off first year",
+  "supportDevs": "Subscribe to <bold-green>ente</bold-green> to support this project.",
+  "supportDiscount": "Use coupon code \"AUTH\" to get 10% off first year",
   "changeEmail": "Change email",
   "changePassword": "Change password",
-  "data" : "Data",
+  "data": "Data",
   "importCodes": "Import codes",
+  "importTypePlainText": "Plain text",
+  "importTypeEnteEncrypted": "ente Encrypted export",
+  "passwordForDecryptingExport": "Password to decrypt export",
+  "passwordEmptyError": "Password can not be empty",
+  "importFromApp": "Import codes from {appName}",
+  "importGoogleAuthGuide": "Export your accounts from Google Authenticator to a QR code using the \"Transfer Accounts\" option. Then using another device, scan the QR code.\n\nTip: You can use your laptop's webcam to take a picture of the QR code.",
+  "importSelectJsonFile": "Select JSON file",
+  "importEnteEncGuide": "Select the encrypted JSON file exported from ente",
+  "importRaivoGuide": "Use the \"Export OTPs to Zip archive\" option in Raivo's Settings.\n\nExtract the zip file and import the JSON file.",
   "exportCodes": "Export codes",
+  "importLabel": "Import",
   "importInstruction": "Please select a file that contains a list of your codes in the following format",
   "importCodeDelimiterInfo": "The codes can be separated by a comma or a new line",
   "selectFile": "Select file",
+  "emailVerificationToggle": "Email verification",
+  "authToChangeEmailVerificationSetting": "Please authenticate to change email verification",
   "authToViewYourRecoveryKey": "Please authenticate to view your recovery key",
   "authToChangeYourEmail": "Please authenticate to change your email",
   "authToChangeYourPassword": "Please authenticate to change your password",
@@ -86,11 +105,23 @@
   "copied": "Copied",
   "pleaseTryAgain": "Please try again",
   "existingUser": "Existing User",
-  "newUser" : "New to ente",
+  "newUser": "New to ente",
   "delete": "Delete",
   "enterYourPasswordHint": "Enter your password",
   "forgotPassword": "Forgot password",
   "oops": "Oops",
+  "suggestFeatures": "Suggest features",
+  "faq": "FAQ",
+  "faq_q_1": "How secure is ente Auth?",
+  "faq_a_1": "All codes you backup via ente is stored end-to-end encrypted. This means only you can access your codes. Our apps are open source and our cryptography has been externally audited.",
+  "faq_q_2": "Can I access my codes on desktop?",
+  "faq_a_2": "You can access your codes on the web @ auth.ente.io.",
+  "faq_q_3": "How can I delete codes?",
+  "faq_a_3": "You can delete a code by swiping left on that item.",
+  "faq_q_4": "How can I support this project?",
+  "faq_a_4": "You can support the development of this project by subscribing to our Photos app @ ente.io.",
+  "faq_q_5": "How can I enable FaceID lock in ente Auth",
+  "faq_a_5": "You can enable FaceID lock under Settings → Security → Lockscreen.",
   "somethingWentWrongMessage": "Something went wrong, please try again",
   "leaveFamily": "Leave family",
   "leaveFamilyMessage": "Are you sure that you want to leave the family plan?",
@@ -106,7 +137,7 @@
   "recoverAccount": "Recover account",
   "enterRecoveryKeyHint": "Enter your recovery key",
   "recover": "Recover",
-  "contactSupportViaEmailMessage":"Please drop an email to {email} from your registered email address",
+  "contactSupportViaEmailMessage": "Please drop an email to {email} from your registered email address",
   "@contactSupportViaEmailMessage": {
     "placeholders": {
       "email": {
@@ -157,6 +188,7 @@
   "recoveryKeySaveDescription": "We don't store this key, please save this 24 word key in a safe place.",
   "doThisLater": "Do this later",
   "saveKey": "Save key",
+  "back": "Back",
   "createAccount": "Create account",
   "passwordStrength": "Password strength: {passwordStrengthValue}",
   "@passwordStrength": {
@@ -171,7 +203,7 @@
     "message": "Password Strength: {passwordStrengthText}"
   },
   "password": "Password",
-  "signUpTerms" : "I agree to the <u-terms>terms of service</u-terms> and <u-policy>privacy policy</u-policy>",
+  "signUpTerms": "I agree to the <u-terms>terms of service</u-terms> and <u-policy>privacy policy</u-policy>",
   "privacyPolicyTitle": "Privacy Policy",
   "termsOfServicesTitle": "Terms",
   "encryption": "Encryption",
@@ -224,14 +256,14 @@
   "youAreOnTheLatestVersion": "You are on the latest version",
   "warning": "Warning",
   "exportWarningDesc": "The exported file contains sensitive information. Please store this safely.",
-  "iUnderStand" : "I understand",
+  "iUnderStand": "I understand",
   "@iUnderStand": {
     "description": "Text for the button to confirm the user understands the warning"
   },
   "authToExportCodes": "Please authenticate to export your codes",
   "importSuccessTitle": "Yay!",
   "importSuccessDesc": "You have imported {count} codes!",
-  "@importSuccessDesc" : {
+  "@importSuccessDesc": {
     "placeholders": {
       "count": {
         "description": "The number of codes imported",
@@ -240,9 +272,9 @@
       }
     }
   },
-  "sorry" : "Sorry",
+  "sorry": "Sorry",
   "importFailureDesc": "Could not parse the selected file.\nPlease write to support@ente.io if you need help!",
-  "pendingSyncs" : "Warning",
+  "pendingSyncs": "Warning",
   "pendingSyncsWarningBody": "Some of your codes have not been backed up.\n\nPlease ensure that you have a backup for these codes before you logout.",
   "checkInboxAndSpamFolder": "Please check your inbox (and spam) to complete verification",
   "tapToEnterCode": "Tap to enter code",
@@ -264,5 +296,24 @@
   "thisWillLogYouOutOfTheFollowingDevice": "This will log you out of the following device:",
   "terminateSession": "Terminate session?",
   "terminate": "Terminate",
-  "thisDevice": "This device"
+  "thisDevice": "This device",
+  "toResetVerifyEmail": "To reset your password, please verify your email first.",
+  "thisEmailIsAlreadyInUse": "This email is already in use",
+  "verificationFailedPleaseTryAgain": "Verification failed, please try again",
+  "yourVerificationCodeHasExpired": "Your verification code has expired",
+  "incorrectCode": "Incorrect code",
+  "sorryTheCodeYouveEnteredIsIncorrect": "Sorry, the code you've entered is incorrect",
+  "emailChangedTo": "Email changed to {newEmail}",
+  "authenticationFailedPleaseTryAgain": "Authentication failed, please try again",
+  "authenticationSuccessful": "Authentication successful!",
+  "twofactorAuthenticationSuccessfullyReset": "Two-factor authentication successfully reset",
+  "incorrectRecoveryKey": "Incorrect recovery key",
+  "theRecoveryKeyYouEnteredIsIncorrect": "The recovery key you entered is incorrect",
+  "enterPassword": "Enter password",
+  "selectExportFormat": "Select export format",
+  "exportDialogDesc": "Encrypted exports will be protected by a password of your choice.",
+  "encrypted": "Encrypted",
+  "plainText": "Plain text",
+  "passwordToEncryptExport": "Password to encrypt export",
+  "export": "Export"
 }

lib/l10n/arb/app_es.arb

@@ -25,7 +25,7 @@
   "counterBasedKeyType": "Basado en Contador (HOTP)",
   "saveAction": "Guardar",
   "nextTotpTitle": "siguiente",
-  "deleteCodeTitle": "Eliminar código?",
+  "deleteCodeTitle": "¿Eliminar código?",
   "deleteCodeMessage": "¿Está seguro que desea eliminar este código? Esta acción es irreversible.",
   "viewLogsAction": "Ver Registros",
   "sendLogsDescription": "Esto enviará registros para ayudarnos a depurar su problema. Aunque tomamos precauciones para asegurarnos que no se registre información sensible, le recomendamos que consulte estos registros antes de compartirlos.",
@@ -98,6 +98,7 @@
   "scan": "Escanear",
   "scanACode": "Escanear un código",
   "verify": "Verificar",
+  "verifyEmail": "Verificar correo electrónico",
   "enterCodeHint": "Ingrese el código de seis dígitos de su aplicación de autenticación",
   "lostDeviceTitle": "¿Perdió su dispositivo?",
   "twoFactorAuthTitle": "Autenticación de dos factores",
@@ -136,6 +137,9 @@
   "social": "Social",
   "security": "Seguridad",
   "lockscreen": "Pantalla de bloqueo",
+  "authToChangeLockscreenSetting": "Por favor autentifíquese para cambiar la configuración de bloqueo de pantalla",
+  "lockScreenEnablePreSteps": "Para activar la pantalla de bloqueo, por favor configure la contraseña del dispositivo o el bloqueo de pantalla en los ajustes de sistema.",
+  "viewActiveSessions": "Ver sesiones activas",
   "searchHint": "Buscar...",
   "search": "Buscar",
   "sorryUnableToGenCode": "Lo sentimos, no se puede generar un código para {issuerName}",
@@ -169,10 +173,21 @@
   "privacyPolicyTitle": "Política de Privacidad",
   "termsOfServicesTitle": "Términos",
   "encryption": "Cifrado",
+  "setPasswordTitle": "Establecer contraseña",
+  "changePasswordTitle": "Cambiar contraseña",
+  "resetPasswordTitle": "Restablecer contraseña",
+  "encryptionKeys": "Claves de cifrado",
+  "passwordChangedSuccessfully": "Contraseña cambiada correctamente",
+  "generatingEncryptionKeys": "Generando claves de encriptación...",
+  "continueLabel": "Continuar",
+  "insecureDevice": "Dispositivo inseguro",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "Lo sentimos, no hemos podido generar claves seguras en este dispositivo.\n\nRegístrate desde un dispositivo diferente.",
+  "howItWorks": "Cómo funciona",
   "ackPasswordLostWarning": "Entiendo que si pierdo mi contraseña podría perder mis datos, ya que mis datos están <underline>cifrados de extremo a extremo</underline>.",
   "loginTerms": "Al hacer clic en iniciar sesión, acepto los <u-terms>términos de servicio</u-terms> y <u-policy>la política de privacidad</u-policy>",
   "logInLabel": "Iniciar sesión",
   "logout": "Cerrar sesión",
+  "areYouSureYouWantToLogout": "¿Seguro que quiere cerrar la sesión?",
   "yesLogout": "Sí, cerrar sesión",
   "exit": "Salir",
   "verifyingRecoveryKey": "Verificando clave de recuperación...",
@@ -194,5 +209,22 @@
   "exportLogs": "Exportar registros",
   "enterYourRecoveryKey": "Introduzca su clave de recuperación",
   "tempErrorContactSupportIfPersists": "Parece que algo salió mal. Por favor, vuelve a intentarlo después de algún tiempo. Si el error persiste, ponte en contacto con nuestro equipo de soporte.",
-  "itLooksLikeSomethingWentWrongPleaseRetryAfterSome": "Parece que algo salió mal. Por favor, vuelve a intentarlo después de algún tiempo. Si el error persiste, ponte en contacto con nuestro equipo de soporte."
+  "itLooksLikeSomethingWentWrongPleaseRetryAfterSome": "Parece que algo salió mal. Por favor, vuelve a intentarlo después de algún tiempo. Si el error persiste, ponte en contacto con nuestro equipo de soporte.",
+  "about": "Acerca de",
+  "weAreOpenSource": "¡Somos de código abierto!",
+  "privacy": "Privacidad",
+  "terms": "Términos",
+  "checkForUpdates": "Comprobar actualizaciones",
+  "checking": "Comprobando...",
+  "youAreOnTheLatestVersion": "Está usando la versión más reciente",
+  "warning": "Atención",
+  "exportWarningDesc": "El archivo exportado contiene información confidencial. Por favor, guárdelo de forma segura.",
+  "iUnderStand": "Entiendo",
+  "@iUnderStand": {
+    "description": "Text for the button to confirm the user understands the warning"
+  },
+  "authToExportCodes": "Por favor, autentifíquese para exportar sus códigos",
+  "sorry": "Lo sentimos",
+  "importFailureDesc": "No se pudo analizar el archivo seleccionado.\n¡Por favor escriba a support@ente.io si necesita ayuda!",
+  "pendingSyncs": "Atención"
 }

lib/l10n/arb/app_fi.arb

@@ -63,6 +63,7 @@
   "supportDevs": "Tilaa <bold-green>ente</bold-green> tukeaksesi tätä hanketta.",
   "supportDiscount": "Käytä kuponkikoodia \"AUTH\" saadaksesi 10% alennuksen ensimmäisestä vuodesta",
   "changeEmail": "vaihda sähköpostiosoitteesi",
+  "selectFile": "Valitse tiedosto",
   "ok": "Selvä",
   "cancel": "Keskeytä",
   "yes": "Kyllä",

lib/l10n/arb/app_fr.arb

@@ -98,6 +98,7 @@
   "scan": "Analyser",
   "scanACode": "Scanner un code",
   "verify": "Vérifier",
+  "verifyEmail": "Vérifier l'email",
   "enterCodeHint": "Saisir le code à 6 caractères de votre appli d'authentification",
   "lostDeviceTitle": "Appareil perdu ?",
   "twoFactorAuthTitle": "Authentification à deux facteurs",
@@ -173,6 +174,18 @@
   "privacyPolicyTitle": "Politique de confidentialité",
   "termsOfServicesTitle": "Conditions",
   "encryption": "Chiffrement",
+  "setPasswordTitle": "Définir le mot de passe",
+  "changePasswordTitle": "Modifier le mot de passe",
+  "resetPasswordTitle": "Réinitialiser le mot de passe",
+  "encryptionKeys": "Clés de chiffrement",
+  "passwordWarning": "Nous ne stockons pas ce mot de passe, donc si vous l'oubliez, <underline>nous ne pouvons pas déchiffrer vos données</underline>",
+  "enterPasswordToEncrypt": "Entrez un mot de passe que nous pouvons utiliser pour chiffrer vos données",
+  "enterNewPasswordToEncrypt": "Entrez un nouveau mot de passe que nous pouvons utiliser pour chiffrer vos données",
+  "passwordChangedSuccessfully": "Le mot de passe a été modifié avec succès",
+  "generatingEncryptionKeys": "Génération des clés de chiffrement...",
+  "continueLabel": "Continuer",
+  "insecureDevice": "Appareil non sécurisé",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "Désolé, nous n'avons pas pu générer de clés sécurisées sur cet appareil.\n\nVeuillez vous inscrire depuis un autre appareil.",
   "ackPasswordLostWarning": "Je comprends que si je perds mon mot de passe, je risque de perdre mes données puisque celles-ci sont <underline>chiffrées de bout en bout</underline>.",
   "loginTerms": "En cliquant sur \"Connexion\", j'accepte les <u-terms>conditions d'utilisation</u-terms> et la <u-policy>politique de confidentialité</u-policy>",
   "logInLabel": "Connexion",
@@ -228,5 +241,26 @@
   "sorry": "Désolé",
   "importFailureDesc": "Impossible d'analyser le fichier sélectionné.\nVeuillez écrire à support@ente.io si vous avez besoin d'aide !",
   "pendingSyncs": "Attention",
-  "pendingSyncsWarningBody": "Certains de vos codes n'ont pas été sauvegardés.\n\nVeuillez vous assurer que vous avez une sauvegarde de ces codes avant de vous déconnecter."
+  "pendingSyncsWarningBody": "Certains de vos codes n'ont pas été sauvegardés.\n\nVeuillez vous assurer que vous avez une sauvegarde de ces codes avant de vous déconnecter.",
+  "checkInboxAndSpamFolder": "Veuillez consulter votre boîte de courriels (et les spam) pour compléter la vérification",
+  "tapToEnterCode": "Appuyez pour entrer un code",
+  "resendEmail": "Renvoyer le courriel",
+  "weHaveSendEmailTo": "Nous avons envoyé un mail à <green>{email}</green>",
+  "@weHaveSendEmailTo": {
+    "description": "Text to indicate that we have sent a mail to the user",
+    "placeholders": {
+      "email": {
+        "description": "The email address of the user",
+        "type": "String",
+        "example": "example@ente.io"
+      }
+    }
+  },
+  "activeSessions": "Sessions actives",
+  "somethingWentWrongPleaseTryAgain": "Quelque chose s'est mal passé, veuillez recommencer",
+  "thisWillLogYouOutOfThisDevice": "Cela vous déconnectera de cet appareil !",
+  "thisWillLogYouOutOfTheFollowingDevice": "Cela vous déconnectera de l'appareil suivant :",
+  "terminateSession": "Quitter la session ?",
+  "terminate": "Quitter",
+  "thisDevice": "Cet appareil"
 }

lib/l10n/arb/app_it.arb

@@ -9,8 +9,13 @@
   "onBoardingGetStarted": "Per iniziare",
   "setupFirstAccount": "Configura il tuo primo account",
   "importScanQrCode": "Scansiona un codice QR",
+  "qrCode": "Codice QR",
   "importEnterSetupKey": "Inserisci il codice segreto",
   "importAccountPageTitle": "Inserisci i dettagli del tuo account",
+  "secretCanNotBeEmpty": "La chiave segreta è obbligatoria",
+  "bothIssuerAndAccountCanNotBeEmpty": "Sia l'emittente che l'account sono obbligatori",
+  "incorrectDetails": "Dettagli errati",
+  "pleaseVerifyDetails": "Verifica i dettagli e riprova",
   "codeIssuerHint": "Emittente",
   "codeSecretKeyHint": "Codice segreto",
   "codeAccountHint": "Account (username@dominio.it)",
@@ -53,6 +58,9 @@
     }
   },
   "contactSupport": "Contatta il supporto",
+  "rateUsOnStore": "Valutaci su {storeName}",
+  "blog": "Blog",
+  "merchandise": "Prodotti",
   "verifyPassword": "Verifica la password",
   "pleaseWait": "Attendere prego...",
   "generatingEncryptionKeysTitle": "Generazione delle chiavi di crittografia...",
@@ -68,10 +76,22 @@
   "changePassword": "Cambia password",
   "data": "Dati",
   "importCodes": "Importa codici",
+  "importTypePlainText": "Testo in chiaro",
+  "importTypeEnteEncrypted": "ente Esportazione criptata",
+  "passwordForDecryptingExport": "Password per decriptare il file esportato",
+  "passwordEmptyError": "La password è obbligatoria",
+  "importFromApp": "Importa codici da {appName}",
+  "importGoogleAuthGuide": "Esporta i tuoi account da Google Authenticator in un codice QR utilizzando l'opzione \"Trasferisci Account\". Quindi, usando un altro dispositivo, scansiona il codice QR.\n\nSuggerimento: Puoi usare la webcam del tuo computer portatile per scattare una foto del codice QR.",
+  "importSelectJsonFile": "Seleziona file JSON",
+  "importEnteEncGuide": "Seleziona il file JSON criptato esportato da ente",
+  "importRaivoGuide": "Utilizza l'opzione \"Esporta i codici OTP in archivio Zip\" nelle impostazioni di Raivo.\n\nEstrai il file zip e importa il file JSON.",
   "exportCodes": "Esporta codici",
+  "importLabel": "Importa",
   "importInstruction": "Per favore seleziona un file contenente una lista dei tuoi codici nel seguente formato",
   "importCodeDelimiterInfo": "I codici possono essere separati da una virgola o da una nuova riga",
   "selectFile": "Seleziona file",
+  "emailVerificationToggle": "Verifica Email",
+  "authToChangeEmailVerificationSetting": "Autenticati per cambiare la verifica email",
   "authToViewYourRecoveryKey": "Autenticati per visualizzare la tua chiave di recupero",
   "authToChangeYourEmail": "Autenticati per cambiare la tua email",
   "authToChangeYourPassword": "Autenticati per cambiare la tua password",
@@ -90,6 +110,18 @@
   "enterYourPasswordHint": "Inserisci la tua password",
   "forgotPassword": "Password dimenticata",
   "oops": "Oops",
+  "suggestFeatures": "Suggerisci funzionalità",
+  "faq": "FAQ",
+  "faq_q_1": "Quanto è sicuro ente Auth?",
+  "faq_a_1": "Tutti i codici di cui fai il backup tramite ente sono memorizzati con crittografia end-to-end. Ciò significa che solo tu puoi accedere ai tuoi codici. Le nostre app sono open source e la nostra crittografia è stata verificata esternamente.",
+  "faq_q_2": "Posso accedere ai miei codici sul desktop?",
+  "faq_a_2": "Puoi accedere ai tuoi codici sul web @ auth.ente.io.",
+  "faq_q_3": "Come posso cancellare i codici?",
+  "faq_a_3": "Puoi eliminare un codice scorrendo il dito a sinistra sul codice in questione.",
+  "faq_q_4": "Come posso supportare questo progetto?",
+  "faq_a_4": "Puoi supportare lo sviluppo di questo progetto abbonandoti alla nostra app Photos @ ente.io.",
+  "faq_q_5": "Come posso abilitare il blocco FaceID in ente Auth",
+  "faq_a_5": "Puoi abilitare il blocco FaceID in Impostazioni → Sicurezza → Schermata di blocco.",
   "somethingWentWrongMessage": "Qualcosa è andato storto, per favore riprova",
   "leaveFamily": "Abbandona il piano famiglia",
   "leaveFamilyMessage": "Sei sicuro di voler uscire dal piano famiglia?",
@@ -156,6 +188,7 @@
   "recoveryKeySaveDescription": "Non memorizziamo questa chiave, per favore salva questa chiave di 24 parole in un posto sicuro.",
   "doThisLater": "Fallo più tardi",
   "saveKey": "Salva chiave",
+  "back": "Indietro",
   "createAccount": "Crea account",
   "passwordStrength": "Forza password: {passwordStrengthValue}",
   "@passwordStrength": {
@@ -263,5 +296,24 @@
   "thisWillLogYouOutOfTheFollowingDevice": "Questo ti disconnetterà dal seguente dispositivo:",
   "terminateSession": "Termina sessione?",
   "terminate": "Termina",
-  "thisDevice": "Questo dispositivo"
+  "thisDevice": "Questo dispositivo",
+  "toResetVerifyEmail": "Per reimpostare la tua password, prima verifica la tua email.",
+  "thisEmailIsAlreadyInUse": "Questa email é già in uso",
+  "verificationFailedPleaseTryAgain": "Verifica fallita, per favore riprova",
+  "yourVerificationCodeHasExpired": "Il tuo codice di verifica è scaduto",
+  "incorrectCode": "Codice errato",
+  "sorryTheCodeYouveEnteredIsIncorrect": "Spiacenti, il codice che hai inserito non è corretto",
+  "emailChangedTo": "Email modificata in {newEmail}",
+  "authenticationFailedPleaseTryAgain": "Autenticazione non riuscita, riprova",
+  "authenticationSuccessful": "Autenticazione riuscita!",
+  "twofactorAuthenticationSuccessfullyReset": "Autenticazione a due fattori ripristinata con successo",
+  "incorrectRecoveryKey": "Chiave di recupero errata",
+  "theRecoveryKeyYouEnteredIsIncorrect": "La chiave di recupero che hai inserito non è corretta",
+  "enterPassword": "Inserisci la password",
+  "selectExportFormat": "Seleziona formato di esportazione",
+  "exportDialogDesc": "Le esportazioni criptate saranno protette da una password a tua scelta.",
+  "encrypted": "Criptato",
+  "plainText": "Testo in chiaro",
+  "passwordToEncryptExport": "Password per criptare il file esportato",
+  "export": "Esporta"
 }

lib/l10n/arb/app_ja.arb

@@ -0,0 +1,267 @@
+{
+  "account": "アカウント",
+  "recoveryKey": "回復キー",
+  "counterAppBarTitle": "カウンタ",
+  "@counterAppBarTitle": {
+    "description": "Text shown in the AppBar of the Counter Page"
+  },
+  "onBoardingBody": "2要素認証コードの保護",
+  "onBoardingGetStarted": "さあ、はじめよう",
+  "setupFirstAccount": "最初のアカウントを設定しましょう",
+  "importScanQrCode": "QRコードをスキャン",
+  "importEnterSetupKey": "セットアップキーを入力",
+  "importAccountPageTitle": "アカウントの詳細を入力",
+  "codeIssuerHint": "発行者",
+  "codeSecretKeyHint": "シークレットキー",
+  "codeAccountHint": "アカウント (you@domain.com)",
+  "accountKeyType": "キーの種類",
+  "sessionExpired": "セッションの有効期間超過",
+  "@sessionExpired": {
+    "description": "Title of the dialog when the users current session is invalid/expired"
+  },
+  "pleaseLoginAgain": "再度ログインしてください",
+  "loggingOut": "ログアウト中...",
+  "timeBasedKeyType": "時間ベース (TOTP)",
+  "counterBasedKeyType": "カウンタベース (HOTP)",
+  "saveAction": "保存",
+  "nextTotpTitle": "次へ",
+  "deleteCodeTitle": "コードを削除しますか?",
+  "deleteCodeMessage": "このコードを削除してもよろしいですか? このアクションは元に戻せません。",
+  "viewLogsAction": "ログの表示",
+  "sendLogsDescription": "問題のデバッグに役立つログが送信されます。機密情報が記録されないように予防措置を講じていますが、共有する前にこれらのログを確認することをお勧めします。",
+  "preparingLogsTitle": "ログを準備中...",
+  "emailLogsTitle": "ログをメール",
+  "emailLogsMessage": "{email} にログを送信してください",
+  "@emailLogsMessage": {
+    "placeholders": {
+      "email": {
+        "type": "String"
+      }
+    }
+  },
+  "copyEmailAction": "メールをコピー",
+  "exportLogsAction": "ログのエクスポート",
+  "reportABug": "バグを報告",
+  "crashAndErrorReporting": "クラッシュとエラーの報告",
+  "reportBug": "バグを報告",
+  "emailUsMessage": "{email} にメールでご連絡ください",
+  "@emailUsMessage": {
+    "placeholders": {
+      "email": {
+        "type": "String"
+      }
+    }
+  },
+  "contactSupport": "サポートに問い合わせ",
+  "verifyPassword": "パスワードを確認",
+  "pleaseWait": "お待ちください...",
+  "generatingEncryptionKeysTitle": "暗号化キーを生成中...",
+  "recreatePassword": "パスワードを再設定",
+  "recreatePasswordMessage": "現在のデバイスは、パスワードを確認するのに十分ではありません。全てのデバイスで利用できるように再生成する必要があります。\n\nリカバリーキーを使用してログインし、パスワードを再生成してください (ご希望の場合は再度同じパスワードを使用できます)",
+  "useRecoveryKey": "回復キーを使用",
+  "incorrectPasswordTitle": "パスワードが正しくありません",
+  "welcomeBack": "おかえりなさい!",
+  "madeWithLoveAtPrefix": "made with ❤️ at ",
+  "supportDevs": "プロジェクト支援のために <bold-green>ente</bold-green> に登録",
+  "supportDiscount": "クーポンコード \"AUTH\" を使用すると、初年度が10%オフになります。",
+  "changeEmail": "メールアドレスを変更",
+  "changePassword": "パスワードを変更",
+  "data": "データ",
+  "importCodes": "コードをインポート",
+  "exportCodes": "コードをエクスポート",
+  "importInstruction": "以下のフォーマットで、コードのリストを含むファイルを選択してください",
+  "importCodeDelimiterInfo": "コードはカンマまたは改行で区切ることができます",
+  "selectFile": "ファイルを選択",
+  "authToViewYourRecoveryKey": "回復キーを表示するためには認証が必要です",
+  "authToChangeYourEmail": "メールアドレスを変更するためには認証が必要です",
+  "authToChangeYourPassword": "パスワードを変更するためには認証が必要です",
+  "ok": "OK",
+  "cancel": "キャンセル",
+  "yes": "はい",
+  "no": "いいえ",
+  "email": "Eメール",
+  "support": "サポート",
+  "settings": "設定",
+  "copied": "コピーしました",
+  "pleaseTryAgain": "再度お試しください",
+  "existingUser": "既存のユーザー",
+  "newUser": "ente 新規ユーザー",
+  "delete": "削除",
+  "enterYourPasswordHint": "パスワードを入力してください",
+  "forgotPassword": "パスワードを忘れた場合",
+  "oops": "おっと",
+  "somethingWentWrongMessage": "問題が発生しました、再試行してください",
+  "leaveFamily": "ファミリーから退会",
+  "leaveFamilyMessage": "本当にファミリープランを退会しますか?",
+  "inFamilyPlanMessage": "ファミリープランに入会しています!",
+  "swipeHint": "左にスワイプしてコードを編集、削除します",
+  "scan": "スキャン",
+  "scanACode": "コードをスキャン",
+  "verify": "認証",
+  "verifyEmail": "メールアドレス認証",
+  "enterCodeHint": "認証アプリに表示された6ケタのコードを入力してください",
+  "lostDeviceTitle": "デバイスを紛失しましたか?",
+  "twoFactorAuthTitle": "2要素認証",
+  "recoverAccount": "アカウント回復",
+  "enterRecoveryKeyHint": "回復キーを入力",
+  "recover": "回復",
+  "contactSupportViaEmailMessage": "登録したメールアドレスから {email} に問い合わせメールをお送りください",
+  "@contactSupportViaEmailMessage": {
+    "placeholders": {
+      "email": {
+        "type": "String"
+      }
+    }
+  },
+  "noRecoveryKeyTitle": "回復キーがありませんか?",
+  "enterEmailHint": "メールアドレスを入力してください",
+  "invalidEmailTitle": "メールアドレスが無効です",
+  "invalidEmailMessage": "有効なメール アドレスを入力して下さい",
+  "deleteAccount": "アカウント削除",
+  "deleteAccountQuery": "ご不便をおかけして申し訳ありません。なにか問題が発生していますか?",
+  "yesSendFeedbackAction": "はい、フィードバックを送信します",
+  "noDeleteAccountAction": "いいえ、アカウントを削除します",
+  "initiateAccountDeleteTitle": "アカウント削除を開始するには認証してください",
+  "confirmAccountDeleteTitle": "本当に ente アカウントを削除してよろしいですか?",
+  "confirmAccountDeleteMessage": "アップロードされたデータは、すべてのアプリ(写真と認証アプリの両方) で削除がスケジュールされます。アカウントは完全に削除されます。",
+  "sendEmail": "メール送信",
+  "createNewAccount": "新規アカウント作成",
+  "weakStrength": "脆弱",
+  "strongStrength": "強力",
+  "moderateStrength": "まあまあ",
+  "confirmPassword": "パスワードの確認",
+  "close": "閉じる",
+  "oopsSomethingWentWrong": "問題が発生しました",
+  "selectLanguage": "言語の選択",
+  "language": "言語",
+  "social": "ソーシャル",
+  "security": "セキュリティ",
+  "lockscreen": "ロックスクリーン",
+  "authToChangeLockscreenSetting": "ロックスクリーン設定を変更するためには認証が必要です",
+  "lockScreenEnablePreSteps": "ロックスクリーンを有効にするには、システム設定でデバイスのパスコードまたはスクリーンロックを設定してください。",
+  "viewActiveSessions": "アクティブなセッションを表示",
+  "authToViewYourActiveSessions": "アクティブセッションを表示するためには認証が必要です",
+  "searchHint": "検索...",
+  "search": "検索",
+  "sorryUnableToGenCode": "申し訳ありません、 {issuerName} 用のコードを生成できません",
+  "noResult": "該当結果なし",
+  "addCode": "コードを追加",
+  "scanAQrCode": "QRコードをスキャン",
+  "enterDetailsManually": "手動で詳細を入力する",
+  "edit": "編集",
+  "copiedToClipboard": "クリップボードにコピーされました",
+  "error": "エラー",
+  "recoveryKeyCopiedToClipboard": "回復キーがクリップボードにコピーされました",
+  "recoveryKeyOnForgotPassword": "パスワードを忘れた場合、データを回復できる唯一の方法がこのキーです。",
+  "recoveryKeySaveDescription": "このキーは保存されません。この24単語のキーを安全な場所に保存してください。",
+  "doThisLater": "後で行う",
+  "saveKey": "キーを保存",
+  "createAccount": "アカウント作成",
+  "passwordStrength": "パスワードの強度: {passwordStrengthValue}",
+  "@passwordStrength": {
+    "description": "Text to indicate the password strength",
+    "placeholders": {
+      "passwordStrengthValue": {
+        "description": "The strength of the password as a string",
+        "type": "String",
+        "example": "Weak or Moderate or Strong"
+      }
+    },
+    "message": "Password Strength: {passwordStrengthText}"
+  },
+  "password": "パスワード",
+  "signUpTerms": "<u-terms>利用規約</u-terms> と <u-policy>プライバシー ポリシー</u-policy> に同意します",
+  "privacyPolicyTitle": "プライバシーポリシー",
+  "termsOfServicesTitle": "利用規約",
+  "encryption": "暗号化",
+  "setPasswordTitle": "パスワードの設定",
+  "changePasswordTitle": "パスワードの変更",
+  "resetPasswordTitle": "パスワードのリセット",
+  "encryptionKeys": "暗号化キー",
+  "passwordWarning": "私たちはこのパスワードを保存していないため、もしあなたが忘れた場合、 <underline>あなたのデータを復号することはできません</underline>",
+  "enterPasswordToEncrypt": "データの暗号化に使用するパスワードを入力してください",
+  "enterNewPasswordToEncrypt": "データの暗号化に使用する新しいパスワードを入力してください",
+  "passwordChangedSuccessfully": "パスワードを変更しました",
+  "generatingEncryptionKeys": "暗号化キーを生成中...",
+  "continueLabel": "続行",
+  "insecureDevice": "安全ではないデバイス",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "申し訳ありませんが、このデバイスでは安全なキーを生成できませんでした。\n\n別のデバイスからサインアップしてください。",
+  "howItWorks": "動作の仕組み",
+  "ackPasswordLostWarning": "私のデータは <underline>エンドツーエンドで暗号化される</underline>ため、パスワードを紛失した場合、データが失われる可能性があることを理解しています。",
+  "loginTerms": "ログインをクリックした場合、 <u-terms>利用規約</u-terms> および <u-policy>プライバシー ポリシー</u-policy> に同意するものとします。",
+  "logInLabel": "ログイン",
+  "logout": "ログアウト",
+  "areYouSureYouWantToLogout": "本当にログアウトしてよろしいですか?",
+  "yesLogout": "はい、ログアウトします",
+  "exit": "やめる",
+  "verifyingRecoveryKey": "回復キーを確認中...",
+  "recoveryKeyVerified": "回復キーが確認されました",
+  "recoveryKeySuccessBody": "素晴らしい! 回復キーは有効です。ご確認いただきありがとうございます。\n\n回復キーを安全にバックアップしておいてください。",
+  "invalidRecoveryKey": "入力されたリカバリーキーが無効です。24単語が含まれていることを確認し、それぞれのスペルを確認してください。\n\n古い形式の回復コードを入力した場合は、64文字であることを確認して、それぞれを確認してください。",
+  "recreatePasswordTitle": "パスワードを再設定",
+  "recreatePasswordBody": "現在のデバイスは、パスワードを確認するのに十分ではありません。全てのデバイスで利用できるように再生成する必要があります。\n回復キーを使用してログインし、パスワードを再生成してください (ご希望の場合は再度同じパスワードを使用できます)",
+  "invalidKey": "キーが無効",
+  "tryAgain": "再試行",
+  "viewRecoveryKey": "回復キーを表示",
+  "confirmRecoveryKey": "回復キーを確認",
+  "recoveryKeyVerifyReason": "パスワードを忘れた場合、回復キーは写真を復元するための唯一の方法です。設定 > アカウント で回復キーを確認することができます。\n \n\n 回復キーを入力して、正しく保存したことを確認してください。",
+  "confirmYourRecoveryKey": "回復キーを確認",
+  "confirm": "確認",
+  "emailYourLogs": "ログをメールで送信",
+  "pleaseSendTheLogsTo": "ログを以下のアドレスに送信してください \n{toEmail}",
+  "copyEmailAddress": "メールアドレスをコピー",
+  "exportLogs": "ログのエクスポート",
+  "enterYourRecoveryKey": "回復キーを入力",
+  "tempErrorContactSupportIfPersists": "問題が発生したようです。しばらくしてから再試行してください。エラーが解決しない場合は、サポートチームにお問い合わせください。",
+  "itLooksLikeSomethingWentWrongPleaseRetryAfterSome": "問題が発生したようです。しばらくしてから再試行してください。エラーが解決しない場合は、サポートチームにお問い合わせください。",
+  "about": "情報",
+  "weAreOpenSource": "我々はオープンソースです!",
+  "privacy": "プライバシー",
+  "terms": "利用規約",
+  "checkForUpdates": "アップデートを確認",
+  "checking": "確認中…",
+  "youAreOnTheLatestVersion": "あなたは最新バージョンを使用しています",
+  "warning": "警告",
+  "exportWarningDesc": "エクスポートされたファイルには機密情報が含まれています。安全に保管してください。",
+  "iUnderStand": "理解しました",
+  "@iUnderStand": {
+    "description": "Text for the button to confirm the user understands the warning"
+  },
+  "authToExportCodes": "コードをエクスポートするためには認証が必要です",
+  "importSuccessTitle": "やりました!",
+  "importSuccessDesc": "{count} 個のコードをインポートしました!",
+  "@importSuccessDesc": {
+    "placeholders": {
+      "count": {
+        "description": "The number of codes imported",
+        "type": "int",
+        "example": "1"
+      }
+    }
+  },
+  "sorry": "申し訳ありません",
+  "importFailureDesc": "選択したファイルを解析できませんでした。\nsupport@ente.io までご連絡ください。",
+  "pendingSyncs": "警告",
+  "pendingSyncsWarningBody": "いくつかのコードがバックアップされていません。\n\nログアウトする前に、これらのコードのバックアップがあることを確認してください。",
+  "checkInboxAndSpamFolder": "受信トレイ (および迷惑メール) を確認して認証を完了してください",
+  "tapToEnterCode": "タップしてコード入力",
+  "resendEmail": "メールを再送信",
+  "weHaveSendEmailTo": "<green>{email}</green> にメールを送信しました",
+  "@weHaveSendEmailTo": {
+    "description": "Text to indicate that we have sent a mail to the user",
+    "placeholders": {
+      "email": {
+        "description": "The email address of the user",
+        "type": "String",
+        "example": "example@ente.io"
+      }
+    }
+  },
+  "activeSessions": "アクティブセッション",
+  "somethingWentWrongPleaseTryAgain": "問題が発生しました、再試行してください",
+  "thisWillLogYouOutOfThisDevice": "このデバイスからログアウトします!",
+  "thisWillLogYouOutOfTheFollowingDevice": "以下のデバイスからログアウトします:",
+  "terminateSession": "セッションを終了しますか?",
+  "terminate": "終了",
+  "thisDevice": "このデバイス"
+}

lib/l10n/arb/app_ru.arb

@@ -11,6 +11,10 @@
   "importScanQrCode": "Сканировать QR-код",
   "importEnterSetupKey": "Введите ключ установки",
   "importAccountPageTitle": "Введите данные аккаунта",
+  "secretCanNotBeEmpty": "Секретный код не может быть пустым",
+  "bothIssuerAndAccountCanNotBeEmpty": "И эмитент, и аккаунт не могут быть пустыми",
+  "incorrectDetails": "Неправильные данные",
+  "pleaseVerifyDetails": "Пожалуйста, проверьте детали и попробуйте еще раз",
   "codeIssuerHint": "Эмитент",
   "codeSecretKeyHint": "Секретный ключ",
   "codeAccountHint": "Аккаунт (you@domain.com)",
@@ -98,6 +102,7 @@
   "scan": "Сканировать",
   "scanACode": "Сканировать QR-код",
   "verify": "Подтвердить",
+  "verifyEmail": "Подтвердить электронную почту",
   "enterCodeHint": "Введите 6-значный код из\nвашего приложения-аутентификатора",
   "lostDeviceTitle": "Потеряно устройство?",
   "twoFactorAuthTitle": "Двухфакторная аутентификация",
@@ -173,6 +178,19 @@
   "privacyPolicyTitle": "Политика конфиденциальности",
   "termsOfServicesTitle": "Условия использования",
   "encryption": "Шифрование",
+  "setPasswordTitle": "Поставить пароль",
+  "changePasswordTitle": "Изменить пароль",
+  "resetPasswordTitle": "Сбросить пароль",
+  "encryptionKeys": "Ключи шифрования",
+  "passwordWarning": "Мы не храним этот пароль, поэтому если вы забудете его, <underline>мы не сможем расшифровать ваши данные</underline>",
+  "enterPasswordToEncrypt": "Введите пароль, который мы можем использовать для шифрования ваших данных",
+  "enterNewPasswordToEncrypt": "Введите новый пароль, который мы можем использовать для шифрования ваших данных",
+  "passwordChangedSuccessfully": "Пароль успешно изменён",
+  "generatingEncryptionKeys": "Генерируем ключи шифрования...",
+  "continueLabel": "Далее",
+  "insecureDevice": "Небезопасное устройство",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "К сожалению, мы не смогли сгенерировать безопасные ключи на этом устройстве.\n\nПожалуйста, зарегистрируйтесь с другого устройства.",
+  "howItWorks": "Как это работает",
   "ackPasswordLostWarning": "Я понимаю, что если я потеряю свой пароль, я могу потерять свои данные, так как мои данные в <underline>сквозном шифровании</underline>.",
   "loginTerms": "Нажимая на логин, я принимаю <u-terms>условия использования</u-terms> и <u-policy>политику конфиденциальности</u-policy>",
   "logInLabel": "Войти",
@@ -228,5 +246,26 @@
   "sorry": "Извините",
   "importFailureDesc": "Не удалось разобрать выбранный файл.\nПожалуйста, напишите на support@ente.io, если вам нужна помощь!",
   "pendingSyncs": "Предупреждение",
-  "pendingSyncsWarningBody": "Некоторые из ваших кодов не были сохранены.\n\nПожалуйста, убедитесь, что у вас есть резервная копия для этих кодов перед выходом."
+  "pendingSyncsWarningBody": "Некоторые из ваших кодов не были сохранены.\n\nПожалуйста, убедитесь, что у вас есть резервная копия для этих кодов перед выходом.",
+  "checkInboxAndSpamFolder": "Пожалуйста, проверьте свой почтовый ящик (и спам) для завершения верификации",
+  "tapToEnterCode": "Нажмите, чтобы ввести код",
+  "resendEmail": "Отправить письмо еще раз",
+  "weHaveSendEmailTo": "Мы отправили письмо на <green>{email}</green>",
+  "@weHaveSendEmailTo": {
+    "description": "Text to indicate that we have sent a mail to the user",
+    "placeholders": {
+      "email": {
+        "description": "The email address of the user",
+        "type": "String",
+        "example": "example@ente.io"
+      }
+    }
+  },
+  "activeSessions": "Активные сеансы",
+  "somethingWentWrongPleaseTryAgain": "Что-то пошло не так. Попробуйте еще раз",
+  "thisWillLogYouOutOfThisDevice": "Вы выйдете из этого устройства!",
+  "thisWillLogYouOutOfTheFollowingDevice": "Вы выйдете из списка следующих устройств:",
+  "terminateSession": "Завершить сеанс?",
+  "terminate": "Завершить",
+  "thisDevice": "Это устройство"
 }

lib/l10n/arb/app_tr.arb

@@ -98,6 +98,7 @@
   "scan": "Tara",
   "scanACode": "Bir kodu tarayın",
   "verify": "Doğrula",
+  "verifyEmail": "E-posta adresini doğrulayın",
   "enterCodeHint": "Kimlik doğrulayıcı uygulamanızdaki 6 haneli doğrulama kodunu girin",
   "lostDeviceTitle": "Cihazınızı mı kaybettiniz?",
   "twoFactorAuthTitle": "İki faktörlü kimlik doğrulama",
@@ -173,6 +174,19 @@
   "privacyPolicyTitle": "Gizlilik Politikası",
   "termsOfServicesTitle": "Şartlar",
   "encryption": "Şifreleme",
+  "setPasswordTitle": "Şifre belirleyin",
+  "changePasswordTitle": "Şifreyi değiştirin",
+  "resetPasswordTitle": "Şifreyi sıfırlayın",
+  "encryptionKeys": "Şifreleme anahtarları",
+  "passwordWarning": "Bu şifreyi saklamıyoruz, bu nedenle unutursanız, <underline>verilerinizin şifresini çözemeyiz</underline>",
+  "enterPasswordToEncrypt": "Verilerinizi şifrelemek için kullanabileceğimiz bir şifre girin",
+  "enterNewPasswordToEncrypt": "Verilerinizi şifrelemek için kullanabileceğimiz yeni bir şifre girin",
+  "passwordChangedSuccessfully": "Şifre başarıyla değiştirildi",
+  "generatingEncryptionKeys": "Şifreleme anahtarları oluşturuluyor...",
+  "continueLabel": "Devam et",
+  "insecureDevice": "Güvenli olmayan cihaz",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "Üzgünüz, bu cihazda güvenli anahtarlar oluşturamadık.\n\nlütfen farklı bir cihazdan kaydolun.",
+  "howItWorks": "Nasıl çalışır",
   "ackPasswordLostWarning": "Eğer şifremi kaybedersem, verilerim <underline>uçtan uca şifrelendiğinden</underline> verilerimi kaybedebileceğimi anladım.",
   "loginTerms": "Giriş yaparak, <u-terms>kullanım şartları</u-terms>nı ve <u-policy>gizlilik politikası</u-policy>nı onaylıyorum",
   "logInLabel": "Giriş yapın",
@@ -184,5 +198,66 @@
   "recoveryKeyVerified": "Kurtarma anahtarı doğrulandı",
   "recoveryKeySuccessBody": "Güzel! Kurtarma anahtarınız geçerli. Doğruladığınız için teşekkürler.\n\nLütfen kurtarma anahtarınızı güvenli bir şekilde yedeklemeyi unutmayın.",
   "invalidRecoveryKey": "Girdiğiniz kurtarma kodu geçersiz. Lütfen 24 kelime içerdiğinden ve her birinin yazılışını kontrol ettiğinizden emin olun.\n\nEğer eski bir kurtarma kodu girdiyseniz, Lütfen 64 kelime içerdiğinden ve her birinin yazılışını kontrol ettiğinizden emin olun.",
-  "recreatePasswordTitle": "Şifreyi yeniden oluştur"
+  "recreatePasswordTitle": "Şifreyi yeniden oluştur",
+  "recreatePasswordBody": "Mevcut cihaz şifrenizi doğrulayacak kadar güçlü değil, ancak tüm cihazlarla çalışacak şekilde yeniden oluşturabiliriz.\n\nLütfen kurtarma anahtarınızı kullanarak giriş yapın ve şifrenizi yeniden oluşturun (isterseniz aynı şifreyi tekrar kullanabilirsiniz).",
+  "invalidKey": "Geçersiz anahtar",
+  "tryAgain": "Tekrar deneyin",
+  "viewRecoveryKey": "Kurtarma anahtarını görün",
+  "confirmRecoveryKey": "Kurtarma anahtarını doğrulayın",
+  "recoveryKeyVerifyReason": "Kurtarma anahtarınız, şifrenizi unutmanız durumunda fotoğraflarınızı kurtarmanın tek yoludur. Kurtarma anahtarınızı Ayarlar > Hesap bölümünde bulabilirsiniz.\n\nDoğru kaydettiğinizi doğrulamak için lütfen kurtarma anahtarınızı buraya girin.",
+  "confirmYourRecoveryKey": "Kurtarma anahtarınızı doğrulayın",
+  "confirm": "Doğrula",
+  "emailYourLogs": "Günlüklerinizi e-postayla gönderin",
+  "pleaseSendTheLogsTo": "Lütfen günlükleri şu adrese gönderin\n{toEmail}",
+  "copyEmailAddress": "E-posta adresini kopyala",
+  "exportLogs": "Günlüğü dışa aktar",
+  "enterYourRecoveryKey": "Kurtarma anahtarınızı girin",
+  "tempErrorContactSupportIfPersists": "Bir şeyler ters gitmiş gibi görünüyor. Lütfen bir süre sonra tekrar deneyin. Hata devam ederse, lütfen destek ekibimizle iletişime geçin.",
+  "itLooksLikeSomethingWentWrongPleaseRetryAfterSome": "Bir şeyler ters gitmiş gibi görünüyor. Lütfen bir süre sonra tekrar deneyin. Hata devam ederse, lütfen destek ekibimizle iletişime geçin.",
+  "weAreOpenSource": "Biz açık kaynağız!",
+  "privacy": "Gizlilik",
+  "terms": "Şartlar",
+  "checkForUpdates": "Güncellemeleri denetleyin",
+  "checking": "Denetleniyor...",
+  "youAreOnTheLatestVersion": "En son sürümdesiniz",
+  "warning": "Uyarı",
+  "exportWarningDesc": "Dışa aktarılan dosya hassas bilgiler içeriyor. Lütfen bunu güvenli bir şekilde saklayın.",
+  "iUnderStand": "Anlıyorum",
+  "@iUnderStand": {
+    "description": "Text for the button to confirm the user understands the warning"
+  },
+  "authToExportCodes": "Kodlarınızı dışa aktarmak için lütfen kimlik doğrulaması yapın",
+  "importSuccessTitle": "Oley!",
+  "importSuccessDesc": "İçeri {count} kod aktardınız!",
+  "@importSuccessDesc": {
+    "placeholders": {
+      "count": {
+        "description": "The number of codes imported",
+        "type": "int",
+        "example": "1"
+      }
+    }
+  },
+  "importFailureDesc": "Seçilen dosya ayrıştırılamadı.\nYardıma ihtiyacınız varsa lütfen support@ente.io adresine yazın!",
+  "pendingSyncs": "Uyarı",
+  "pendingSyncsWarningBody": "Kodlarınızdan bazıları yedeklenmemiş.\n\nLütfen oturumu kapatmadan önce bu kodların yedeğini aldığınızdan emin olun.",
+  "checkInboxAndSpamFolder": "Doğrulamayı tamamlamak için lütfen gelen kutunuzu (ve spam kutunuzu) kontrol edin",
+  "tapToEnterCode": "Kodu girmek için dokunun",
+  "resendEmail": "E-postayı yeniden gönder",
+  "weHaveSendEmailTo": "<green>{email}</green> adresine bir posta gönderdik",
+  "@weHaveSendEmailTo": {
+    "description": "Text to indicate that we have sent a mail to the user",
+    "placeholders": {
+      "email": {
+        "description": "The email address of the user",
+        "type": "String",
+        "example": "example@ente.io"
+      }
+    }
+  },
+  "activeSessions": "Aktif oturumlar",
+  "somethingWentWrongPleaseTryAgain": "Bir şeyler ters gitti, lütfen tekrar deneyin",
+  "terminateSession": "Oturumu sonlandır?",
+  "terminate": "Sonlandır",
+  "thisDevice": "Bu cihaz"
 }

lib/l10n/arb/app_vi.arb

@@ -0,0 +1,271 @@
+{
+  "account": "Tài khoản",
+  "recoveryKey": "Khóa khôi phục",
+  "counterAppBarTitle": "Bộ Đếm",
+  "@counterAppBarTitle": {
+    "description": "Text shown in the AppBar of the Counter Page"
+  },
+  "onBoardingBody": "Bảo mật mã 2FA của bạn",
+  "onBoardingGetStarted": "Bắt đầu",
+  "setupFirstAccount": "Thiết lập tài khoản đầu tiên của bạn",
+  "importScanQrCode": "Quét mã QR",
+  "importEnterSetupKey": "Nhập khóa thiết lập",
+  "importAccountPageTitle": "Nhập chi tiết tài khoản",
+  "secretCanNotBeEmpty": "Khoá bí mật không được để trống",
+  "bothIssuerAndAccountCanNotBeEmpty": "Cả nhà phát hành và tài khoản không được để trống",
+  "incorrectDetails": "Thông tin chi tiết không chính xác",
+  "pleaseVerifyDetails": "Vui lòng xác minh chi tiết và thử lại",
+  "codeIssuerHint": "Nhà phát hành",
+  "codeSecretKeyHint": "Khóa bí mật",
+  "codeAccountHint": "Tài khoản (bạn@miền.com)",
+  "accountKeyType": "Loại khóa",
+  "sessionExpired": "Phiên làm việc đã hết hạn",
+  "@sessionExpired": {
+    "description": "Title of the dialog when the users current session is invalid/expired"
+  },
+  "pleaseLoginAgain": "Vui lòng đăng nhập lại",
+  "loggingOut": "Đang thoát...",
+  "timeBasedKeyType": "Dựa trên thời gian (TOTP)",
+  "counterBasedKeyType": "Dựa trên bộ đếm (HOTP)",
+  "saveAction": "Lưu",
+  "nextTotpTitle": "tiếp",
+  "deleteCodeTitle": "Xóa mã?",
+  "deleteCodeMessage": "Bạn có chắc chắn muốn xóa mã này không? Hành động này không thể đảo ngược.",
+  "viewLogsAction": "Xem các bản ghi",
+  "sendLogsDescription": "Thao tác này sẽ gửi nhật ký để giúp chúng tôi gỡ lỗi sự cố của bạn. Mặc dù chúng tôi thực hiện các biện pháp phòng ngừa để đảm bảo rằng thông tin nhạy cảm không được ghi lại, nhưng chúng tôi khuyến khích bạn xem các nhật ký này trước khi chia sẻ chúng.",
+  "preparingLogsTitle": "Đang chuẩn bị nhật ký...",
+  "emailLogsTitle": "Nhật ký email",
+  "emailLogsMessage": "Vui lòng gửi nhật ký tới {email}",
+  "@emailLogsMessage": {
+    "placeholders": {
+      "email": {
+        "type": "String"
+      }
+    }
+  },
+  "copyEmailAction": "Sao chép email",
+  "exportLogsAction": "Xuất nhật ký",
+  "reportABug": "Báo cáo lỗi",
+  "crashAndErrorReporting": "Báo cáo sự cố và lỗi",
+  "reportBug": "Báo lỗi",
+  "emailUsMessage": "Vui lòng gửi email cho chúng tôi tại {email}",
+  "@emailUsMessage": {
+    "placeholders": {
+      "email": {
+        "type": "String"
+      }
+    }
+  },
+  "contactSupport": "Liên hệ hỗ trợ",
+  "verifyPassword": "Xác nhận mật khẩu",
+  "pleaseWait": "Vui lòng chờ...",
+  "generatingEncryptionKeysTitle": "Đang tạo khóa mã hóa...",
+  "recreatePassword": "Tạo lại mật khẩu",
+  "recreatePasswordMessage": "Thiết bị hiện tại không đủ mạnh để xác minh mật khẩu của bạn, vì vậy chúng tôi cần tạo lại mật khẩu một lần theo cách hoạt động với tất cả các thiết bị. \n\nVui lòng đăng nhập bằng khóa khôi phục và tạo lại mật khẩu của bạn (bạn có thể sử dụng lại cùng một mật khẩu nếu muốn).",
+  "useRecoveryKey": "Dùng khóa khôi phục",
+  "incorrectPasswordTitle": "Mật khẩu không đúng",
+  "welcomeBack": "Chào mừng trở lại!",
+  "madeWithLoveAtPrefix": "được làm bằng ❤️ tại ",
+  "supportDevs": "Đăng ký <bold-green>ente</bold-green> để hỗ trợ dự án này.",
+  "supportDiscount": "Sử dụng mã giảm giá \"AUTH\" để được giảm 10% trong năm đầu tiên",
+  "changeEmail": "Thay đổi email",
+  "changePassword": "Thay đổi mật khẩu",
+  "data": "Dữ liệu",
+  "importCodes": "Nhập mã",
+  "exportCodes": "Xuất mã",
+  "importInstruction": "Vui lòng chọn tệp chứa danh sách mã của bạn ở định dạng sau",
+  "importCodeDelimiterInfo": "Các mã có thể được phân tách bằng một dấu phẩy hoặc một dòng mới",
+  "selectFile": "Chọn tập tin",
+  "authToViewYourRecoveryKey": "Vui lòng xác thực để xem khóa khôi phục của bạn",
+  "authToChangeYourEmail": "Vui lòng xác thực để thay đổi email của bạn",
+  "authToChangeYourPassword": "Vui lòng xác thực để thay đổi mật khẩu của bạn",
+  "ok": "Được rồi",
+  "cancel": "Hủy",
+  "yes": "Đúng",
+  "no": "Không",
+  "email": "Thư điện tử",
+  "support": "Hỗ trợ",
+  "settings": "Cài đặt",
+  "copied": "\u001dĐã sao chép",
+  "pleaseTryAgain": "Vui lòng thử lại",
+  "existingUser": "Người dùng hiện tại",
+  "newUser": "Mới tham gia ente",
+  "delete": "Xóa",
+  "enterYourPasswordHint": "Nhập mật khẩu của bạn",
+  "forgotPassword": "Quên mật khẩu",
+  "oops": "Rất tiếc",
+  "somethingWentWrongMessage": "Phát hiện có lỗi, xin thử lại",
+  "leaveFamily": "Rời khỏi gia đình",
+  "leaveFamilyMessage": "Bạn có chắc chắn muốn thoát khỏi gói dành cho gia đình không?",
+  "inFamilyPlanMessage": "Bạn đang sử dụng gói dành cho gia đình!",
+  "swipeHint": "Vuốt sang trái để chỉnh sửa hoặc xóa mã",
+  "scan": "Quét",
+  "scanACode": "Quét mã",
+  "verify": "Xác minh",
+  "verifyEmail": "Xác nhận địa chỉ Email",
+  "enterCodeHint": "Nhập mã gồm 6 chữ số từ ứng dụng xác thực của bạn",
+  "lostDeviceTitle": "Bạn đã mất thiết bị?",
+  "twoFactorAuthTitle": "Xác thực hai yếu tố",
+  "recoverAccount": "Khôi phục tài khoản",
+  "enterRecoveryKeyHint": "Nhập khóa khôi phục của bạn",
+  "recover": "Khôi phục",
+  "contactSupportViaEmailMessage": "Vui lòng gửi email đến {email} từ địa chỉ email đã đăng ký của bạn",
+  "@contactSupportViaEmailMessage": {
+    "placeholders": {
+      "email": {
+        "type": "String"
+      }
+    }
+  },
+  "noRecoveryKeyTitle": "Không có khóa khôi phục?",
+  "enterEmailHint": "Nhập địa chỉ email của bạn",
+  "invalidEmailTitle": "Địa chỉ email không hợp lệ",
+  "invalidEmailMessage": "Xin vui lòng nhập một địa chỉ email hợp lệ.",
+  "deleteAccount": "Xoá tài khoản",
+  "deleteAccountQuery": "Chúng tôi sẽ rất tiếc khi thấy bạn đi. Bạn đang phải đối mặt với một số vấn đề?",
+  "yesSendFeedbackAction": "Có, gửi phản hồi",
+  "noDeleteAccountAction": "Không, xóa tài khoản",
+  "initiateAccountDeleteTitle": "Vui lòng xác thực để bắt đầu xóa tài khoản",
+  "confirmAccountDeleteTitle": "Bạn có chắc rằng bạn muốn xóa tài khoản ente của bạn không?",
+  "confirmAccountDeleteMessage": "Dữ liệu đã tải lên của bạn, trên tất cả các ứng dụng (cả Ảnh và Authenticator), sẽ được lên lịch xóa và tài khoản của bạn sẽ bị xóa vĩnh viễn.",
+  "sendEmail": "Gửi email",
+  "createNewAccount": "Tạo tài khoản mới",
+  "weakStrength": "Yếu",
+  "strongStrength": "Mạnh",
+  "moderateStrength": "Trung bình",
+  "confirmPassword": "Xác nhận mật khẩu",
+  "close": "Đóng",
+  "oopsSomethingWentWrong": "Rất tiếc, Đã xảy ra lỗi.",
+  "selectLanguage": "Chọn ngôn ngữ",
+  "language": "Ngôn ngữ",
+  "social": "Xã hội",
+  "security": "Bảo mật",
+  "lockscreen": "Màn hình khoá",
+  "authToChangeLockscreenSetting": "Vui lòng xác thực để thay đổi cài đặt màn hình khóa",
+  "lockScreenEnablePreSteps": "Để bật màn hình khóa, vui lòng thiết lập mật khẩu thiết bị hoặc khóa màn hình trong cài đặt hệ thống của bạn.",
+  "viewActiveSessions": "Xem danh sách phiên làm việc hiện tại",
+  "authToViewYourActiveSessions": "Vui lòng xác thực để xem danh sách phiên làm việc của bạn",
+  "searchHint": "Tìm kiếm...",
+  "search": "Tìm kiếm",
+  "sorryUnableToGenCode": "Rất tiếc, không thể tạo mã cho {issuerName}",
+  "noResult": "Không có kết quả",
+  "addCode": "Thêm mã",
+  "scanAQrCode": "Quét mã QR",
+  "enterDetailsManually": "Nhập chi tiết thủ công",
+  "edit": "Sửa",
+  "copiedToClipboard": "Đã sao chép vào khay nhớ tạm",
+  "error": "Lỗi",
+  "recoveryKeyCopiedToClipboard": "Đã sao chép khóa khôi phục vào bộ nhớ tạm",
+  "recoveryKeyOnForgotPassword": "Nếu bạn quên mật khẩu, cách duy nhất bạn có thể khôi phục dữ liệu của mình là sử dụng khóa này.",
+  "recoveryKeySaveDescription": "Chúng tôi không lưu trữ khóa này, vui lòng lưu khóa 24 từ này ở nơi an toàn.",
+  "doThisLater": "Để sau",
+  "saveKey": "Lưu khóa",
+  "createAccount": "Tạo tài khoản",
+  "passwordStrength": "Độ mạnh mật khẩu: {passwordStrengthValue}",
+  "@passwordStrength": {
+    "description": "Text to indicate the password strength",
+    "placeholders": {
+      "passwordStrengthValue": {
+        "description": "The strength of the password as a string",
+        "type": "String",
+        "example": "Weak or Moderate or Strong"
+      }
+    },
+    "message": "Password Strength: {passwordStrengthText}"
+  },
+  "password": "Mật khẩu",
+  "signUpTerms": "Tôi đồng ý với <u-terms>điều khoản dịch vụ</u-terms> và <u-policy>chính sách quyền riêng tư</u-policy>",
+  "privacyPolicyTitle": "Chính sách bảo mật",
+  "termsOfServicesTitle": "Điều khoản",
+  "encryption": "Mã hóa",
+  "setPasswordTitle": "Đặt mật khẩu",
+  "changePasswordTitle": "Thay đổi mật khẩu",
+  "resetPasswordTitle": "Đặt lại mật khẩu",
+  "encryptionKeys": "Khóa mã hóa",
+  "passwordWarning": "Chúng tôi không lưu trữ mật khẩu này, vì vậy nếu bạn quên, <underline>chúng tôi không thể giải mã dữ liệu của bạn</underline>",
+  "enterPasswordToEncrypt": "Nhập mật khẩu mà chúng tôi có thể sử dụng để mã hóa dữ liệu của bạn",
+  "enterNewPasswordToEncrypt": "Nhập một mật khẩu mới mà chúng tôi có thể sử dụng để mã hóa dữ liệu của bạn",
+  "passwordChangedSuccessfully": "Thay đổi mật khẩu thành công",
+  "generatingEncryptionKeys": "Đang tạo khóa mã hóa...",
+  "continueLabel": "Tiếp tục",
+  "insecureDevice": "Thiết bị không an toàn",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "Rất tiếc, chúng tôi không thể tạo khóa bảo mật trên thiết bị này.\n\nvui lòng đăng ký từ một thiết bị khác.",
+  "howItWorks": "Cách thức hoạt động",
+  "ackPasswordLostWarning": "Tôi hiểu rằng việc mất mật khẩu có thể đồng nghĩa với việc mất dữ liệu của tôi vì dữ liệu của tôi được <underline>mã hóa hai đầu</underline>.",
+  "loginTerms": "Bằng cách nhấp vào đăng nhập, tôi đồng ý với <u-terms>điều khoản dịch vụ</u-terms> và <u-policy>chính sách quyền riêng tư</u-policy>",
+  "logInLabel": "Đăng nhập",
+  "logout": "Đăng xuất",
+  "areYouSureYouWantToLogout": "Bạn có chắc chắn muốn đăng xuất?",
+  "yesLogout": "Có, đăng xuất",
+  "exit": "Thoát",
+  "verifyingRecoveryKey": "Đang xác minh khóa khôi phục...",
+  "recoveryKeyVerified": "Khóa khôi phục đã được xác thực",
+  "recoveryKeySuccessBody": "Tuyệt vời! Khóa khôi phục của bạn hợp lệ. Cảm ơn bạn đã xác minh.\n\nHãy nhớ sao lưu khóa khôi phục của bạn một cách an toàn.",
+  "invalidRecoveryKey": "Khóa khôi phục bạn đã nhập không hợp lệ. Vui lòng đảm bảo rằng nó chứa 24 từ và kiểm tra chính tả của từng từ.\n\nNếu bạn đã nhập mã khôi phục cũ hơn, hãy đảm bảo mã đó dài 64 ký tự và kiểm tra từng ký tự.",
+  "recreatePasswordTitle": "Tạo lại mật khẩu",
+  "recreatePasswordBody": "Thiết bị hiện tại không đủ mạnh để xác minh mật khẩu của bạn nhưng chúng tôi có thể tạo lại mật khẩu theo cách hoạt động với tất cả các thiết bị.\n\nVui lòng đăng nhập bằng khóa khôi phục và tạo lại mật khẩu của bạn (bạn có thể sử dụng lại cùng một mật khẩu nếu muốn).",
+  "invalidKey": "Khoá không hợp lệ",
+  "tryAgain": "Thử lại",
+  "viewRecoveryKey": "Hiển thị khóa khôi phục",
+  "confirmRecoveryKey": "Xác nhận khóa khôi phục",
+  "recoveryKeyVerifyReason": "Nếu bạn quên mật khẩu, khóa khôi phục là cách duy nhất để khôi phục ảnh của bạn. Bạn có thể tìm thấy khóa khôi phục của mình trong Cài đặt > Tài khoản.\n\nVui lòng nhập khóa khôi phục của bạn tại đây để xác minh rằng bạn đã lưu chính xác.",
+  "confirmYourRecoveryKey": "Xác nhận khóa khôi phục",
+  "confirm": "Xác nhận",
+  "emailYourLogs": "Gửi email nhật ký của bạn",
+  "pleaseSendTheLogsTo": "Vui lòng gửi nhật ký đến \n{toEmail}",
+  "copyEmailAddress": "Sao chép địa chỉ email",
+  "exportLogs": "Xuất nhật ký",
+  "enterYourRecoveryKey": "Nhập khóa khôi phục của bạn",
+  "tempErrorContactSupportIfPersists": "Có vẻ như đã xảy ra sự cố. Vui lòng thử lại sau một thời gian. Nếu lỗi vẫn tiếp diễn, vui lòng liên hệ với nhóm hỗ trợ của chúng tôi.",
+  "itLooksLikeSomethingWentWrongPleaseRetryAfterSome": "Có vẻ như đã xảy ra sự cố. Vui lòng thử lại sau một thời gian. Nếu lỗi vẫn tiếp diễn, vui lòng liên hệ với nhóm hỗ trợ của chúng tôi.",
+  "about": "Về chúng tôi",
+  "weAreOpenSource": "Chúng tôi có mã nguồn mở!",
+  "privacy": "Riêng tư",
+  "terms": "Điều khoản",
+  "checkForUpdates": "Kiểm tra cập nhật",
+  "checking": "Đang kiểm tra...",
+  "youAreOnTheLatestVersion": "Bạn đang sử dụng phiên bản mới nhất",
+  "warning": "Cánh báo",
+  "exportWarningDesc": "Tệp đã xuất chứa thông tin nhạy cảm. Hãy lưu trữ tệp này một cách an toàn.",
+  "iUnderStand": "Tôi hiểu",
+  "@iUnderStand": {
+    "description": "Text for the button to confirm the user understands the warning"
+  },
+  "authToExportCodes": "Vui lòng xác thực để xuất mã của bạn",
+  "importSuccessTitle": "Hoan hô!",
+  "importSuccessDesc": "Bạn đã nhập {count} mã!",
+  "@importSuccessDesc": {
+    "placeholders": {
+      "count": {
+        "description": "The number of codes imported",
+        "type": "int",
+        "example": "1"
+      }
+    }
+  },
+  "sorry": "Xin lỗi",
+  "importFailureDesc": "Không thể phân tích cú pháp tệp đã chọn.\nVui lòng viết thư cho support@ente.io nếu bạn cần trợ giúp!",
+  "pendingSyncs": "Cánh báo",
+  "pendingSyncsWarningBody": "Một số mã của bạn chưa được sao lưu.\n\nVui lòng đảm bảo rằng bạn có bản sao lưu cho các mã này trước khi đăng xuất.",
+  "checkInboxAndSpamFolder": "Vui lòng kiểm tra hộp thư đến (và thư rác) của bạn để hoàn tất xác minh",
+  "tapToEnterCode": "Chạm để nhập mã",
+  "resendEmail": "Gửi lại email",
+  "weHaveSendEmailTo": "Chúng tôi đã gửi thư đến <green>{email}</green>",
+  "@weHaveSendEmailTo": {
+    "description": "Text to indicate that we have sent a mail to the user",
+    "placeholders": {
+      "email": {
+        "description": "The email address of the user",
+        "type": "String",
+        "example": "example@ente.io"
+      }
+    }
+  },
+  "activeSessions": "Các phiên làm việc hiện tại",
+  "somethingWentWrongPleaseTryAgain": "Phát hiện có lỗi, xin thử lại",
+  "thisWillLogYouOutOfThisDevice": "Thao tác này sẽ đăng xuất bạn khỏi thiết bị này!",
+  "thisWillLogYouOutOfTheFollowingDevice": "Thao tác này sẽ đăng xuất bạn khỏi thiết bị sau:",
+  "terminateSession": "Chấm dứt phiên?",
+  "terminate": "Dừng lại",
+  "thisDevice": "Thiết bị này"
+}

lib/l10n/arb/app_zh.arb

@@ -98,6 +98,7 @@
   "scan": "扫描",
   "scanACode": "扫描代码",
   "verify": "验证",
+  "verifyEmail": "验证电子邮件",
   "enterCodeHint": "从你的身份验证器应用中\n输入6位数字代码",
   "lostDeviceTitle": "丢失了设备吗？",
   "twoFactorAuthTitle": "双因素认证",
@@ -173,6 +174,19 @@
   "privacyPolicyTitle": "隐私政策",
   "termsOfServicesTitle": "使用条款",
   "encryption": "加密",
+  "setPasswordTitle": "设置密码",
+  "changePasswordTitle": "修改密码",
+  "resetPasswordTitle": "重置密码",
+  "encryptionKeys": "加密密钥",
+  "passwordWarning": "我们不储存这个密码，所以如果忘记， <underline>我们不能解密您的数据</underline>",
+  "enterPasswordToEncrypt": "输入我们可以用来加密您的数据的密码",
+  "enterNewPasswordToEncrypt": "输入我们可以用来加密您的数据的新密码",
+  "passwordChangedSuccessfully": "密码修改成功",
+  "generatingEncryptionKeys": "正在生成加密密钥...",
+  "continueLabel": "继续",
+  "insecureDevice": "设备不安全",
+  "sorryWeCouldNotGenerateSecureKeysOnThisDevicennplease": "抱歉，我们无法在此设备上生成安全密钥。\n\n请使用其他设备注册。",
+  "howItWorks": "工作原理",
   "ackPasswordLostWarning": "我明白，如果我丢失密码，我可能会丢失我的数据，因为我的数据是 <underline>端到端加密的</underline>。",
   "loginTerms": "点击登录后，我同意 <u-terms>服务条款</u-terms> 和 <u-policy>隐私政策</u-policy>",
   "logInLabel": "登录",
@@ -228,5 +242,26 @@
   "sorry": "抱歉",
   "importFailureDesc": "无法解析选定的文件。\n如果您需要帮助，请写入support@ente.io！",
   "pendingSyncs": "警告",
-  "pendingSyncsWarningBody": "您的一些代码尚未备份。\n\n请确保您在退出登录之前备份这些代码。"
+  "pendingSyncsWarningBody": "您的一些代码尚未备份。\n\n请确保您在退出登录之前备份这些代码。",
+  "checkInboxAndSpamFolder": "请检查您的收件箱 (或者是在您的“垃圾邮件”列表内) 以完成验证",
+  "tapToEnterCode": "点击以输入代码",
+  "resendEmail": "重新发送电子邮件",
+  "weHaveSendEmailTo": "我们已经发送邮件到 <green>{email}</green>",
+  "@weHaveSendEmailTo": {
+    "description": "Text to indicate that we have sent a mail to the user",
+    "placeholders": {
+      "email": {
+        "description": "The email address of the user",
+        "type": "String",
+        "example": "example@ente.io"
+      }
+    }
+  },
+  "activeSessions": "已登录的设备",
+  "somethingWentWrongPleaseTryAgain": "出了点问题，请重试",
+  "thisWillLogYouOutOfThisDevice": "这将使您在此设备上退出登录！",
+  "thisWillLogYouOutOfTheFollowingDevice": "这将使您在以下设备中退出登录：",
+  "terminateSession": "是否终止会话？",
+  "terminate": "终止",
+  "thisDevice": "此设备"
 }

lib/locale.dart

@@ -8,13 +8,15 @@ const List<Locale> appSupportedLocales = <Locale>[
   Locale('de'),
   Locale('en'),
   Locale('es', 'ES'),
+  Locale('fa'),
   Locale('fr'),
   Locale('it'),
+  Locale('ja'),
   Locale('nl'),
-  Locale('fa'),
   Locale('pl'),
   Locale('pt', 'BR'),
   Locale('ru'),
+  Locale('tr'),
   Locale("zh", "CN"),
 ];
 

lib/main.dart

@@ -1,4 +1,5 @@
 import 'package:adaptive_theme/adaptive_theme.dart';
+import 'package:computer/computer.dart';
 import "package:ente_auth/app/view/app.dart";
 import 'package:ente_auth/core/configuration.dart';
 import 'package:ente_auth/core/constants.dart';
@@ -17,6 +18,7 @@ import 'package:ente_auth/store/code_store.dart';
 import 'package:ente_auth/ui/tools/app_lock.dart';
 import 'package:ente_auth/ui/tools/lock_screen.dart';
 import 'package:ente_auth/utils/crypto_util.dart';
+import 'package:flutter/foundation.dart';
 import "package:flutter/material.dart";
 import 'package:logging/logging.dart';
 import 'package:path_provider/path_provider.dart';
@@ -70,6 +72,8 @@ Future _runWithLogs(Function() function, {String prefix = ""}) async {
 }
 
 Future<void> _init(bool bool, {String? via}) async {
+  // Start workers asynchronously. No need to wait for them to start
+  Computer.shared().turnOn(workersCount: 4, verbose: kDebugMode);
   CryptoUtil.init();
   await PreferenceService.instance.init();
   await CodeStore.instance.init();

lib/models/api/user/srp.dart

@@ -0,0 +1,135 @@
+class SetupSRPRequest {
+  final String srpUserID;
+  final String srpSalt;
+  final String srpVerifier;
+  final String srpA;
+  final bool isUpdate;
+
+  SetupSRPRequest({
+    required this.srpUserID,
+    required this.srpSalt,
+    required this.srpVerifier,
+    required this.srpA,
+    required this.isUpdate,
+  });
+
+  Map<String, dynamic> toMap() {
+    return {
+      'srpUserID': srpUserID.toString(),
+      'srpSalt': srpSalt,
+      'srpVerifier': srpVerifier,
+      'srpA': srpA,
+      'isUpdate': isUpdate,
+    };
+  }
+
+  factory SetupSRPRequest.fromJson(Map<String, dynamic> json) {
+    return SetupSRPRequest(
+      srpUserID: json['srpUserID'],
+      srpSalt: json['srpSalt'],
+      srpVerifier: json['srpVerifier'],
+      srpA: json['srpA'],
+      isUpdate: json['isUpdate'],
+    );
+  }
+}
+
+class SetupSRPResponse {
+  final String setupID;
+  final String srpB;
+
+  SetupSRPResponse({
+    required this.setupID,
+    required this.srpB,
+  });
+
+  Map<String, dynamic> toMap() {
+    return {
+      'setupID': setupID.toString(),
+      'srpB': srpB,
+    };
+  }
+
+  factory SetupSRPResponse.fromJson(Map<String, dynamic> json) {
+    return SetupSRPResponse(
+      setupID: json['setupID'],
+      srpB: json['srpB'],
+    );
+  }
+}
+
+class CompleteSRPSetupRequest {
+  final String setupID;
+  final String srpM1;
+
+  CompleteSRPSetupRequest({
+    required this.setupID,
+    required this.srpM1,
+  });
+
+  Map<String, dynamic> toMap() {
+    return {
+      'setupID': setupID.toString(),
+      'srpM1': srpM1,
+    };
+  }
+
+  factory CompleteSRPSetupRequest.fromJson(Map<String, dynamic> json) {
+    return CompleteSRPSetupRequest(
+      setupID: json['setupID'],
+      srpM1: json['srpM1'],
+    );
+  }
+}
+class SrpAttributes {
+  final String srpUserID;
+  final String srpSalt;
+  final int memLimit;
+  final int opsLimit;
+  final String kekSalt;
+  final bool isEmailMFAEnabled;
+
+  SrpAttributes({
+    required this.srpUserID,
+    required this.srpSalt,
+    required this.memLimit,
+    required this.opsLimit,
+    required this.kekSalt,
+    required this.isEmailMFAEnabled,
+  });
+
+  factory SrpAttributes.fromMap(Map<String, dynamic> map) {
+    return SrpAttributes(
+      srpUserID: map['attributes']['srpUserID'],
+      srpSalt: map['attributes']['srpSalt'],
+      memLimit: map['attributes']['memLimit'],
+      opsLimit: map['attributes']['opsLimit'],
+      kekSalt: map['attributes']['kekSalt'],
+      isEmailMFAEnabled: map['attributes']['isEmailMFAEnabled'],
+    );
+  }
+}
+
+class CompleteSRPSetupResponse {
+  final String setupID;
+  final String srpM2;
+
+  CompleteSRPSetupResponse({
+    required this.setupID,
+    required this.srpM2,
+  });
+
+  Map<String, dynamic> toMap() {
+    return {
+      'setupID': setupID,
+      'srpM2': srpM2,
+    };
+  }
+
+  factory CompleteSRPSetupResponse.fromJson(Map<String, dynamic> json) {
+    return CompleteSRPSetupResponse(
+      setupID: json['setupID'],
+      srpM2: json['srpM2'],
+    );
+  }
+}

lib/models/code.dart

@@ -13,6 +13,7 @@ class Code {
   final Algorithm algorithm;
   final Type type;
   final String rawData;
+  final int counter;
   bool? hasSynced;
 
   Code(
@@ -23,6 +24,7 @@ class Code {
     this.secret,
     this.algorithm,
     this.type,
+    this.counter,
     this.rawData, {
     this.generatedID,
   });
@@ -35,6 +37,7 @@ class Code {
     String? secret,
     Algorithm? algorithm,
     Type? type,
+    int? counter,
   }) {
     final String updateAccount = account ?? this.account;
     final String updateIssuer = issuer ?? this.issuer;
@@ -43,6 +46,7 @@ class Code {
     final String updatedSecret = secret ?? this.secret;
     final Algorithm updatedAlgo = algorithm ?? this.algorithm;
     final Type updatedType = type ?? this.type;
+    final int updatedCounter = counter ?? this.counter;
 
     return Code(
       updateAccount,
@@ -52,6 +56,7 @@ class Code {
       updatedSecret,
       updatedAlgo,
       updatedType,
+      updatedCounter,
       "otpauth://${updatedType.name}/" +
           updateIssuer +
           ":" +
@@ -59,7 +64,7 @@ class Code {
           "?algorithm=${updatedAlgo.name}&digits=$updatedDigits&issuer=" +
           updateIssuer +
           "&period=$updatePeriod&secret=" +
-          updatedSecret,
+          updatedSecret + (updatedType == Type.hotp ? "&counter=$updatedCounter" : ""),
       generatedID: generatedID,
     );
   }
@@ -77,6 +82,7 @@ class Code {
       secret,
       Algorithm.sha1,
       Type.totp,
+      0,
       "otpauth://totp/" +
           issuer +
           ":" +
@@ -90,6 +96,7 @@ class Code {
 
   static Code fromRawData(String rawData) {
     Uri uri = Uri.parse(rawData);
+    try {
     return Code(
       _getAccount(uri),
       _getIssuer(uri),
@@ -98,8 +105,18 @@ class Code {
       getSanitizedSecret(uri.queryParameters['secret']!),
       _getAlgorithm(uri),
       _getType(uri),
+      _getCounter(uri),
       rawData,
     );
+    } catch(e) {
+      // if account name contains # without encoding,
+      // rest of the url are treated as url fragment
+      if(rawData.contains("#")) {
+        return Code.fromRawData(rawData.replaceAll("#", '%23'));
+      } else {
+        rethrow;
+      }
+    }
   }
 
   static String _getAccount(Uri uri) {
@@ -153,6 +170,18 @@ class Code {
     }
   }
 
+  static int _getCounter(Uri uri) {
+    try {
+      final bool hasCounterKey = uri.queryParameters.containsKey('counter');
+      if (!hasCounterKey) {
+        return 0;
+      }
+      return int.parse(uri.queryParameters['counter']!);
+    } catch (e) {
+      return defaultPeriod;
+    }
+  }
+
   static Algorithm _getAlgorithm(Uri uri) {
     try {
       final algorithm =
@@ -187,6 +216,7 @@ class Code {
         other.digits == digits &&
         other.period == period &&
         other.secret == secret &&
+        other.counter == counter &&
         other.type == type &&
         other.rawData == rawData;
   }
@@ -199,6 +229,7 @@ class Code {
         period.hashCode ^
         secret.hashCode ^
         type.hashCode ^
+        counter.hashCode ^
         rawData.hashCode;
   }
 }

lib/models/export/ente.dart

@@ -0,0 +1,66 @@
+/*
+Version: 1.0
+KDF Algo: ARGON2ID
+Decrypted Data Format: It contains code.rawData [1] separated by new line.
+[1] otpauth://totp/provider.com:you@email.com?secret=YOUR_SECRET
+*/
+
+class EnteAuthExport {
+  final int version;
+  final KDFParams kdfParams;
+  final String encryptedData;
+  final String encryptionNonce;
+
+  // Named constructor which can be used to specify each field individually
+  EnteAuthExport({
+    required this.version,
+    required this.kdfParams,
+    required this.encryptedData,
+    required this.encryptionNonce,
+  });
+
+  // Convert EnteExport object to JSON
+  Map<String, dynamic> toJson() => {
+        'version': version,
+        'kdfParams': kdfParams.toJson(),
+        'encryptedData': encryptedData,
+        'encryptionNonce': encryptionNonce,
+      };
+
+  // Convert JSON to EnteExport object
+  static EnteAuthExport fromJson(Map<String, dynamic> json) => EnteAuthExport(
+        version: json['version'],
+        kdfParams: KDFParams.fromJson(json['kdfParams']),
+        encryptedData: json['encryptedData'],
+        encryptionNonce: json['encryptionNonce'],
+      );
+}
+
+// KDFParams is a class that holds the parameters for the KDF function.
+// It is used to derive a key from a password.
+class KDFParams {
+  final int memLimit;
+  final int opsLimit;
+  final String salt;
+
+  // Named constructor which can be used to specify each field individually
+  KDFParams({
+    required this.memLimit,
+    required this.opsLimit,
+    required this.salt,
+  });
+
+  // Convert KDFParams object to JSON
+  Map<String, dynamic> toJson() => {
+        'memLimit': memLimit,
+        'opsLimit': opsLimit,
+        'salt': salt,
+      };
+
+  // Convert JSON to KDFParams object
+  static KDFParams fromJson(Map<String, dynamic> json) => KDFParams(
+        memLimit: json['memLimit'],
+        opsLimit: json['opsLimit'],
+        salt: json['salt'],
+      );
+}

lib/models/key_gen_result.dart

@@ -1,9 +1,12 @@
+import 'dart:typed_data';
+
 import 'package:ente_auth/models/key_attributes.dart';
 import 'package:ente_auth/models/private_key_attributes.dart';
 
 class KeyGenResult {
   final KeyAttributes keyAttributes;
   final PrivateKeyAttributes privateKeyAttributes;
+  final Uint8List loginKey;
 
-  KeyGenResult(this.keyAttributes, this.privateKeyAttributes);
+  KeyGenResult(this.keyAttributes, this.privateKeyAttributes, this.loginKey);
 }

lib/models/protos/googleauth.pb.dart

@@ -0,0 +1,201 @@
+//
+//  Generated code. Do not modify.
+//  source: googleauth.proto
+//
+// @dart = 2.12
+
+// ignore_for_file: annotate_overrides, camel_case_types
+// ignore_for_file: constant_identifier_names, library_prefixes
+// ignore_for_file: non_constant_identifier_names, prefer_final_fields
+// ignore_for_file: unnecessary_import, unnecessary_this, unused_import
+
+import 'dart:core' as $core;
+
+import 'package:fixnum/fixnum.dart' as $fixnum;
+import 'package:protobuf/protobuf.dart' as $pb;
+
+import 'googleauth.pbenum.dart';
+
+export 'googleauth.pbenum.dart';
+
+class MigrationPayload_OtpParameters extends $pb.GeneratedMessage {
+  factory MigrationPayload_OtpParameters() => create();
+  MigrationPayload_OtpParameters._() : super();
+  factory MigrationPayload_OtpParameters.fromBuffer($core.List<$core.int> i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromBuffer(i, r);
+  factory MigrationPayload_OtpParameters.fromJson($core.String i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromJson(i, r);
+
+  static final $pb.BuilderInfo _i = $pb.BuilderInfo(_omitMessageNames ? '' : 'MigrationPayload.OtpParameters', package: const $pb.PackageName(_omitMessageNames ? '' : 'googleauth'), createEmptyInstance: create)
+    ..a<$core.List<$core.int>>(1, _omitFieldNames ? '' : 'secret', $pb.PbFieldType.OY)
+    ..aOS(2, _omitFieldNames ? '' : 'name')
+    ..aOS(3, _omitFieldNames ? '' : 'issuer')
+    ..e<MigrationPayload_Algorithm>(4, _omitFieldNames ? '' : 'algorithm', $pb.PbFieldType.OE, defaultOrMaker: MigrationPayload_Algorithm.ALGORITHM_UNSPECIFIED, valueOf: MigrationPayload_Algorithm.valueOf, enumValues: MigrationPayload_Algorithm.values)
+    ..e<MigrationPayload_DigitCount>(5, _omitFieldNames ? '' : 'digits', $pb.PbFieldType.OE, defaultOrMaker: MigrationPayload_DigitCount.DIGIT_COUNT_UNSPECIFIED, valueOf: MigrationPayload_DigitCount.valueOf, enumValues: MigrationPayload_DigitCount.values)
+    ..e<MigrationPayload_OtpType>(6, _omitFieldNames ? '' : 'type', $pb.PbFieldType.OE, defaultOrMaker: MigrationPayload_OtpType.OTP_TYPE_UNSPECIFIED, valueOf: MigrationPayload_OtpType.valueOf, enumValues: MigrationPayload_OtpType.values)
+    ..aInt64(7, _omitFieldNames ? '' : 'counter')
+    ..hasRequiredFields = false
+  ;
+
+  @$core.Deprecated(
+  'Using this can add significant overhead to your binary. '
+  'Use [GeneratedMessageGenericExtensions.deepCopy] instead. '
+  'Will be removed in next major version')
+  MigrationPayload_OtpParameters clone() => MigrationPayload_OtpParameters()..mergeFromMessage(this);
+  @$core.Deprecated(
+  'Using this can add significant overhead to your binary. '
+  'Use [GeneratedMessageGenericExtensions.rebuild] instead. '
+  'Will be removed in next major version')
+  MigrationPayload_OtpParameters copyWith(void Function(MigrationPayload_OtpParameters) updates) => super.copyWith((message) => updates(message as MigrationPayload_OtpParameters)) as MigrationPayload_OtpParameters;
+
+  $pb.BuilderInfo get info_ => _i;
+
+  @$core.pragma('dart2js:noInline')
+  static MigrationPayload_OtpParameters create() => MigrationPayload_OtpParameters._();
+  MigrationPayload_OtpParameters createEmptyInstance() => create();
+  static $pb.PbList<MigrationPayload_OtpParameters> createRepeated() => $pb.PbList<MigrationPayload_OtpParameters>();
+  @$core.pragma('dart2js:noInline')
+  static MigrationPayload_OtpParameters getDefault() => _defaultInstance ??= $pb.GeneratedMessage.$_defaultFor<MigrationPayload_OtpParameters>(create);
+  static MigrationPayload_OtpParameters? _defaultInstance;
+
+  @$pb.TagNumber(1)
+  $core.List<$core.int> get secret => $_getN(0);
+  @$pb.TagNumber(1)
+  set secret($core.List<$core.int> v) { $_setBytes(0, v); }
+  @$pb.TagNumber(1)
+  $core.bool hasSecret() => $_has(0);
+  @$pb.TagNumber(1)
+  void clearSecret() => clearField(1);
+
+  @$pb.TagNumber(2)
+  $core.String get name => $_getSZ(1);
+  @$pb.TagNumber(2)
+  set name($core.String v) { $_setString(1, v); }
+  @$pb.TagNumber(2)
+  $core.bool hasName() => $_has(1);
+  @$pb.TagNumber(2)
+  void clearName() => clearField(2);
+
+  @$pb.TagNumber(3)
+  $core.String get issuer => $_getSZ(2);
+  @$pb.TagNumber(3)
+  set issuer($core.String v) { $_setString(2, v); }
+  @$pb.TagNumber(3)
+  $core.bool hasIssuer() => $_has(2);
+  @$pb.TagNumber(3)
+  void clearIssuer() => clearField(3);
+
+  @$pb.TagNumber(4)
+  MigrationPayload_Algorithm get algorithm => $_getN(3);
+  @$pb.TagNumber(4)
+  set algorithm(MigrationPayload_Algorithm v) { setField(4, v); }
+  @$pb.TagNumber(4)
+  $core.bool hasAlgorithm() => $_has(3);
+  @$pb.TagNumber(4)
+  void clearAlgorithm() => clearField(4);
+
+  @$pb.TagNumber(5)
+  MigrationPayload_DigitCount get digits => $_getN(4);
+  @$pb.TagNumber(5)
+  set digits(MigrationPayload_DigitCount v) { setField(5, v); }
+  @$pb.TagNumber(5)
+  $core.bool hasDigits() => $_has(4);
+  @$pb.TagNumber(5)
+  void clearDigits() => clearField(5);
+
+  @$pb.TagNumber(6)
+  MigrationPayload_OtpType get type => $_getN(5);
+  @$pb.TagNumber(6)
+  set type(MigrationPayload_OtpType v) { setField(6, v); }
+  @$pb.TagNumber(6)
+  $core.bool hasType() => $_has(5);
+  @$pb.TagNumber(6)
+  void clearType() => clearField(6);
+
+  @$pb.TagNumber(7)
+  $fixnum.Int64 get counter => $_getI64(6);
+  @$pb.TagNumber(7)
+  set counter($fixnum.Int64 v) { $_setInt64(6, v); }
+  @$pb.TagNumber(7)
+  $core.bool hasCounter() => $_has(6);
+  @$pb.TagNumber(7)
+  void clearCounter() => clearField(7);
+}
+
+class MigrationPayload extends $pb.GeneratedMessage {
+  factory MigrationPayload() => create();
+  MigrationPayload._() : super();
+  factory MigrationPayload.fromBuffer($core.List<$core.int> i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromBuffer(i, r);
+  factory MigrationPayload.fromJson($core.String i, [$pb.ExtensionRegistry r = $pb.ExtensionRegistry.EMPTY]) => create()..mergeFromJson(i, r);
+
+  static final $pb.BuilderInfo _i = $pb.BuilderInfo(_omitMessageNames ? '' : 'MigrationPayload', package: const $pb.PackageName(_omitMessageNames ? '' : 'googleauth'), createEmptyInstance: create)
+    ..pc<MigrationPayload_OtpParameters>(1, _omitFieldNames ? '' : 'otpParameters', $pb.PbFieldType.PM, subBuilder: MigrationPayload_OtpParameters.create)
+    ..a<$core.int>(2, _omitFieldNames ? '' : 'version', $pb.PbFieldType.O3)
+    ..a<$core.int>(3, _omitFieldNames ? '' : 'batchSize', $pb.PbFieldType.O3)
+    ..a<$core.int>(4, _omitFieldNames ? '' : 'batchIndex', $pb.PbFieldType.O3)
+    ..a<$core.int>(5, _omitFieldNames ? '' : 'batchId', $pb.PbFieldType.O3)
+    ..hasRequiredFields = false
+  ;
+
+  @$core.Deprecated(
+  'Using this can add significant overhead to your binary. '
+  'Use [GeneratedMessageGenericExtensions.deepCopy] instead. '
+  'Will be removed in next major version')
+  MigrationPayload clone() => MigrationPayload()..mergeFromMessage(this);
+  @$core.Deprecated(
+  'Using this can add significant overhead to your binary. '
+  'Use [GeneratedMessageGenericExtensions.rebuild] instead. '
+  'Will be removed in next major version')
+  MigrationPayload copyWith(void Function(MigrationPayload) updates) => super.copyWith((message) => updates(message as MigrationPayload)) as MigrationPayload;
+
+  $pb.BuilderInfo get info_ => _i;
+
+  @$core.pragma('dart2js:noInline')
+  static MigrationPayload create() => MigrationPayload._();
+  MigrationPayload createEmptyInstance() => create();
+  static $pb.PbList<MigrationPayload> createRepeated() => $pb.PbList<MigrationPayload>();
+  @$core.pragma('dart2js:noInline')
+  static MigrationPayload getDefault() => _defaultInstance ??= $pb.GeneratedMessage.$_defaultFor<MigrationPayload>(create);
+  static MigrationPayload? _defaultInstance;
+
+  @$pb.TagNumber(1)
+  $core.List<MigrationPayload_OtpParameters> get otpParameters => $_getList(0);
+
+  @$pb.TagNumber(2)
+  $core.int get version => $_getIZ(1);
+  @$pb.TagNumber(2)
+  set version($core.int v) { $_setSignedInt32(1, v); }
+  @$pb.TagNumber(2)
+  $core.bool hasVersion() => $_has(1);
+  @$pb.TagNumber(2)
+  void clearVersion() => clearField(2);
+
+  @$pb.TagNumber(3)
+  $core.int get batchSize => $_getIZ(2);
+  @$pb.TagNumber(3)
+  set batchSize($core.int v) { $_setSignedInt32(2, v); }
+  @$pb.TagNumber(3)
+  $core.bool hasBatchSize() => $_has(2);
+  @$pb.TagNumber(3)
+  void clearBatchSize() => clearField(3);
+
+  @$pb.TagNumber(4)
+  $core.int get batchIndex => $_getIZ(3);
+  @$pb.TagNumber(4)
+  set batchIndex($core.int v) { $_setSignedInt32(3, v); }
+  @$pb.TagNumber(4)
+  $core.bool hasBatchIndex() => $_has(3);
+  @$pb.TagNumber(4)
+  void clearBatchIndex() => clearField(4);
+
+  @$pb.TagNumber(5)
+  $core.int get batchId => $_getIZ(4);
+  @$pb.TagNumber(5)
+  set batchId($core.int v) { $_setSignedInt32(4, v); }
+  @$pb.TagNumber(5)
+  $core.bool hasBatchId() => $_has(4);
+  @$pb.TagNumber(5)
+  void clearBatchId() => clearField(5);
+}
+
+
+const _omitFieldNames = $core.bool.fromEnvironment('protobuf.omit_field_names');
+const _omitMessageNames = $core.bool.fromEnvironment('protobuf.omit_message_names');

lib/models/protos/googleauth.pbenum.dart

@@ -0,0 +1,72 @@
+//
+//  Generated code. Do not modify.
+//  source: googleauth.proto
+//
+// @dart = 2.12
+
+// ignore_for_file: annotate_overrides, camel_case_types
+// ignore_for_file: constant_identifier_names, library_prefixes
+// ignore_for_file: non_constant_identifier_names, prefer_final_fields
+// ignore_for_file: unnecessary_import, unnecessary_this, unused_import
+
+import 'dart:core' as $core;
+
+import 'package:protobuf/protobuf.dart' as $pb;
+
+class MigrationPayload_Algorithm extends $pb.ProtobufEnum {
+  static const MigrationPayload_Algorithm ALGORITHM_UNSPECIFIED = MigrationPayload_Algorithm._(0, _omitEnumNames ? '' : 'ALGORITHM_UNSPECIFIED');
+  static const MigrationPayload_Algorithm ALGORITHM_SHA1 = MigrationPayload_Algorithm._(1, _omitEnumNames ? '' : 'ALGORITHM_SHA1');
+  static const MigrationPayload_Algorithm ALGORITHM_SHA256 = MigrationPayload_Algorithm._(2, _omitEnumNames ? '' : 'ALGORITHM_SHA256');
+  static const MigrationPayload_Algorithm ALGORITHM_SHA512 = MigrationPayload_Algorithm._(3, _omitEnumNames ? '' : 'ALGORITHM_SHA512');
+  static const MigrationPayload_Algorithm ALGORITHM_MD5 = MigrationPayload_Algorithm._(4, _omitEnumNames ? '' : 'ALGORITHM_MD5');
+
+  static const $core.List<MigrationPayload_Algorithm> values = <MigrationPayload_Algorithm> [
+    ALGORITHM_UNSPECIFIED,
+    ALGORITHM_SHA1,
+    ALGORITHM_SHA256,
+    ALGORITHM_SHA512,
+    ALGORITHM_MD5,
+  ];
+
+  static final $core.Map<$core.int, MigrationPayload_Algorithm> _byValue = $pb.ProtobufEnum.initByValue(values);
+  static MigrationPayload_Algorithm? valueOf($core.int value) => _byValue[value];
+
+  const MigrationPayload_Algorithm._($core.int v, $core.String n) : super(v, n);
+}
+
+class MigrationPayload_DigitCount extends $pb.ProtobufEnum {
+  static const MigrationPayload_DigitCount DIGIT_COUNT_UNSPECIFIED = MigrationPayload_DigitCount._(0, _omitEnumNames ? '' : 'DIGIT_COUNT_UNSPECIFIED');
+  static const MigrationPayload_DigitCount DIGIT_COUNT_SIX = MigrationPayload_DigitCount._(1, _omitEnumNames ? '' : 'DIGIT_COUNT_SIX');
+  static const MigrationPayload_DigitCount DIGIT_COUNT_EIGHT = MigrationPayload_DigitCount._(2, _omitEnumNames ? '' : 'DIGIT_COUNT_EIGHT');
+
+  static const $core.List<MigrationPayload_DigitCount> values = <MigrationPayload_DigitCount> [
+    DIGIT_COUNT_UNSPECIFIED,
+    DIGIT_COUNT_SIX,
+    DIGIT_COUNT_EIGHT,
+  ];
+
+  static final $core.Map<$core.int, MigrationPayload_DigitCount> _byValue = $pb.ProtobufEnum.initByValue(values);
+  static MigrationPayload_DigitCount? valueOf($core.int value) => _byValue[value];
+
+  const MigrationPayload_DigitCount._($core.int v, $core.String n) : super(v, n);
+}
+
+class MigrationPayload_OtpType extends $pb.ProtobufEnum {
+  static const MigrationPayload_OtpType OTP_TYPE_UNSPECIFIED = MigrationPayload_OtpType._(0, _omitEnumNames ? '' : 'OTP_TYPE_UNSPECIFIED');
+  static const MigrationPayload_OtpType OTP_TYPE_HOTP = MigrationPayload_OtpType._(1, _omitEnumNames ? '' : 'OTP_TYPE_HOTP');
+  static const MigrationPayload_OtpType OTP_TYPE_TOTP = MigrationPayload_OtpType._(2, _omitEnumNames ? '' : 'OTP_TYPE_TOTP');
+
+  static const $core.List<MigrationPayload_OtpType> values = <MigrationPayload_OtpType> [
+    OTP_TYPE_UNSPECIFIED,
+    OTP_TYPE_HOTP,
+    OTP_TYPE_TOTP,
+  ];
+
+  static final $core.Map<$core.int, MigrationPayload_OtpType> _byValue = $pb.ProtobufEnum.initByValue(values);
+  static MigrationPayload_OtpType? valueOf($core.int value) => _byValue[value];
+
+  const MigrationPayload_OtpType._($core.int v, $core.String n) : super(v, n);
+}
+
+
+const _omitEnumNames = $core.bool.fromEnvironment('protobuf.omit_enum_names');

lib/models/protos/googleauth.pbjson.dart

@@ -0,0 +1,93 @@
+//
+//  Generated code. Do not modify.
+//  source: googleauth.proto
+//
+// @dart = 2.12
+
+// ignore_for_file: annotate_overrides, camel_case_types
+// ignore_for_file: constant_identifier_names, library_prefixes
+// ignore_for_file: non_constant_identifier_names, prefer_final_fields
+// ignore_for_file: unnecessary_import, unnecessary_this, unused_import
+
+import 'dart:convert' as $convert;
+import 'dart:core' as $core;
+import 'dart:typed_data' as $typed_data;
+
+@$core.Deprecated('Use migrationPayloadDescriptor instead')
+const MigrationPayload$json = {
+  '1': 'MigrationPayload',
+  '2': [
+    {'1': 'otp_parameters', '3': 1, '4': 3, '5': 11, '6': '.googleauth.MigrationPayload.OtpParameters', '10': 'otpParameters'},
+    {'1': 'version', '3': 2, '4': 1, '5': 5, '10': 'version'},
+    {'1': 'batch_size', '3': 3, '4': 1, '5': 5, '10': 'batchSize'},
+    {'1': 'batch_index', '3': 4, '4': 1, '5': 5, '10': 'batchIndex'},
+    {'1': 'batch_id', '3': 5, '4': 1, '5': 5, '10': 'batchId'},
+  ],
+  '3': [MigrationPayload_OtpParameters$json],
+  '4': [MigrationPayload_Algorithm$json, MigrationPayload_DigitCount$json, MigrationPayload_OtpType$json],
+};
+
+@$core.Deprecated('Use migrationPayloadDescriptor instead')
+const MigrationPayload_OtpParameters$json = {
+  '1': 'OtpParameters',
+  '2': [
+    {'1': 'secret', '3': 1, '4': 1, '5': 12, '10': 'secret'},
+    {'1': 'name', '3': 2, '4': 1, '5': 9, '10': 'name'},
+    {'1': 'issuer', '3': 3, '4': 1, '5': 9, '10': 'issuer'},
+    {'1': 'algorithm', '3': 4, '4': 1, '5': 14, '6': '.googleauth.MigrationPayload.Algorithm', '10': 'algorithm'},
+    {'1': 'digits', '3': 5, '4': 1, '5': 14, '6': '.googleauth.MigrationPayload.DigitCount', '10': 'digits'},
+    {'1': 'type', '3': 6, '4': 1, '5': 14, '6': '.googleauth.MigrationPayload.OtpType', '10': 'type'},
+    {'1': 'counter', '3': 7, '4': 1, '5': 3, '10': 'counter'},
+  ],
+};
+
+@$core.Deprecated('Use migrationPayloadDescriptor instead')
+const MigrationPayload_Algorithm$json = {
+  '1': 'Algorithm',
+  '2': [
+    {'1': 'ALGORITHM_UNSPECIFIED', '2': 0},
+    {'1': 'ALGORITHM_SHA1', '2': 1},
+    {'1': 'ALGORITHM_SHA256', '2': 2},
+    {'1': 'ALGORITHM_SHA512', '2': 3},
+    {'1': 'ALGORITHM_MD5', '2': 4},
+  ],
+};
+
+@$core.Deprecated('Use migrationPayloadDescriptor instead')
+const MigrationPayload_DigitCount$json = {
+  '1': 'DigitCount',
+  '2': [
+    {'1': 'DIGIT_COUNT_UNSPECIFIED', '2': 0},
+    {'1': 'DIGIT_COUNT_SIX', '2': 1},
+    {'1': 'DIGIT_COUNT_EIGHT', '2': 2},
+  ],
+};
+
+@$core.Deprecated('Use migrationPayloadDescriptor instead')
+const MigrationPayload_OtpType$json = {
+  '1': 'OtpType',
+  '2': [
+    {'1': 'OTP_TYPE_UNSPECIFIED', '2': 0},
+    {'1': 'OTP_TYPE_HOTP', '2': 1},
+    {'1': 'OTP_TYPE_TOTP', '2': 2},
+  ],
+};
+
+/// Descriptor for `MigrationPayload`. Decode as a `google.protobuf.DescriptorProto`.
+final $typed_data.Uint8List migrationPayloadDescriptor = $convert.base64Decode(
+    'ChBNaWdyYXRpb25QYXlsb2FkElEKDm90cF9wYXJhbWV0ZXJzGAEgAygLMiouZ29vZ2xlYXV0aC'
+    '5NaWdyYXRpb25QYXlsb2FkLk90cFBhcmFtZXRlcnNSDW90cFBhcmFtZXRlcnMSGAoHdmVyc2lv'
+    'bhgCIAEoBVIHdmVyc2lvbhIdCgpiYXRjaF9zaXplGAMgASgFUgliYXRjaFNpemUSHwoLYmF0Y2'
+    'hfaW5kZXgYBCABKAVSCmJhdGNoSW5kZXgSGQoIYmF0Y2hfaWQYBSABKAVSB2JhdGNoSWQargIK'
+    'DU90cFBhcmFtZXRlcnMSFgoGc2VjcmV0GAEgASgMUgZzZWNyZXQSEgoEbmFtZRgCIAEoCVIEbm'
+    'FtZRIWCgZpc3N1ZXIYAyABKAlSBmlzc3VlchJECglhbGdvcml0aG0YBCABKA4yJi5nb29nbGVh'
+    'dXRoLk1pZ3JhdGlvblBheWxvYWQuQWxnb3JpdGhtUglhbGdvcml0aG0SPwoGZGlnaXRzGAUgAS'
+    'gOMicuZ29vZ2xlYXV0aC5NaWdyYXRpb25QYXlsb2FkLkRpZ2l0Q291bnRSBmRpZ2l0cxI4CgR0'
+    'eXBlGAYgASgOMiQuZ29vZ2xlYXV0aC5NaWdyYXRpb25QYXlsb2FkLk90cFR5cGVSBHR5cGUSGA'
+    'oHY291bnRlchgHIAEoA1IHY291bnRlciJ5CglBbGdvcml0aG0SGQoVQUxHT1JJVEhNX1VOU1BF'
+    'Q0lGSUVEEAASEgoOQUxHT1JJVEhNX1NIQTEQARIUChBBTEdPUklUSE1fU0hBMjU2EAISFAoQQU'
+    'xHT1JJVEhNX1NIQTUxMhADEhEKDUFMR09SSVRITV9NRDUQBCJVCgpEaWdpdENvdW50EhsKF0RJ'
+    'R0lUX0NPVU5UX1VOU1BFQ0lGSUVEEAASEwoPRElHSVRfQ09VTlRfU0lYEAESFQoRRElHSVRfQ0'
+    '9VTlRfRUlHSFQQAiJJCgdPdHBUeXBlEhgKFE9UUF9UWVBFX1VOU1BFQ0lGSUVEEAASEQoNT1RQ'
+    'X1RZUEVfSE9UUBABEhEKDU9UUF9UWVBFX1RPVFAQAg==');
+

lib/models/protos/googleauth.pbserver.dart

@@ -0,0 +1,14 @@
+//
+//  Generated code. Do not modify.
+//  source: googleauth.proto
+//
+// @dart = 2.12
+
+// ignore_for_file: annotate_overrides, camel_case_types
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: deprecated_member_use_from_same_package, library_prefixes
+// ignore_for_file: non_constant_identifier_names, prefer_final_fields
+// ignore_for_file: unnecessary_import, unnecessary_this, unused_import
+
+export 'googleauth.pb.dart';
+

lib/models/user_details.dart

@@ -1,3 +1,4 @@
+import 'dart:convert';
 import 'dart:math';
 
 import 'package:collection/collection.dart';
@@ -10,6 +11,7 @@ class UserDetails {
   final int sharedCollectionsCount;
   final Subscription subscription;
   final FamilyData? familyData;
+  final ProfileData? profileData;
 
   UserDetails(
     this.email,
@@ -18,6 +20,7 @@ class UserDetails {
     this.sharedCollectionsCount,
     this.subscription,
     this.familyData,
+      this.profileData,
   );
 
   bool isPartOfFamily() {
@@ -59,8 +62,10 @@ class UserDetails {
       (map['sharedCollectionsCount'] ?? 0) as int,
       Subscription.fromMap(map['subscription']),
       FamilyData.fromMap(map['familyData']),
+      ProfileData.fromJson(map['profileData']),
     );
   }
+
 }
 
 class FamilyMember {
@@ -80,7 +85,39 @@ class FamilyMember {
     );
   }
 }
+class ProfileData {
+  bool canDisableEmailMFA;
+  bool isEmailMFAEnabled;
+  bool isTwoFactorEnabled;
 
+  // Constructor with default values
+  ProfileData({
+    this.canDisableEmailMFA = false,
+    this.isEmailMFAEnabled = false,
+    this.isTwoFactorEnabled = false,
+  });
+
+  // Factory method to create ProfileData instance from JSON
+  factory ProfileData.fromJson(Map<String, dynamic>? json) {
+    if (json == null) null;
+
+    return ProfileData(
+      canDisableEmailMFA: json!['canDisableEmailMFA'] ?? false,
+      isEmailMFAEnabled: json['isEmailMFAEnabled'] ?? false,
+      isTwoFactorEnabled: json['isTwoFactorEnabled'] ?? false,
+    );
+  }
+
+  // Method to convert ProfileData instance to JSON
+  Map<String, dynamic> toJson() {
+    return {
+      'canDisableEmailMFA': canDisableEmailMFA,
+      'isEmailMFAEnabled': isEmailMFAEnabled,
+      'isTwoFactorEnabled': isTwoFactorEnabled,
+    };
+  }
+  String toJsonString() => json.encode(toJson());
+}
 class FamilyData {
   final List<FamilyMember>? members;
 

lib/onboarding/view/onboarding_page.dart

@@ -163,7 +163,7 @@ class _OnboardingPageState extends State<OnboardingPage> {
       // No key
       if (Configuration.instance.getKeyAttributes() == null) {
         // Never had a key
-        page = const PasswordEntryPage();
+        page = const PasswordEntryPage(mode: PasswordEntryMode.set,);
       } else if (Configuration.instance.getKey() == null) {
         // Yet to decrypt the key
         page = const PasswordReentryPage();
@@ -189,7 +189,7 @@ class _OnboardingPageState extends State<OnboardingPage> {
       // No key
       if (Configuration.instance.getKeyAttributes() == null) {
         // Never had a key
-        page = const PasswordEntryPage();
+        page = const PasswordEntryPage(mode: PasswordEntryMode.set,);
       } else if (Configuration.instance.getKey() == null) {
         // Yet to decrypt the key
         page = const PasswordReentryPage();

lib/onboarding/view/setup_enter_secret_key_page.dart

@@ -23,12 +23,12 @@ class _SetupEnterSecretKeyPageState extends State<SetupEnterSecretKeyPage> {
   void initState() {
     _issuerController = TextEditingController(
       text: widget.code != null
-          ? Uri.decodeFull(widget.code!.issuer).trim()
+          ? safeDecode(widget.code!.issuer).trim()
           : null,
     );
     _accountController = TextEditingController(
       text: widget.code != null
-          ? Uri.decodeFull(widget.code!.account).trim()
+          ? safeDecode(widget.code!.account).trim()
           : null,
     );
     _secretController = TextEditingController(
@@ -108,9 +108,9 @@ class _SetupEnterSecretKeyPageState extends State<SetupEnterSecretKeyPage> {
                           _secretController.text.trim().isEmpty) {
                         String message;
                         if (_secretController.text.trim().isEmpty) {
-                          message = "Secret can not be empty";
+                          message = context.l10n.secretCanNotBeEmpty;
                         } else {
-                          message = "Both account and issuer can not be empty";
+                          message = context.l10n.bothIssuerAndAccountCanNotBeEmpty;
                         }
                         _showIncorrectDetailsDialog(context, message: message);
                         return;
@@ -132,7 +132,7 @@ class _SetupEnterSecretKeyPageState extends State<SetupEnterSecretKeyPage> {
                                 secret: secret,
                               );
                         // Verify the validity of the code
-                        getTotp(newCode);
+                        getOTP(newCode);
                         Navigator.of(context).pop(newCode);
                       } catch (e) {
                         _showIncorrectDetailsDialog(context);
@@ -157,12 +157,12 @@ class _SetupEnterSecretKeyPageState extends State<SetupEnterSecretKeyPage> {
 
   void _showIncorrectDetailsDialog(
     BuildContext context, {
-    String message = "Please verify the entered details",
+    String? message,
   }) {
     showErrorDialog(
       context,
-      "Incorrect details",
-      message,
+      context.l10n.incorrectDetails,
+      message ?? context.l10n.pleaseVerifyDetails,
     );
   }
 }

lib/onboarding/view/view_qr_page.dart

@@ -0,0 +1,100 @@
+
+import 'dart:math';
+
+import "package:ente_auth/l10n/l10n.dart";
+import 'package:ente_auth/models/code.dart';
+import 'package:ente_auth/theme/ente_theme.dart';
+import "package:flutter/material.dart";
+import 'package:qr_flutter/qr_flutter.dart';
+
+class ViewQrPage extends StatelessWidget {
+  final Code? code;
+
+  ViewQrPage({this.code, Key? key}) : super(key: key);
+
+  @override
+  Widget build(BuildContext context) {
+    final screenWidth = MediaQuery.of(context).size.width;
+    final double qrSize = min(screenWidth - 80, 300.0);
+    final enteTextTheme = getEnteTextTheme(context);
+    final l10n = context.l10n;
+    return Scaffold(
+      appBar: AppBar(
+        title: Text(l10n.qrCode),
+      ),
+      body: SafeArea(
+        child: Center(
+          child: Padding(
+            padding: const EdgeInsets.symmetric(vertical: 40.0, horizontal: 40),
+            child: Column(
+              children: [
+                QrImage(
+                  data: code!.rawData,
+                  foregroundColor: Theme.of(context).colorScheme.onBackground,
+                  version: QrVersions.auto,
+                  size: qrSize,
+                ),
+                const SizedBox(
+                  height: 20,
+                ),
+                Row(
+                  mainAxisAlignment: MainAxisAlignment.center,
+                  children: [
+                    Text(
+                      l10n.account,
+                      style: enteTextTheme.largeMuted,
+                    ),
+                    const SizedBox(
+                      width: 10,
+                    ),
+                    Text(
+                      code?.account ?? '',
+                      style: enteTextTheme.largeBold,
+                    ),
+                  ],
+                ),
+                const SizedBox(
+                  height: 4,
+                ),
+                Row(
+                  mainAxisAlignment: MainAxisAlignment.center,
+                  children: [
+                    Text(
+                      l10n.codeIssuerHint,
+                      style: enteTextTheme.largeMuted,
+                    ),
+                    const SizedBox(
+                      width: 10,
+                    ),
+                    Text(
+                      code?.issuer ?? '',
+                      style: enteTextTheme.largeBold,
+                    ),
+                  ],
+                ),
+                const SizedBox(
+                  height: 80,
+                ),
+                SizedBox(
+                  width: 400,
+                  child: OutlinedButton(
+                    onPressed: () {
+                      Navigator.of(context).pop();
+                    },
+                    child: Padding(
+                      padding: const EdgeInsets.symmetric(
+                        horizontal: 16.0,
+                        vertical: 4,
+                      ),
+                      child: Text(l10n.back),
+                    ),
+                  ),
+                )
+              ],
+            ),
+          ),
+        ),
+      ),
+    );
+  }
+}

lib/services/authenticator_service.dart

@@ -217,7 +217,7 @@ class AuthenticatorService {
       final AuthKey response = await _gateway.getKey();
       final authKey = CryptoUtil.decryptSync(
         Sodium.base642bin(response.encryptedKey),
-        _config.getKey(),
+        _config.getKey()!,
         Sodium.base642bin(response.header),
       );
       await _config.setAuthSecretKey(Sodium.bin2base64(authKey));

lib/services/update_service.dart

@@ -5,16 +5,18 @@ import 'dart:io';
 import 'package:ente_auth/core/constants.dart';
 import 'package:ente_auth/core/network.dart';
 import 'package:ente_auth/services/notification_service.dart';
-import 'package:flutter/foundation.dart';
 import 'package:logging/logging.dart';
 import 'package:package_info_plus/package_info_plus.dart';
 import 'package:shared_preferences/shared_preferences.dart';
+import 'package:tuple/tuple.dart';
+import 'package:url_launcher/url_launcher_string.dart';
 
 class UpdateService {
   UpdateService._privateConstructor();
 
   static final UpdateService instance = UpdateService._privateConstructor();
   static const kUpdateAvailableShownTimeKey = "update_available_shown_time_key";
+  static const String flavor = String.fromEnvironment('app.flavor');
 
   LatestVersionInfo? _latestVersion;
   final _logger = Logger("UpdateService");
@@ -87,11 +89,47 @@ class UpdateService {
     return LatestVersionInfo.fromMap(response.data["latestVersion"]);
   }
 
-  bool isIndependent() {
-    if (Platform.isIOS) {
-      return false;
+  // getRateDetails returns details about the place
+  Tuple2<String, String> getRateDetails() {
+    // Note: in auth, currently we don't have a way to identify if the
+    // app was installed from play store, f-droid or github based on pkg name
+    if (Platform.isAndroid) {
+      if(flavor == "playstore") {
+        return const Tuple2(
+          "Play Store",
+          "market://details??id=io.ente.auth",
+        );
+      }
+      return const Tuple2(
+        "AlternativeTo",
+        "https://alternativeto.net/software/ente-authenticator/about/",
+      );
     }
-    return kDebugMode || _packageInfo.packageName.endsWith("independent");
+    return const Tuple2(
+      "App Store",
+      "https://apps.apple.com/in/app/ente-photos/id6444121398",
+    );
+  }
+
+  Future<void> launchReviewUrl() async {
+    final String url = getRateDetails().item2;
+    try {
+      await launchUrlString(url, mode: LaunchMode.externalApplication);
+    } catch (e) {
+      _logger.severe("Failed top open launch url $url", e);
+      // Fall back if we fail to open play-store market app on android
+      if (Platform.isAndroid && url.startsWith("market://")) {
+        launchUrlString(
+          "https://play.google.com/store/apps/details?id=io"
+              ".ente.auth",
+          mode: LaunchMode.externalApplication,
+        ).ignore();
+      }
+    }
+  }
+
+  bool isIndependent() {
+    return flavor == "independent" || _packageInfo.packageName.endsWith("independent");
   }
 }
 

lib/store/code_store.dart

@@ -1,5 +1,6 @@
 import 'dart:convert';
 
+import 'package:collection/collection.dart';
 import 'package:ente_auth/core/event_bus.dart';
 import 'package:ente_auth/events/codes_updated_event.dart';
 import 'package:ente_auth/models/authenticator/entity_result.dart';
@@ -33,11 +34,11 @@ class CodeStore {
 
     // sort codes by issuer,account
     codes.sort((a, b) {
-      final issuerComparison = a.issuer.compareTo(b.issuer);
+      final issuerComparison = compareAsciiLowerCaseNatural(a.issuer, b.issuer);
       if (issuerComparison != 0) {
         return issuerComparison;
       }
-      return a.account.compareTo(b.account);
+      return compareAsciiLowerCaseNatural(a.account, b.account);
     });
     return codes;
   }

lib/theme/text_style.dart

@@ -5,6 +5,18 @@ const FontWeight _regularWeight = FontWeight.w500;
 const FontWeight _boldWeight = FontWeight.w600;
 const String _fontFamily = 'Inter';
 
+const TextStyle brandStyleSmall = TextStyle(
+  fontWeight: FontWeight.bold,
+  fontFamily: 'Montserrat',
+  fontSize: 21,
+);
+
+const TextStyle brandStyleMedium = TextStyle(
+  fontWeight: FontWeight.bold,
+  fontFamily: 'Montserrat',
+  fontSize: 24,
+);
+
 const TextStyle h1 = TextStyle(
   fontSize: 48,
   height: 48 / 28,
@@ -31,7 +43,7 @@ const TextStyle large = TextStyle(
 );
 const TextStyle body = TextStyle(
   fontSize: 16,
-  height: 19.4 / 16.0,
+  height: 20 / 16.0,
   fontWeight: _regularWeight,
   fontFamily: _fontFamily,
 );
@@ -71,6 +83,29 @@ class EnteTextTheme {
   final TextStyle miniBold;
   final TextStyle tiny;
   final TextStyle tinyBold;
+  final TextStyle brandSmall;
+  final TextStyle brandMedium;
+
+  // textMuted variants
+  final TextStyle h1Muted;
+  final TextStyle h2Muted;
+  final TextStyle h3Muted;
+  final TextStyle largeMuted;
+  final TextStyle bodyMuted;
+  final TextStyle smallMuted;
+  final TextStyle miniMuted;
+  final TextStyle miniBoldMuted;
+  final TextStyle tinyMuted;
+
+  // textFaint variants
+  final TextStyle h1Faint;
+  final TextStyle h2Faint;
+  final TextStyle h3Faint;
+  final TextStyle largeFaint;
+  final TextStyle bodyFaint;
+  final TextStyle smallFaint;
+  final TextStyle miniFaint;
+  final TextStyle tinyFaint;
 
   const EnteTextTheme({
     required this.h1,
@@ -89,13 +124,45 @@ class EnteTextTheme {
     required this.miniBold,
     required this.tiny,
     required this.tinyBold,
+    required this.brandSmall,
+    required this.brandMedium,
+    required this.h1Muted,
+    required this.h2Muted,
+    required this.h3Muted,
+    required this.largeMuted,
+    required this.bodyMuted,
+    required this.smallMuted,
+    required this.miniMuted,
+    required this.miniBoldMuted,
+    required this.tinyMuted,
+    required this.h1Faint,
+    required this.h2Faint,
+    required this.h3Faint,
+    required this.largeFaint,
+    required this.bodyFaint,
+    required this.smallFaint,
+    required this.miniFaint,
+    required this.tinyFaint,
   });
 }
 
-EnteTextTheme lightTextTheme = _buildEnteTextStyle(textBaseLight);
-EnteTextTheme darkTextTheme = _buildEnteTextStyle(textBaseDark);
+EnteTextTheme lightTextTheme = _buildEnteTextStyle(
+  textBaseLight,
+  textMutedLight,
+  textFaintLight,
+);
 
-EnteTextTheme _buildEnteTextStyle(Color color) {
+EnteTextTheme darkTextTheme = _buildEnteTextStyle(
+  textBaseDark,
+  textMutedDark,
+  textFaintDark,
+);
+
+EnteTextTheme _buildEnteTextStyle(
+    Color color,
+    Color textMuted,
+    Color textFaint,
+    ) {
   return EnteTextTheme(
     h1: h1.copyWith(color: color),
     h1Bold: h1.copyWith(color: color, fontWeight: _boldWeight),
@@ -113,5 +180,24 @@ EnteTextTheme _buildEnteTextStyle(Color color) {
     miniBold: mini.copyWith(color: color, fontWeight: _boldWeight),
     tiny: tiny.copyWith(color: color),
     tinyBold: tiny.copyWith(color: color, fontWeight: _boldWeight),
+    brandSmall: brandStyleSmall.copyWith(color: color),
+    brandMedium: brandStyleMedium.copyWith(color: color),
+    h1Muted: h1.copyWith(color: textMuted),
+    h2Muted: h2.copyWith(color: textMuted),
+    h3Muted: h3.copyWith(color: textMuted),
+    largeMuted: large.copyWith(color: textMuted),
+    bodyMuted: body.copyWith(color: textMuted),
+    smallMuted: small.copyWith(color: textMuted),
+    miniMuted: mini.copyWith(color: textMuted),
+    miniBoldMuted: mini.copyWith(color: textMuted, fontWeight: _boldWeight),
+    tinyMuted: tiny.copyWith(color: textMuted),
+    h1Faint: h1.copyWith(color: textFaint),
+    h2Faint: h2.copyWith(color: textFaint),
+    h3Faint: h3.copyWith(color: textFaint),
+    largeFaint: large.copyWith(color: textFaint),
+    bodyFaint: body.copyWith(color: textFaint),
+    smallFaint: small.copyWith(color: textFaint),
+    miniFaint: mini.copyWith(color: textFaint),
+    tinyFaint: tiny.copyWith(color: textFaint),
   );
 }

lib/ui/account/login_page.dart

@@ -1,10 +1,14 @@
 import 'package:email_validator/email_validator.dart';
 import 'package:ente_auth/core/configuration.dart';
+import 'package:ente_auth/core/errors.dart';
 import "package:ente_auth/l10n/l10n.dart";
+import 'package:ente_auth/models/api/user/srp.dart';
 import 'package:ente_auth/services/user_service.dart';
+import 'package:ente_auth/ui/account/login_pwd_verification_page.dart';
 import 'package:ente_auth/ui/common/dynamic_fab.dart';
 import 'package:ente_auth/ui/common/web_page.dart';
 import 'package:flutter/material.dart';
+import 'package:logging/logging.dart';
 import "package:styled_text/styled_text.dart";
 
 class LoginPage extends StatefulWidget {
@@ -19,6 +23,7 @@ class _LoginPageState extends State<LoginPage> {
   bool _emailIsValid = false;
   String? _email;
   Color? _emailInputFieldColor;
+  final Logger _logger = Logger('_LoginPageState');
 
   @override
   void initState() {
@@ -55,10 +60,32 @@ class _LoginPageState extends State<LoginPage> {
         isKeypadOpen: isKeypadOpen,
         isFormValid: _emailIsValid,
         buttonText: context.l10n.logInLabel,
-        onPressedFunction: () {
+        onPressedFunction: () async {
           UserService.instance.setEmail(_email!);
-          UserService.instance
-              .sendOtt(context, _email!, isCreateAccountScreen: false);
+          SrpAttributes? attr;
+          bool isEmailVerificationEnabled = true;
+          try {
+            attr = await UserService.instance.getSrpAttributes(_email!);
+            isEmailVerificationEnabled = attr.isEmailMFAEnabled;
+          } catch (e) {
+            if (e is! SrpSetupNotCompleteError) {
+              _logger.severe('Error getting SRP attributes', e);
+            }
+          }
+          if (attr != null && !isEmailVerificationEnabled) {
+            Navigator.of(context).push(
+              MaterialPageRoute(
+                builder: (BuildContext context) {
+                  return LoginPasswordVerificationPage(
+                    srpAttributes: attr!,
+                  );
+                },
+              ),
+            );
+          } else {
+            await UserService.instance
+                .sendOtt(context, _email!, isCreateAccountScreen: false);
+          }
           FocusScope.of(context).unfocus();
         },
       ),

lib/ui/account/login_pwd_verification_page.dart

@@ -0,0 +1,232 @@
+
+import 'package:ente_auth/core/configuration.dart';
+import "package:ente_auth/l10n/l10n.dart";
+import "package:ente_auth/models/api/user/srp.dart";
+import "package:ente_auth/services/user_service.dart";
+import "package:ente_auth/theme/ente_theme.dart";
+import 'package:ente_auth/ui/common/dynamic_fab.dart';
+import "package:ente_auth/utils/dialog_util.dart";
+import 'package:flutter/material.dart';
+import "package:logging/logging.dart";
+
+// LoginPasswordVerificationPage is a page that allows the user to enter their password to verify their identity.
+// If the password is correct, then the user is either directed to
+// PasswordReentryPage (if the user has not yet set up 2FA) or TwoFactorAuthenticationPage (if the user has set up 2FA).
+// In the PasswordReentryPage, the password is auto-filled based on the
+// volatile password.
+class LoginPasswordVerificationPage extends StatefulWidget {
+  final SrpAttributes srpAttributes;
+  const LoginPasswordVerificationPage({Key? key, required this.srpAttributes}) : super(key: key);
+
+  @override
+  State<LoginPasswordVerificationPage> createState() => _LoginPasswordVerificationPageState();
+}
+
+class _LoginPasswordVerificationPageState extends
+State<LoginPasswordVerificationPage> {
+  final _logger = Logger((_LoginPasswordVerificationPageState).toString());
+  final _passwordController = TextEditingController();
+  final FocusNode _passwordFocusNode = FocusNode();
+  String? email;
+  bool _passwordInFocus = false;
+  bool _passwordVisible = false;
+
+  @override
+  void initState() {
+    super.initState();
+    email = Configuration.instance.getEmail();
+    _passwordFocusNode.addListener(() {
+      setState(() {
+        _passwordInFocus = _passwordFocusNode.hasFocus;
+      });
+    });
+  }
+
+  @override
+  Widget build(BuildContext context) {
+    final isKeypadOpen = MediaQuery.of(context).viewInsets.bottom > 100;
+
+    FloatingActionButtonLocation? fabLocation() {
+      if (isKeypadOpen) {
+        return null;
+      } else {
+        return FloatingActionButtonLocation.centerFloat;
+      }
+    }
+
+    return Scaffold(
+      resizeToAvoidBottomInset: isKeypadOpen,
+      appBar: AppBar(
+        elevation: 0,
+        leading: IconButton(
+          icon: const Icon(Icons.arrow_back),
+          color: Theme.of(context).iconTheme.color,
+          onPressed: () {
+            Navigator.of(context).pop();
+          },
+        ),
+      ),
+      body: _getBody(),
+      floatingActionButton: DynamicFAB(
+        key: const ValueKey("verifyPasswordButton"),
+        isKeypadOpen: isKeypadOpen,
+        isFormValid: _passwordController.text.isNotEmpty,
+        buttonText: context.l10n.logInLabel,
+        onPressedFunction: () async {
+          FocusScope.of(context).unfocus();
+          await UserService.instance.verifyEmailViaPassword(context, widget
+              .srpAttributes,
+              _passwordController.text,);
+        },
+      ),
+      floatingActionButtonLocation: fabLocation(),
+      floatingActionButtonAnimator: NoScalingAnimation(),
+    );
+  }
+
+  Widget _getBody() {
+    return Column(
+      children: [
+        Expanded(
+          child: AutofillGroup(
+            child: ListView(
+              children: [
+                Padding(
+                  padding:
+                  const EdgeInsets.only(top: 30, left: 20, right: 20),
+                  child: Text(
+                    context.l10n.enterPassword,
+                    style: Theme.of(context).textTheme.headlineMedium,
+                  ),
+                ),
+                Padding(
+                  padding: const EdgeInsets.only(bottom: 30, left: 22, right:
+                  20,),
+                  child: Text(email ?? '', style: getEnteTextTheme(context).smallMuted,),
+                ),
+                Visibility(
+                  // hidden textForm for suggesting auto-fill service for saving
+                  // password
+                  visible: false,
+                  child: TextFormField(
+                    autofillHints: const [
+                      AutofillHints.email,
+                    ],
+                    autocorrect: false,
+                    keyboardType: TextInputType.emailAddress,
+                    initialValue: email,
+                    textInputAction: TextInputAction.next,
+                  ),
+                ),
+                Padding(
+                  padding: const EdgeInsets.fromLTRB(20, 24, 20, 0),
+                  child: TextFormField(
+                    key: const ValueKey("passwordInputField"),
+                    autofillHints: const [AutofillHints.password],
+                    decoration: InputDecoration(
+                      hintText: context.l10n.enterYourPasswordHint,
+                      filled: true,
+                      contentPadding: const EdgeInsets.all(20),
+                      border: UnderlineInputBorder(
+                        borderSide: BorderSide.none,
+                        borderRadius: BorderRadius.circular(6),
+                      ),
+                      suffixIcon: _passwordInFocus
+                          ? IconButton(
+                        icon: Icon(
+                          _passwordVisible
+                              ? Icons.visibility
+                              : Icons.visibility_off,
+                          color: Theme.of(context).iconTheme.color,
+                          size: 20,
+                        ),
+                        onPressed: () {
+                          setState(() {
+                            _passwordVisible = !_passwordVisible;
+                          });
+                        },
+                      )
+                          : null,
+                    ),
+                    style: const TextStyle(
+                      fontSize: 14,
+                    ),
+                    controller: _passwordController,
+                    autofocus: true,
+                    autocorrect: false,
+                    obscureText: !_passwordVisible,
+                    keyboardType: TextInputType.visiblePassword,
+                    focusNode: _passwordFocusNode,
+                    onChanged: (_) {
+                      setState(() {});
+                    },
+                  ),
+                ),
+                const Padding(
+                  padding: EdgeInsets.symmetric(vertical: 18),
+                  child: Divider(
+                    thickness: 1,
+                  ),
+                ),
+                Padding(
+                  padding: const EdgeInsets.symmetric(horizontal: 20),
+                  child: Row(
+                    mainAxisAlignment: MainAxisAlignment.spaceBetween,
+                    children: [
+                      GestureDetector(
+                        behavior: HitTestBehavior.opaque,
+                        onTap: () async {
+                          await UserService.instance
+                              .sendOtt(context, email!,
+                              isResetPasswordScreen: true,);
+                        },
+                        child: Center(
+                          child: Text(
+                            context.l10n.forgotPassword,
+                            style: Theme.of(context)
+                                .textTheme
+                                .titleMedium!
+                                .copyWith(
+                              fontSize: 14,
+                              decoration: TextDecoration.underline,
+                            ),
+                          ),
+                        ),
+                      ),
+                      GestureDetector(
+                        behavior: HitTestBehavior.opaque,
+                        onTap: () async {
+                          final dialog = createProgressDialog(
+                            context,
+                            context.l10n.pleaseWait,
+                          );
+                          await dialog.show();
+                          await Configuration.instance.logout();
+                          await dialog.hide();
+                          Navigator.of(context)
+                              .popUntil((route) => route.isFirst);
+                        },
+                        child: Center(
+                          child: Text(
+                            context.l10n.changeEmail,
+                            style: Theme.of(context)
+                                .textTheme
+                                .titleMedium!
+                                .copyWith(
+                              fontSize: 14,
+                              decoration: TextDecoration.underline,
+                            ),
+                          ),
+                        ),
+                      ),
+                    ],
+                  ),
+                )
+              ],
+            ),
+          ),
+        ),
+      ],
+    );
+  }
+}

lib/ui/account/logout_dialog.dart

@@ -42,6 +42,7 @@ Future<void> autoLogoutAlert(BuildContext context) async {
   );
   await showDialog(
     context: context,
+    barrierDismissible: false,
     builder: (BuildContext context) {
       return alert;
     },

lib/ui/account/ott_verification_page.dart

@@ -10,11 +10,13 @@ class OTTVerificationPage extends StatefulWidget {
   final String email;
   final bool isChangeEmail;
   final bool isCreateAccountScreen;
+  final bool isResetPasswordScreen;
 
   const OTTVerificationPage(
     this.email, {
     this.isChangeEmail = false,
     this.isCreateAccountScreen = false,
+    this.isResetPasswordScreen = false,
     Key? key,
   }) : super(key: key);
 
@@ -78,7 +80,8 @@ class _OTTVerificationPageState extends State<OTTVerificationPage> {
             );
           } else {
             UserService.instance
-                .verifyEmail(context, _verificationCodeController.text);
+                .verifyEmail(context, _verificationCodeController.text,
+              isResettingPasswordScreen: widget.isResetPasswordScreen,);
           }
           FocusScope.of(context).unfocus();
         },
@@ -129,13 +132,21 @@ class _OTTVerificationPageState extends State<OTTVerificationPage> {
                             },
                           ),
                         ),
-                        Text(
-                          l10n.checkInboxAndSpamFolder,
-                          style: Theme.of(context)
-                              .textTheme
-                              .subtitle1!
-                              .copyWith(fontSize: 14),
-                        ),
+                        widget.isResetPasswordScreen
+                            ? Text(
+                                l10n.toResetVerifyEmail,
+                                style: Theme.of(context)
+                                    .textTheme
+                                    .titleMedium!
+                                    .copyWith(fontSize: 14),
+                              )
+                            : Text(
+                                l10n.checkInboxAndSpamFolder,
+                                style: Theme.of(context)
+                                    .textTheme
+                                    .subtitle1!
+                                    .copyWith(fontSize: 14),
+                              ),
                       ],
                     ),
                   ),
@@ -182,6 +193,8 @@ class _OTTVerificationPageState extends State<OTTVerificationPage> {
                         context,
                         widget.email,
                         isCreateAccountScreen: widget.isCreateAccountScreen,
+                        isChangeEmail: widget.isChangeEmail,
+                        isResetPasswordScreen: widget.isResetPasswordScreen,
                       );
                     },
                     child: Text(

lib/ui/account/password_entry_page.dart

@@ -1,5 +1,6 @@
 import 'package:ente_auth/core/configuration.dart';
 import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/key_gen_result.dart';
 import 'package:ente_auth/services/user_service.dart';
 import 'package:ente_auth/ui/account/recovery_key_page.dart';
 import 'package:ente_auth/ui/common/dynamic_fab.dart';
@@ -23,7 +24,7 @@ enum PasswordEntryMode {
 class PasswordEntryPage extends StatefulWidget {
   final PasswordEntryMode mode;
 
-  const PasswordEntryPage({this.mode = PasswordEntryMode.set, Key? key})
+  const PasswordEntryPage({required this.mode, Key? key})
       : super(key: key);
 
   @override
@@ -377,9 +378,9 @@ class _PasswordEntryPageState extends State<PasswordEntryPage> {
         createProgressDialog(context, context.l10n.generatingEncryptionKeys);
     await dialog.show();
     try {
-      final keyAttributes = await Configuration.instance
-          .updatePassword(_passwordController1.text);
-      await UserService.instance.updateKeyAttributes(keyAttributes);
+      final result = await Configuration.instance
+          .getAttributesForNewPassword(_passwordController1.text);
+      await UserService.instance.updateKeyAttributes(result.item1, result.item2);
       await dialog.hide();
       showShortToast(context, context.l10n.passwordChangedSuccessfully);
       Navigator.of(context).pop();
@@ -399,7 +400,7 @@ class _PasswordEntryPageState extends State<PasswordEntryPage> {
         createProgressDialog(context, l10n.generatingEncryptionKeysTitle);
     await dialog.show();
     try {
-      final result = await Configuration.instance.generateKey(password);
+      final KeyGenResult result = await Configuration.instance.generateKey(password);
       Configuration.instance.setVolatilePassword(null);
       await dialog.hide();
       onDone() async {
@@ -408,6 +409,7 @@ class _PasswordEntryPageState extends State<PasswordEntryPage> {
         try {
           await UserService.instance.setAttributes(result);
           await dialog.hide();
+          Configuration.instance.setVolatilePassword(null);
           Navigator.of(context).pushAndRemoveUntil(
             MaterialPageRoute(
               builder: (BuildContext context) {

lib/ui/account/password_reentry_page.dart

@@ -1,12 +1,15 @@
 import 'dart:async';
+import 'dart:typed_data';
 
 import 'package:ente_auth/core/configuration.dart';
 import 'package:ente_auth/core/errors.dart';
 import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/services/user_service.dart';
 import 'package:ente_auth/ui/account/recovery_page.dart';
 import 'package:ente_auth/ui/common/dynamic_fab.dart';
 import 'package:ente_auth/ui/components/buttons/button_widget.dart';
 import 'package:ente_auth/ui/home_page.dart';
+import 'package:ente_auth/utils/crypto_util.dart';
 import 'package:ente_auth/utils/dialog_util.dart';
 import 'package:ente_auth/utils/email_util.dart';
 import 'package:flutter/material.dart';
@@ -26,11 +29,20 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
   String? email;
   bool _passwordInFocus = false;
   bool _passwordVisible = false;
+  String? _volatilePassword;
 
   @override
   void initState() {
     super.initState();
     email = Configuration.instance.getEmail();
+    _volatilePassword = Configuration.instance.getVolatilePassword();
+    if (_volatilePassword != null) {
+      _passwordController.text = _volatilePassword!;
+      Future.delayed(
+        Duration.zero,
+            () => verifyPassword(_volatilePassword!),
+      );
+    }
     _passwordFocusNode.addListener(() {
       setState(() {
         _passwordInFocus = _passwordFocusNode.hasFocus;
@@ -64,68 +76,13 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
       ),
       body: _getBody(),
       floatingActionButton: DynamicFAB(
+        key: const ValueKey("verifyPasswordButton"),
         isKeypadOpen: isKeypadOpen,
         isFormValid: _passwordController.text.isNotEmpty,
         buttonText: context.l10n.verifyPassword,
         onPressedFunction: () async {
           FocusScope.of(context).unfocus();
-          final dialog = createProgressDialog(context, context.l10n.pleaseWait);
-          await dialog.show();
-          try {
-            await Configuration.instance.decryptAndSaveSecrets(
-              _passwordController.text,
-              Configuration.instance.getKeyAttributes()!,
-            );
-          } on KeyDerivationError catch (e, s) {
-            _logger.severe("Password verification failed", e, s);
-            await dialog.hide();
-            final dialogChoice = await showChoiceDialog(
-              context,
-              title: context.l10n.recreatePasswordTitle,
-              body: context.l10n.recreatePasswordBody,
-              firstButtonLabel: context.l10n.useRecoveryKey,
-            );
-            if (dialogChoice!.action == ButtonAction.first) {
-              Navigator.of(context).push(
-                MaterialPageRoute(
-                  builder: (BuildContext context) {
-                    return const RecoveryPage();
-                  },
-                ),
-              );
-            }
-            return;
-          } catch (e, s) {
-            _logger.severe("Password verification failed", e, s);
-            await dialog.hide();
-            final dialogChoice = await showChoiceDialog(
-              context,
-              title: context.l10n.incorrectPasswordTitle,
-              body: context.l10n.pleaseTryAgain,
-              firstButtonLabel: context.l10n.contactSupport,
-              secondButtonLabel: context.l10n.ok,
-            );
-            if (dialogChoice!.action == ButtonAction.first) {
-              await sendLogs(
-                context,
-                context.l10n.contactSupport,
-                "support@ente.io",
-                postShare: () {},
-              );
-            }
-            return;
-          }
-          await dialog.hide();
-          unawaited(
-            Navigator.of(context).pushAndRemoveUntil(
-              MaterialPageRoute(
-                builder: (BuildContext context) {
-                  return const HomePage();
-                },
-              ),
-              (route) => false,
-            ),
-          );
+          await verifyPassword(_passwordController.text);
         },
       ),
       floatingActionButtonLocation: fabLocation(),
@@ -133,6 +90,90 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
     );
   }
 
+  Future<void> verifyPassword(String password) async {
+    FocusScope.of(context).unfocus();
+    final dialog =
+    createProgressDialog(context, context.l10n.pleaseWait);
+    await dialog.show();
+    try {
+      final kek = await Configuration.instance.decryptSecretsAndGetKeyEncKey(
+        password,
+        Configuration.instance.getKeyAttributes()!,
+      );
+      _registerSRPForExistingUsers(kek).ignore();
+    } on KeyDerivationError catch (e, s) {
+      _logger.severe("Password verification failed", e, s);
+      await dialog.hide();
+      final dialogChoice = await showChoiceDialog(
+        context,
+        title: context.l10n.recreatePasswordTitle,
+        body: context.l10n.recreatePasswordBody,
+        firstButtonLabel: context.l10n.useRecoveryKey,
+      );
+      if (dialogChoice!.action == ButtonAction.first) {
+        Navigator.of(context).push(
+          MaterialPageRoute(
+            builder: (BuildContext context) {
+              return const RecoveryPage();
+            },
+          ),
+        );
+      }
+      return;
+    } catch (e, s) {
+      _logger.severe("Password verification failed", e, s);
+      await dialog.hide();
+      final dialogChoice = await showChoiceDialog(
+        context,
+        title: context.l10n.incorrectPasswordTitle,
+        body: context.l10n.pleaseTryAgain,
+        firstButtonLabel: context.l10n.contactSupport,
+        secondButtonLabel: context.l10n.ok,
+      );
+      if (dialogChoice!.action == ButtonAction.first) {
+        await sendLogs(
+          context,
+          context.l10n.contactSupport,
+          "support@ente.io",
+          postShare: () {},
+        );
+      }
+      return;
+    }
+    await dialog.hide();
+    Configuration.instance.setVolatilePassword(null);
+    unawaited(
+      Navigator.of(context).pushAndRemoveUntil(
+        MaterialPageRoute(
+          builder: (BuildContext context) {
+            return const HomePage();
+          },
+        ),
+            (route) => false,
+      ),
+    );
+  }
+
+  Future<void> _registerSRPForExistingUsers(Uint8List key) async {
+    bool shouldSetupSRP = false;
+    try {
+      // ignore: unused_local_variable
+      final attr = await UserService.instance.getSrpAttributes(email!);
+    } on SrpSetupNotCompleteError {
+      shouldSetupSRP = true;
+    } catch (e, s) {
+      _logger.severe("error while fetching attr", e, s);
+    }
+    if (shouldSetupSRP) {
+      try {
+        final Uint8List loginKey = await CryptoUtil.deriveLoginKey(key);
+        await UserService.instance.registerOrUpdateSrp(loginKey);
+      } catch (e, s) {
+        _logger.severe("error while setting up srp for existing users", e, s);
+      }
+    }
+  }
+
   Widget _getBody() {
     return Column(
       children: [
@@ -142,10 +183,10 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
               children: [
                 Padding(
                   padding:
-                      const EdgeInsets.symmetric(vertical: 30, horizontal: 20),
+                  const EdgeInsets.symmetric(vertical: 30, horizontal: 20),
                   child: Text(
                     context.l10n.welcomeBack,
-                    style: Theme.of(context).textTheme.headline4,
+                    style: Theme.of(context).textTheme.headlineMedium,
                   ),
                 ),
                 Visibility(
@@ -165,6 +206,7 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
                 Padding(
                   padding: const EdgeInsets.fromLTRB(20, 24, 20, 0),
                   child: TextFormField(
+                    key: const ValueKey("passwordInputField"),
                     autofillHints: const [AutofillHints.password],
                     decoration: InputDecoration(
                       hintText: context.l10n.enterYourPasswordHint,
@@ -176,19 +218,19 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
                       ),
                       suffixIcon: _passwordInFocus
                           ? IconButton(
-                              icon: Icon(
-                                _passwordVisible
-                                    ? Icons.visibility
-                                    : Icons.visibility_off,
-                                color: Theme.of(context).iconTheme.color,
-                                size: 20,
-                              ),
-                              onPressed: () {
-                                setState(() {
-                                  _passwordVisible = !_passwordVisible;
-                                });
-                              },
-                            )
+                        icon: Icon(
+                          _passwordVisible
+                              ? Icons.visibility
+                              : Icons.visibility_off,
+                          color: Theme.of(context).iconTheme.color,
+                          size: 20,
+                        ),
+                        onPressed: () {
+                          setState(() {
+                            _passwordVisible = !_passwordVisible;
+                          });
+                        },
+                      )
                           : null,
                     ),
                     style: const TextStyle(
@@ -230,11 +272,13 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
                         child: Center(
                           child: Text(
                             context.l10n.forgotPassword,
-                            style:
-                                Theme.of(context).textTheme.subtitle1!.copyWith(
-                                      fontSize: 14,
-                                      decoration: TextDecoration.underline,
-                                    ),
+                            style: Theme.of(context)
+                                .textTheme
+                                .titleMedium!
+                                .copyWith(
+                              fontSize: 14,
+                              decoration: TextDecoration.underline,
+                            ),
                           ),
                         ),
                       ),
@@ -254,11 +298,13 @@ class _PasswordReentryPageState extends State<PasswordReentryPage> {
                         child: Center(
                           child: Text(
                             context.l10n.changeEmail,
-                            style:
-                                Theme.of(context).textTheme.subtitle1!.copyWith(
-                                      fontSize: 14,
-                                      decoration: TextDecoration.underline,
-                                    ),
+                            style: Theme.of(context)
+                                .textTheme
+                                .titleMedium!
+                                .copyWith(
+                              fontSize: 14,
+                              decoration: TextDecoration.underline,
+                            ),
                           ),
                         ),
                       ),

lib/ui/account/request_pwd_verification_page.dart

@@ -0,0 +1,216 @@
+import "dart:convert";
+import "dart:typed_data";
+
+import 'package:ente_auth/core/configuration.dart';
+import "package:ente_auth/l10n/l10n.dart";
+import "package:ente_auth/theme/ente_theme.dart";
+import 'package:ente_auth/ui/common/dynamic_fab.dart';
+import "package:ente_auth/utils/crypto_util.dart";
+import "package:ente_auth/utils/dialog_util.dart";
+import 'package:flutter/material.dart';
+import "package:flutter_sodium/flutter_sodium.dart";
+import "package:logging/logging.dart";
+
+typedef OnPasswordVerifiedFn = Future<void> Function(Uint8List bytes);
+
+class RequestPasswordVerificationPage extends StatefulWidget {
+  final OnPasswordVerifiedFn onPasswordVerified;
+  final Function? onPasswordError;
+
+  const RequestPasswordVerificationPage(
+      {super.key, required this.onPasswordVerified, this.onPasswordError,});
+
+  @override
+  State<RequestPasswordVerificationPage> createState() =>
+      _RequestPasswordVerificationPageState();
+}
+
+class _RequestPasswordVerificationPageState
+    extends State<RequestPasswordVerificationPage> {
+  final _logger = Logger((_RequestPasswordVerificationPageState).toString());
+  final _passwordController = TextEditingController();
+  final FocusNode _passwordFocusNode = FocusNode();
+  String? email;
+  bool _passwordInFocus = false;
+  bool _passwordVisible = false;
+
+  @override
+  void initState() {
+    super.initState();
+    email = Configuration.instance.getEmail();
+    _passwordFocusNode.addListener(() {
+      setState(() {
+        _passwordInFocus = _passwordFocusNode.hasFocus;
+      });
+    });
+  }
+
+  @override
+  Widget build(BuildContext context) {
+    final isKeypadOpen = MediaQuery.of(context).viewInsets.bottom > 100;
+
+    FloatingActionButtonLocation? fabLocation() {
+      if (isKeypadOpen) {
+        return null;
+      } else {
+        return FloatingActionButtonLocation.centerFloat;
+      }
+    }
+
+    return Scaffold(
+      resizeToAvoidBottomInset: isKeypadOpen,
+      appBar: AppBar(
+        elevation: 0,
+        leading: IconButton(
+          icon: const Icon(Icons.arrow_back),
+          color: Theme.of(context).iconTheme.color,
+          onPressed: () {
+            Navigator.of(context).pop();
+          },
+        ),
+      ),
+      body: _getBody(),
+      floatingActionButton: DynamicFAB(
+        key: const ValueKey("verifyPasswordButton"),
+        isKeypadOpen: isKeypadOpen,
+        isFormValid: _passwordController.text.isNotEmpty,
+        buttonText: context.l10n.verifyPassword,
+        onPressedFunction: () async {
+          FocusScope.of(context).unfocus();
+          final dialog = createProgressDialog(context, context.l10n.pleaseWait);
+          dialog.show();
+          try {
+            final attributes = Configuration.instance.getKeyAttributes()!;
+            final Uint8List keyEncryptionKey = await CryptoUtil.deriveKey(
+              utf8.encode(_passwordController.text) as Uint8List,
+              Sodium.base642bin(attributes.kekSalt),
+              attributes.memLimit,
+              attributes.opsLimit,
+            );
+            CryptoUtil.decryptSync(
+              Sodium.base642bin(attributes.encryptedKey),
+              keyEncryptionKey,
+              Sodium.base642bin(attributes.keyDecryptionNonce),
+            );
+            dialog.show();
+            // pop
+            await widget.onPasswordVerified(keyEncryptionKey);
+            dialog.hide();
+            Navigator.of(context).pop(true);
+          } catch (e, s) {
+            _logger.severe("Error while verifying password", e, s);
+            dialog.hide();
+            if (widget.onPasswordError != null) {
+              widget.onPasswordError!();
+            } else {
+              showErrorDialog(
+                context,
+                context.l10n.incorrectPasswordTitle,
+                context.l10n.pleaseTryAgain,
+              );
+            }
+          }
+        },
+      ),
+      floatingActionButtonLocation: fabLocation(),
+      floatingActionButtonAnimator: NoScalingAnimation(),
+    );
+  }
+
+  Widget _getBody() {
+    return Column(
+      children: [
+        Expanded(
+          child: AutofillGroup(
+            child: ListView(
+              children: [
+                Padding(
+                  padding: const EdgeInsets.only(top: 30, left: 20, right: 20),
+                  child: Text(
+                    context.l10n.enterPassword,
+                    style: Theme.of(context).textTheme.headlineMedium,
+                  ),
+                ),
+                Padding(
+                  padding: const EdgeInsets.only(
+                    bottom: 30,
+                    left: 22,
+                    right: 20,
+                  ),
+                  child: Text(
+                    email ?? '',
+                    style: getEnteTextTheme(context).smallMuted,
+                  ),
+                ),
+                Visibility(
+                  // hidden textForm for suggesting auto-fill service for saving
+                  // password
+                  visible: false,
+                  child: TextFormField(
+                    autofillHints: const [
+                      AutofillHints.email,
+                    ],
+                    autocorrect: false,
+                    keyboardType: TextInputType.emailAddress,
+                    initialValue: email,
+                    textInputAction: TextInputAction.next,
+                  ),
+                ),
+                Padding(
+                  padding: const EdgeInsets.fromLTRB(20, 24, 20, 0),
+                  child: TextFormField(
+                    key: const ValueKey("passwordInputField"),
+                    autofillHints: const [AutofillHints.password],
+                    decoration: InputDecoration(
+                      hintText: context.l10n.enterYourPasswordHint,
+                      filled: true,
+                      contentPadding: const EdgeInsets.all(20),
+                      border: UnderlineInputBorder(
+                        borderSide: BorderSide.none,
+                        borderRadius: BorderRadius.circular(6),
+                      ),
+                      suffixIcon: _passwordInFocus
+                          ? IconButton(
+                              icon: Icon(
+                                _passwordVisible
+                                    ? Icons.visibility
+                                    : Icons.visibility_off,
+                                color: Theme.of(context).iconTheme.color,
+                                size: 20,
+                              ),
+                              onPressed: () {
+                                setState(() {
+                                  _passwordVisible = !_passwordVisible;
+                                });
+                              },
+                            )
+                          : null,
+                    ),
+                    style: const TextStyle(
+                      fontSize: 14,
+                    ),
+                    controller: _passwordController,
+                    autofocus: true,
+                    autocorrect: false,
+                    obscureText: !_passwordVisible,
+                    keyboardType: TextInputType.visiblePassword,
+                    focusNode: _passwordFocusNode,
+                    onChanged: (_) {
+                      setState(() {});
+                    },
+                  ),
+                ),
+                const Padding(
+                  padding: EdgeInsets.symmetric(vertical: 18),
+                  child: Divider(
+                    thickness: 1,
+                  ),
+                ),
+              ],
+            ),
+          ),
+        ),
+      ],
+    );
+  }
+}

lib/ui/code_widget.dart

@@ -5,8 +5,10 @@ import 'package:ente_auth/ente_theme_data.dart';
 import 'package:ente_auth/l10n/l10n.dart';
 import 'package:ente_auth/models/code.dart';
 import 'package:ente_auth/onboarding/view/setup_enter_secret_key_page.dart';
+import 'package:ente_auth/onboarding/view/view_qr_page.dart';
 import 'package:ente_auth/store/code_store.dart';
 import 'package:ente_auth/ui/code_timer_progress.dart';
+import 'package:ente_auth/utils/dialog_util.dart';
 import 'package:ente_auth/utils/toast_util.dart';
 import 'package:ente_auth/utils/totp_util.dart';
 import 'package:flutter/material.dart';
@@ -27,18 +29,20 @@ class _CodeWidgetState extends State<CodeWidget> {
   final ValueNotifier<String> _currentCode = ValueNotifier<String>("");
   final ValueNotifier<String> _nextCode = ValueNotifier<String>("");
   final Logger logger = Logger("_CodeWidgetState");
+  bool _isInitialized = false;
 
   @override
   void initState() {
     super.initState();
-    _currentCode.value = _getTotp();
-    _nextCode.value = _getNextTotp();
+
     _everySecondTimer =
         Timer.periodic(const Duration(milliseconds: 500), (Timer t) {
-      String newCode = _getTotp();
+      String newCode = _getCurrentOTP();
       if (newCode != _currentCode.value) {
         _currentCode.value = newCode;
-        _nextCode.value = _getNextTotp();
+        if (widget.code.type == Type.totp) {
+          _nextCode.value = _getNextTotp();
+        }
       }
     });
   }
@@ -53,14 +57,40 @@ class _CodeWidgetState extends State<CodeWidget> {
 
   @override
   Widget build(BuildContext context) {
+    if (!_isInitialized) {
+      _currentCode.value = _getCurrentOTP();
+      if (widget.code.type == Type.totp) {
+        _nextCode.value = _getNextTotp();
+      }
+      _isInitialized = true;
+    }
     final l10n = context.l10n;
     return Container(
       margin: const EdgeInsets.only(left: 16, right: 16, bottom: 8, top: 8),
       child: Slidable(
         key: ValueKey(widget.code.hashCode),
         endActionPane: ActionPane(
+          extentRatio: 0.60,
           motion: const ScrollMotion(),
           children: [
+            const SizedBox(
+              width: 4,
+            ),
+            SlidableAction(
+              onPressed: _onShowQrPressed,
+              backgroundColor: Colors.grey.withOpacity(0.1),
+              borderRadius: const BorderRadius.all(Radius.circular(12.0)),
+              foregroundColor:
+              Theme.of(context).colorScheme.inverseBackgroundColor,
+              icon: Icons.qr_code_2_outlined,
+              label: "QR",
+              padding: const EdgeInsets.only(left: 4, right: 0),
+              spacing: 8,
+            ),
+            const SizedBox(
+              width: 4,
+            ),
+
             SlidableAction(
               onPressed: _onEditPressed,
               backgroundColor: Colors.grey.withOpacity(0.1),
@@ -87,120 +117,137 @@ class _CodeWidgetState extends State<CodeWidget> {
             ),
           ],
         ),
-        child: Container(
-          margin: const EdgeInsets.only(right: 10),
-          child: ClipRRect(
-            borderRadius: BorderRadius.circular(8),
-            child: Container(
-              color: Theme.of(context).colorScheme.codeCardBackgroundColor,
-              child: Material(
-                color: Colors.transparent,
-                child: InkWell(
-                  customBorder: RoundedRectangleBorder(
-                    borderRadius: BorderRadius.circular(10),
-                  ),
-                  onTap: () {
-                    _copyToClipboard();
-                  },
-                  onLongPress: () {
-                    _copyToClipboard();
-                  },
-                  child: SizedBox(
-                    child: Column(
-                      crossAxisAlignment: CrossAxisAlignment.start,
-                      mainAxisAlignment: MainAxisAlignment.center,
-                      children: [
+        child: ClipRRect(
+          borderRadius: BorderRadius.circular(8),
+          child: Container(
+            color: Theme.of(context).colorScheme.codeCardBackgroundColor,
+            child: Material(
+              color: Colors.transparent,
+              child: InkWell(
+                customBorder: RoundedRectangleBorder(
+                  borderRadius: BorderRadius.circular(10),
+                ),
+                onTap: () {
+                  _copyToClipboard();
+                },
+                onLongPress: () {
+                  _copyToClipboard();
+                },
+                child: SizedBox(
+                  child: Column(
+                    crossAxisAlignment: CrossAxisAlignment.start,
+                    mainAxisAlignment: MainAxisAlignment.center,
+                    children: [
+                      if (widget.code.type == Type.totp)
                         CodeTimerProgress(
                           period: widget.code.period,
                         ),
-                        const SizedBox(
-                          height: 16,
-                        ),
-                        Padding(
-                          padding: const EdgeInsets.only(left: 16, right: 16),
-                          child: Row(
-                            mainAxisAlignment: MainAxisAlignment.spaceBetween,
-                            crossAxisAlignment: CrossAxisAlignment.start,
-                            children: [
-                              Column(
-                                crossAxisAlignment: CrossAxisAlignment.start,
-                                children: [
-                                  Text(
-                                    safeDecode(widget.code.issuer).trim(),
-                                    style:
-                                        Theme.of(context).textTheme.headline6,
-                                  ),
-                                  const SizedBox(height: 2),
-                                  Text(
-                                    safeDecode(widget.code.account).trim(),
-                                    style: Theme.of(context)
-                                        .textTheme
-                                        .caption
-                                        ?.copyWith(
-                                          fontSize: 12,
-                                          color: Colors.grey,
-                                        ),
-                                  ),
-                                ],
-                              ),
-                              widget.code.hasSynced != null &&
-                                      widget.code.hasSynced!
-                                  ? Container()
-                                  : const Icon(
-                                      Icons.sync_disabled,
-                                      size: 20,
-                                      color: Colors.amber,
-                                    ),
-                            ],
-                          ),
-                        ),
-                        const SizedBox(height: 4),
-                        Container(
-                          padding: const EdgeInsets.only(left: 16, right: 16),
-                          child: Row(
-                            mainAxisAlignment: MainAxisAlignment.start,
-                            crossAxisAlignment: CrossAxisAlignment.end,
-                            children: [
-                              Expanded(
-                                child: ValueListenableBuilder<String>(
-                                  valueListenable: _currentCode,
-                                  builder: (context, value, child) {
-                                    return Text(
-                                      value,
-                                      style: const TextStyle(fontSize: 24),
-                                    );
-                                  },
+                      const SizedBox(
+                        height: 16,
+                      ),
+                      Padding(
+                        padding: const EdgeInsets.only(left: 16, right: 16),
+                        child: Row(
+                          mainAxisAlignment: MainAxisAlignment.spaceBetween,
+                          crossAxisAlignment: CrossAxisAlignment.start,
+                          children: [
+                            Column(
+                              crossAxisAlignment: CrossAxisAlignment.start,
+                              children: [
+                                Text(
+                                  safeDecode(widget.code.issuer).trim(),
+                                  style: Theme.of(context).textTheme.headline6,
                                 ),
-                              ),
-                              Column(
-                                crossAxisAlignment: CrossAxisAlignment.end,
-                                children: [
-                                  Text(
-                                    l10n.nextTotpTitle,
-                                    style: Theme.of(context).textTheme.caption,
+                                const SizedBox(height: 2),
+                                Text(
+                                  safeDecode(widget.code.account).trim(),
+                                  style: Theme.of(context)
+                                      .textTheme
+                                      .caption
+                                      ?.copyWith(
+                                        fontSize: 12,
+                                        color: Colors.grey,
+                                      ),
+                                ),
+                              ],
+                            ),
+                            widget.code.hasSynced != null &&
+                                    widget.code.hasSynced!
+                                ? Container()
+                                : const Icon(
+                                    Icons.sync_disabled,
+                                    size: 20,
+                                    color: Colors.amber,
                                   ),
-                                  ValueListenableBuilder<String>(
-                                    valueListenable: _nextCode,
-                                    builder: (context, value, child) {
-                                      return Text(
-                                        value,
-                                        style: const TextStyle(
-                                          fontSize: 18,
+                          ],
+                        ),
+                      ),
+                      const SizedBox(height: 4),
+                      Container(
+                        padding: const EdgeInsets.only(left: 16, right: 16),
+                        child: Row(
+                          mainAxisAlignment: MainAxisAlignment.start,
+                          crossAxisAlignment: CrossAxisAlignment.end,
+                          children: [
+                            Expanded(
+                              child: ValueListenableBuilder<String>(
+                                valueListenable: _currentCode,
+                                builder: (context, value, child) {
+                                  return Text(
+                                    value,
+                                    style: const TextStyle(fontSize: 24),
+                                  );
+                                },
+                              ),
+                            ),
+                            widget.code.type == Type.totp
+                                ? Column(
+                                    crossAxisAlignment: CrossAxisAlignment.end,
+                                    children: [
+                                      Text(
+                                        l10n.nextTotpTitle,
+                                        style:
+                                            Theme.of(context).textTheme.caption,
+                                      ),
+                                      ValueListenableBuilder<String>(
+                                        valueListenable: _nextCode,
+                                        builder: (context, value, child) {
+                                          return Text(
+                                            value,
+                                            style: const TextStyle(
+                                              fontSize: 18,
+                                              color: Colors.grey,
+                                            ),
+                                          );
+                                        },
+                                      ),
+                                    ],
+                                  )
+                                : Column(
+                                    crossAxisAlignment: CrossAxisAlignment.end,
+                                    children: [
+                                      Text(
+                                        l10n.nextTotpTitle,
+                                        style:
+                                            Theme.of(context).textTheme.caption,
+                                      ),
+                                       InkWell(
+                                        onTap: _onNextHotpTapped,
+                                        child: const Icon(
+                                          Icons.forward_outlined,
+                                          size: 32,
                                           color: Colors.grey,
                                         ),
-                                      );
-                                    },
+                                      ),
+                                    ],
                                   ),
-                                ],
-                              ),
-                            ],
-                          ),
+                          ],
                         ),
-                        const SizedBox(
-                          height: 20,
-                        ),
-                      ],
-                    ),
+                      ),
+                      const SizedBox(
+                        height: 20,
+                      ),
+                    ],
                   ),
                 ),
               ),
@@ -212,10 +259,16 @@ class _CodeWidgetState extends State<CodeWidget> {
   }
 
   void _copyToClipboard() {
-    FlutterClipboard.copy(_getTotp())
+    FlutterClipboard.copy(_getCurrentOTP())
         .then((value) => showToast(context, context.l10n.copiedToClipboard));
   }
 
+  void _onNextHotpTapped() {
+    if(widget.code.type == Type.hotp) {
+     CodeStore.instance.addCode(widget.code.copyWith(counter: widget.code.counter + 1), shouldSync: true).ignore();
+    }
+  }
+
   Future<void> _onEditPressed(_) async {
     final Code? code = await Navigator.of(context).push(
       MaterialPageRoute(
@@ -229,66 +282,34 @@ class _CodeWidgetState extends State<CodeWidget> {
     }
   }
 
-  void _onDeletePressed(_) {
+  Future<void> _onShowQrPressed(_) async {
+    final Code? code = await Navigator.of(context).push(
+      MaterialPageRoute(
+        builder: (BuildContext context) {
+          return ViewQrPage(code: widget.code);
+        },
+      ),
+    );
+  }
+
+  void _onDeletePressed(_) async {
     final l10n = context.l10n;
-    final AlertDialog alert = AlertDialog(
-      shape: RoundedRectangleBorder(borderRadius: BorderRadius.circular(10)),
-      title: Text(
-        l10n.deleteCodeTitle,
-        style: Theme.of(context).textTheme.headline6,
-      ),
-      content: Text(
-        l10n.deleteCodeMessage,
-      ),
-      actions: [
-        TextButton(
-          child: Text(
-            l10n.delete,
-            style: const TextStyle(
-              color: Colors.red,
-            ),
-          ),
-          onPressed: () {
-            CodeStore.instance.removeCode(widget.code);
-            Navigator.of(context, rootNavigator: true).pop('dialog');
-          },
-        ),
-        TextButton(
-          child: Text(
-            l10n.cancel,
-            style: TextStyle(
-              color: Theme.of(context).colorScheme.onSurface,
-            ),
-          ),
-          onPressed: () {
-            Navigator.of(context, rootNavigator: true).pop('dialog');
-          },
-        ),
-      ],
-    );
-
-    showDialog(
-      context: context,
-      builder: (BuildContext context) {
-        return alert;
+    await showChoiceActionSheet(
+      context,
+      title: l10n.deleteCodeTitle,
+      body: l10n.deleteCodeMessage,
+      firstButtonLabel: l10n.delete,
+      isCritical: true,
+      firstButtonOnTap: () async {
+        await CodeStore.instance.removeCode(widget.code);
       },
-      barrierColor: Colors.black12,
     );
   }
 
-  String safeDecode(String value) {
-    try {
-      return Uri.decodeComponent(value);
-    } catch (e) {
-      // note: don't log the value, it might contain sensitive information
-      logger.severe("Failed to decode", e);
-      return value;
-    }
-  }
 
-  String _getTotp() {
+  String _getCurrentOTP() {
     try {
-      return getTotp(widget.code);
+      return getOTP(widget.code);
     } catch (e) {
       return context.l10n.error;
     }
@@ -296,6 +317,7 @@ class _CodeWidgetState extends State<CodeWidget> {
 
   String _getNextTotp() {
     try {
+      assert(widget.code.type == Type.totp);
       return getNextTotp(widget.code);
     } catch (e) {
       return context.l10n.error;

lib/ui/components/dialog_widget.dart

@@ -73,19 +73,22 @@ class DialogWidget extends StatelessWidget {
         boxShadow: shadowFloatLight,
         borderRadius: const BorderRadius.all(Radius.circular(8)),
       ),
-      child: Padding(
-        padding: const EdgeInsets.all(16),
-        child: Column(
-          mainAxisSize: MainAxisSize.min,
-          children: [
-            ContentContainer(
-              title: title,
-              body: body,
-              icon: icon,
-            ),
-            const SizedBox(height: 36),
-            Actions(buttons),
-          ],
+      child: Material(
+        color: Colors.transparent,
+        child: Padding(
+          padding: const EdgeInsets.all(16),
+          child: Column(
+            mainAxisSize: MainAxisSize.min,
+            children: [
+              ContentContainer(
+                title: title,
+                body: body,
+                icon: icon,
+              ),
+              const SizedBox(height: 36),
+              Actions(buttons),
+            ],
+          ),
         ),
       ),
     );

lib/ui/home/home_empty_state.dart

@@ -1,4 +1,8 @@
 import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/theme/ente_theme.dart';
+import 'package:ente_auth/ui/settings/data/import_page.dart';
+import 'package:ente_auth/ui/settings/faq.dart';
+import 'package:ente_auth/utils/navigation_util.dart';
 import 'package:flutter/material.dart';
 
 class HomeEmptyStateWidget extends StatelessWidget {
@@ -50,6 +54,33 @@ class HomeEmptyStateWidget extends StatelessWidget {
                       child: Text(l10n.importEnterSetupKey),
                     ),
                   ),
+                  const SizedBox(height: 54),
+                  InkWell(
+                    onTap: () {
+                      routeToPage(context, ImportCodePage());
+                    },
+                    child: Text(
+                      l10n.importCodes,
+                      textAlign: TextAlign.center,
+                      style: getEnteTextTheme(context).bodyFaint.copyWith(decoration: TextDecoration.underline),
+                    ),),
+                  const SizedBox(height: 18),
+                  InkWell(
+                    onTap: () {
+                      showModalBottomSheet<void>(
+                        backgroundColor: Theme.of(context).colorScheme.background,
+                        barrierColor: Colors.black87,
+                        context: context,
+                        builder: (context) {
+                          return const FAQQuestionsWidget();
+                        },
+                      );
+                    },
+                    child: Text(
+                      l10n.faq,
+                      textAlign: TextAlign.center,
+                      style: getEnteTextTheme(context).bodyFaint.copyWith(decoration: TextDecoration.underline),
+                    ),),
                 ],
               ),
             ],

lib/ui/home_page.dart

@@ -54,7 +54,8 @@ class _HomePageState extends State<HomePage> {
 
   @override
   void initState() {
-    _textController.addListener(_applyFiltering);
+    super.initState();
+    _textController.addListener(_applyFilteringAndRefresh);
     _loadCodes();
     _streamSubscription = Bus.instance.on<CodesUpdatedEvent>().listen((event) {
       _loadCodes();
@@ -64,18 +65,18 @@ class _HomePageState extends State<HomePage> {
       await autoLogoutAlert(context);
     });
     _initDeepLinks();
-    super.initState();
+
   }
 
   void _loadCodes() {
     CodeStore.instance.getAllCodes().then((codes) {
       _codes = codes;
       _hasLoaded = true;
-      _applyFiltering();
+      _applyFilteringAndRefresh();
     });
   }
 
-  void _applyFiltering() {
+  void _applyFilteringAndRefresh() {
     if (_searchText.isNotEmpty && _showSearchBox) {
       final String val = _searchText.toLowerCase();
       _filteredCodes = _codes
@@ -96,7 +97,7 @@ class _HomePageState extends State<HomePage> {
   void dispose() {
     _streamSubscription?.cancel();
     _triggerLogoutEvent?.cancel();
-    _textController.removeListener(_applyFiltering);
+    _textController.removeListener(_applyFilteringAndRefresh);
     super.dispose();
   }
 
@@ -110,6 +111,10 @@ class _HomePageState extends State<HomePage> {
     );
     if (code != null) {
       CodeStore.instance.addCode(code);
+      // Focus the new code by searching
+      if (_codes.length > 2) {
+        _focusNewCode(code);
+      }
     }
   }
 
@@ -169,7 +174,7 @@ class _HomePageState extends State<HomePage> {
                   controller: _textController,
                   onChanged: (val) {
                     _searchText = val;
-                    _applyFiltering();
+                    _applyFilteringAndRefresh();
                   },
                   decoration: InputDecoration(
                     hintText: l10n.searchHint,
@@ -191,7 +196,7 @@ class _HomePageState extends State<HomePage> {
                     } else {
                       _searchText = _textController.text;
                     }
-                    _applyFiltering();
+                    _applyFilteringAndRefresh();
                   },
                 );
               },
@@ -218,7 +223,11 @@ class _HomePageState extends State<HomePage> {
       } else {
         final list = ListView.builder(
           itemBuilder: ((context, index) {
-            return CodeWidget(_filteredCodes[index]);
+            try {
+              return CodeWidget(_filteredCodes[index]);
+            } catch(e) {
+              return const Text("Failed");
+            }
           }),
           itemCount: _filteredCodes.length,
         );
@@ -306,11 +315,7 @@ class _HomePageState extends State<HomePage> {
         final newCode = Code.fromRawData(link);
         getNextTotp(newCode);
         CodeStore.instance.addCode(newCode);
-        _showSearchBox = true;
-        _textController.text = newCode.account;
-        _searchText = newCode.account;
-        _applyFiltering();
-        setState(() {});
+        _focusNewCode(newCode);
       } catch (e, s) {
         showGenericErrorDialog(context: context);
         _logger.severe("error while handling deeplink", e, s);
@@ -318,6 +323,13 @@ class _HomePageState extends State<HomePage> {
     }
   }
 
+  void _focusNewCode(Code newCode) {
+    _showSearchBox = true;
+    _textController.text = newCode.account;
+    _searchText = newCode.account;
+    _applyFilteringAndRefresh();
+  }
+
   Widget _getFab() {
     return SpeedDial(
       icon: Icons.add,

lib/ui/scanner_gauth_page.dart

@@ -0,0 +1,97 @@
+import 'dart:io';
+
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/code.dart';
+import 'package:ente_auth/theme/ente_theme.dart';
+import 'package:ente_auth/ui/settings/data/import/google_auth_import.dart';
+import 'package:ente_auth/utils/toast_util.dart';
+import 'package:flutter/material.dart';
+import 'package:qr_code_scanner/qr_code_scanner.dart';
+
+class ScannerGoogleAuthPage extends StatefulWidget {
+  const ScannerGoogleAuthPage({Key? key}) : super(key: key);
+
+  @override
+  State<ScannerGoogleAuthPage> createState() => ScannerGoogleAuthPageState();
+}
+
+class ScannerGoogleAuthPageState extends State<ScannerGoogleAuthPage> {
+  final GlobalKey qrKey = GlobalKey(debugLabel: 'QR');
+  QRViewController? controller;
+  String? totp;
+
+  // In order to get hot reload to work we need to pause the camera if the platform
+  // is android, or resume the camera if the platform is iOS.
+  @override
+  void reassemble() {
+    super.reassemble();
+    if (Platform.isAndroid) {
+      controller!.pauseCamera();
+    } else if (Platform.isIOS) {
+      controller!.resumeCamera();
+    }
+  }
+
+  @override
+  Widget build(BuildContext context) {
+    final l10n = context.l10n;
+    return Scaffold(
+      appBar: AppBar(
+        title: Text(l10n.scan),
+      ),
+      body: Column(
+        children: <Widget>[
+          Expanded(
+            flex: 5,
+            child: QRView(
+              key: qrKey,
+              overlay: QrScannerOverlayShape(
+                  borderColor: getEnteColorScheme(context).primary700,),
+              onQRViewCreated: _onQRViewCreated,
+              formatsAllowed: const [BarcodeFormat.qrcode],
+            ),
+          ),
+          Expanded(
+            flex: 1,
+            child: Center(
+              child: (totp != null) ? Text(totp!) : Text(l10n.scanACode),
+            ),
+          )
+        ],
+      ),
+    );
+  }
+
+  void _onQRViewCreated(QRViewController controller) {
+    this.controller = controller;
+    // h4ck to remove black screen on Android scanners: https://github.com/juliuscanute/qr_code_scanner/issues/560#issuecomment-1159611301
+    if (Platform.isAndroid) {
+      controller.pauseCamera();
+      controller.resumeCamera();
+    }
+    controller.scannedDataStream.listen((scanData) {
+      try {
+        if (scanData.code == null) {
+          return;
+        }
+        if (scanData.code!.startsWith(kGoogleAuthExportPrefix)) {
+          List<Code> codes = parseGoogleAuth(scanData.code!);
+          controller.dispose();
+          Navigator.of(context).pop(codes);
+        } else {
+          showToast(context, "Invalid QR code");
+        }
+      } catch (e) {
+        controller.dispose();
+        Navigator.of(context).pop();
+        showToast(context, "Error " + e.toString());
+      }
+    });
+  }
+
+  @override
+  void dispose() {
+    controller?.dispose();
+    super.dispose();
+  }
+}

lib/ui/settings/about_section_widget.dart

@@ -36,7 +36,7 @@ class AboutSectionWidget extends StatelessWidget {
           trailingIcon: Icons.chevron_right_outlined,
           trailingIconIsMuted: true,
           onTap: () async {
-            launchUrl(Uri.parse("https://github.com/ente-io/photos-app"));
+            launchUrl(Uri.parse("https://github.com/ente-io/auth"));
           },
         ),
         sectionOptionSpacing,

lib/ui/settings/account_section_widget.dart

@@ -1,14 +1,14 @@
 
 
 import 'package:ente_auth/app/view/app.dart';
-import 'package:ente_auth/core/configuration.dart';
 import 'package:ente_auth/l10n/l10n.dart';
 import 'package:ente_auth/locale.dart';
 import 'package:ente_auth/services/local_authentication_service.dart';
+import 'package:ente_auth/services/user_service.dart';
 import 'package:ente_auth/theme/ente_theme.dart';
 import 'package:ente_auth/ui/account/change_email_dialog.dart';
+import 'package:ente_auth/ui/account/delete_account_page.dart';
 import 'package:ente_auth/ui/account/password_entry_page.dart';
-import 'package:ente_auth/ui/account/recovery_key_page.dart';
 import 'package:ente_auth/ui/components/captioned_text_widget.dart';
 import 'package:ente_auth/ui/components/expandable_menu_item_widget.dart';
 import 'package:ente_auth/ui/components/menu_item_widget.dart';
@@ -17,7 +17,6 @@ import 'package:ente_auth/ui/settings/language_picker.dart';
 import 'package:ente_auth/utils/dialog_util.dart';
 import 'package:ente_auth/utils/navigation_util.dart';
 import 'package:flutter/material.dart';
-import 'package:flutter_sodium/flutter_sodium.dart';
 
 class AccountSectionWidget extends StatelessWidget {
   AccountSectionWidget({Key? key}) : super(key: key);
@@ -36,41 +35,6 @@ class AccountSectionWidget extends StatelessWidget {
     final l10n = context.l10n;
     List<Widget> children = [];
     children.addAll([
-      sectionOptionSpacing,
-      MenuItemWidget(
-        captionedTextWidget: CaptionedTextWidget(
-          title: l10n.recoveryKey,
-        ),
-        pressedColor: getEnteColorScheme(context).fillFaint,
-        trailingIcon: Icons.chevron_right_outlined,
-        trailingIconIsMuted: true,
-        onTap: () async {
-          final hasAuthenticated = await LocalAuthenticationService.instance
-              .requestLocalAuthentication(
-            context,
-            l10n.authToViewYourRecoveryKey,
-          );
-          if (hasAuthenticated) {
-            String recoveryKey;
-            try {
-              recoveryKey =
-                  Sodium.bin2hex(Configuration.instance.getRecoveryKey());
-            } catch (e) {
-              showGenericErrorDialog(context: context);
-              return;
-            }
-            routeToPage(
-              context,
-              RecoveryKeyPage(
-                recoveryKey,
-                l10n.ok,
-                showAppBar: true,
-                onDone: () {},
-              ),
-            );
-          }
-        },
-      ),
       sectionOptionSpacing,
       MenuItemWidget(
         captionedTextWidget: CaptionedTextWidget(
@@ -148,9 +112,44 @@ class AccountSectionWidget extends StatelessWidget {
         },
       ),
       sectionOptionSpacing,
+      MenuItemWidget(
+        captionedTextWidget: CaptionedTextWidget(
+          title: context.l10n.logout,
+        ),
+        pressedColor: getEnteColorScheme(context).fillFaint,
+        trailingIcon: Icons.chevron_right_outlined,
+        trailingIconIsMuted: true,
+        onTap: () async {
+          _onLogoutTapped(context);
+        },
+      ),
+      sectionOptionSpacing,
+      MenuItemWidget(
+        captionedTextWidget: CaptionedTextWidget(
+          title: context.l10n.deleteAccount,
+        ),
+        pressedColor: getEnteColorScheme(context).fillFaint,
+        trailingIcon: Icons.chevron_right_outlined,
+        trailingIconIsMuted: true,
+        onTap: () async {
+          routeToPage(context, const DeleteAccountPage());
+        },
+      ),
+      sectionOptionSpacing,
     ]);
     return Column(
       children: children,
     );
   }
+  void _onLogoutTapped(BuildContext context) {
+    showChoiceActionSheet(
+      context,
+      title: context.l10n.areYouSureYouWantToLogout,
+      firstButtonLabel: context.l10n.yesLogout,
+      isCritical: true,
+      firstButtonOnTap: () async {
+        await UserService.instance.logout(context);
+      },
+    );
+  }
 }

lib/ui/settings/data/data_section_widget.dart

@@ -0,0 +1,63 @@
+
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/theme/ente_theme.dart';
+import 'package:ente_auth/ui/components/captioned_text_widget.dart';
+import 'package:ente_auth/ui/components/expandable_menu_item_widget.dart';
+import 'package:ente_auth/ui/components/menu_item_widget.dart';
+import 'package:ente_auth/ui/settings/common_settings.dart';
+import 'package:ente_auth/ui/settings/data/export_widget.dart';
+import 'package:ente_auth/ui/settings/data/import_page.dart';
+import 'package:ente_auth/utils/navigation_util.dart';
+import 'package:flutter/material.dart';
+import 'package:logging/logging.dart';
+
+class DataSectionWidget extends StatelessWidget {
+  final _logger = Logger("AccountSectionWidget");
+
+  DataSectionWidget({Key? key}) : super(key: key);
+
+  @override
+  Widget build(BuildContext context) {
+    final l10n = context.l10n;
+    return ExpandableMenuItemWidget(
+      title: l10n.data,
+      selectionOptionsWidget: _getSectionOptions(context),
+      leadingIcon: Icons.key_outlined,
+    );
+  }
+
+  Column _getSectionOptions(BuildContext context) {
+    final l10n = context.l10n;
+    List<Widget> children = [];
+    children.addAll([
+      sectionOptionSpacing,
+      MenuItemWidget(
+        captionedTextWidget: CaptionedTextWidget(
+          title: l10n.importCodes,
+        ),
+        pressedColor: getEnteColorScheme(context).fillFaint,
+        trailingIcon: Icons.chevron_right_outlined,
+        trailingIconIsMuted: true,
+        onTap: () async {
+          routeToPage(context, ImportCodePage());
+        },
+      ),
+      sectionOptionSpacing,
+      MenuItemWidget(
+        captionedTextWidget: CaptionedTextWidget(
+          title: l10n.exportCodes,
+        ),
+        pressedColor: getEnteColorScheme(context).fillFaint,
+        trailingIcon: Icons.chevron_right_outlined,
+        trailingIconIsMuted: true,
+        onTap: () async {
+          handleExportClick(context);
+        },
+      ),
+      sectionOptionSpacing,
+    ]);
+    return Column(
+      children: children,
+    );
+  }
+}

lib/ui/settings/data/export_widget.dart

@@ -0,0 +1,153 @@
+import 'dart:convert';
+import 'dart:io';
+
+import 'package:ente_auth/core/configuration.dart';
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/export/ente.dart';
+import 'package:ente_auth/services/local_authentication_service.dart';
+import 'package:ente_auth/store/code_store.dart';
+import 'package:ente_auth/ui/components/buttons/button_widget.dart';
+import 'package:ente_auth/ui/components/dialog_widget.dart';
+import 'package:ente_auth/ui/components/models/button_type.dart';
+import 'package:ente_auth/utils/crypto_util.dart';
+import 'package:ente_auth/utils/dialog_util.dart';
+import 'package:ente_auth/utils/toast_util.dart';
+import 'package:flutter/cupertino.dart';
+import 'package:flutter/foundation.dart';
+import 'package:flutter/material.dart';
+import 'package:flutter_sodium/flutter_sodium.dart';
+import 'package:logging/logging.dart';
+import 'package:share_plus/share_plus.dart';
+
+Future<void> handleExportClick(BuildContext context) async {
+  final result = await showDialogWidget(
+    context: context,
+    title: context.l10n.selectExportFormat,
+    body: context.l10n.exportDialogDesc,
+    buttons: [
+      ButtonWidget(
+        buttonType: ButtonType.primary,
+        labelText: context.l10n.encrypted,
+        isInAlert: true,
+        buttonSize: ButtonSize.large,
+        buttonAction: ButtonAction.first,
+      ),
+      ButtonWidget(
+        buttonType: ButtonType.secondary,
+        labelText: context.l10n.plainText,
+        buttonSize: ButtonSize.large,
+        isInAlert: true,
+        buttonAction: ButtonAction.second,
+      ),
+    ],
+  );
+  if (result?.action != null && result!.action != ButtonAction.cancel) {
+    if (result.action == ButtonAction.first) {
+      await _requestForEncryptionPassword(context);
+    } else {
+      await _showExportWarningDialog(context);
+    }
+  }
+}
+
+Future<void> _requestForEncryptionPassword(
+  BuildContext context, {
+  String? password,
+}) async {
+  final l10n = context.l10n;
+  await showTextInputDialog(
+    context,
+    title: l10n.passwordToEncryptExport,
+    submitButtonLabel: l10n.export,
+    hintText: l10n.enterPassword,
+    isPasswordInput: true,
+    alwaysShowSuccessState: false,
+    onSubmit: (String password) async {
+      if (password.isEmpty || password.length < 4) {
+        showToast(context, "Password must be at least 4 characters long.");
+        Future.delayed(const Duration(seconds: 0), () {
+          _requestForEncryptionPassword(context, password: password);
+        });
+        return;
+      }
+      if (password.isNotEmpty) {
+        try {
+          final kekSalt = CryptoUtil.getSaltToDeriveKey();
+          final derivedKeyResult = await CryptoUtil.deriveSensitiveKey(
+            utf8.encode(password) as Uint8List,
+            kekSalt,
+          );
+          String exportPlainText = await _getAuthDataForExport();
+          // Encrypt the key with this derived key
+          final encResult = await CryptoUtil.encryptChaCha(
+            utf8.encode(exportPlainText) as Uint8List,
+            derivedKeyResult.key,
+          );
+          final encContent = Sodium.bin2base64(encResult.encryptedData!);
+          final encNonce = Sodium.bin2base64(encResult.header!);
+          final EnteAuthExport data = EnteAuthExport(
+            version: 1,
+            encryptedData: encContent,
+            encryptionNonce: encNonce,
+            kdfParams: KDFParams(
+              memLimit: derivedKeyResult.memLimit,
+              opsLimit: derivedKeyResult.opsLimit,
+              salt: Sodium.bin2base64(kekSalt),
+            ),
+          );
+          // get json value of data
+          _exportCodes(context, jsonEncode(data.toJson()));
+        } catch (e, s) {
+          Logger("ExportWidget").severe(e, s);
+          showToast(context, "Error while exporting codes.");
+        }
+      }
+    },
+  );
+}
+
+Future<void> _showExportWarningDialog(BuildContext context) async {
+  await showChoiceActionSheet(
+    context,
+    title: context.l10n.warning,
+    body: context.l10n.exportWarningDesc,
+    isCritical: true,
+    firstButtonOnTap: () async {
+      final data = await _getAuthDataForExport();
+      await _exportCodes(context, data);
+    },
+    secondButtonLabel: context.l10n.cancel,
+    firstButtonLabel: context.l10n.iUnderStand,
+  );
+}
+
+Future<void> _exportCodes(BuildContext context, String fileContent) async {
+  final _codeFile = File(
+    Configuration.instance.getTempDirectory() + "ente-authenticator-codes.txt",
+  );
+  final hasAuthenticated = await LocalAuthenticationService.instance
+      .requestLocalAuthentication(context, context.l10n.authToExportCodes);
+  if (!hasAuthenticated) {
+    return;
+  }
+  if (_codeFile.existsSync()) {
+    await _codeFile.delete();
+  }
+  _codeFile.writeAsStringSync(fileContent);
+  final Size size = MediaQuery.of(context).size;
+  await Share.shareFiles([_codeFile.path], sharePositionOrigin: Rect.fromLTWH(0, 0, size.width, size.height / 2),);
+  Future.delayed(const Duration(seconds: 15), () async {
+    if (_codeFile.existsSync()) {
+      _codeFile.deleteSync();
+    }
+  });
+}
+
+Future<String> _getAuthDataForExport() async {
+  final codes = await CodeStore.instance.getAllCodes();
+  String data = "";
+  for (final code in codes) {
+    data += code.rawData + "\n";
+  }
+  return data;
+}

lib/ui/settings/data/import/encrypted_ente_import.dart

@@ -0,0 +1,156 @@
+import 'dart:async';
+import 'dart:convert';
+import 'dart:io';
+
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/code.dart';
+import 'package:ente_auth/models/export/ente.dart';
+import 'package:ente_auth/services/authenticator_service.dart';
+import 'package:ente_auth/store/code_store.dart';
+import 'package:ente_auth/ui/components/buttons/button_widget.dart';
+import 'package:ente_auth/ui/components/dialog_widget.dart';
+import 'package:ente_auth/ui/components/models/button_type.dart';
+import 'package:ente_auth/ui/settings/data/import/import_success.dart';
+import 'package:ente_auth/utils/crypto_util.dart';
+import 'package:ente_auth/utils/dialog_util.dart';
+import 'package:ente_auth/utils/toast_util.dart';
+import 'package:file_picker/file_picker.dart';
+import 'package:flutter/cupertino.dart';
+import 'package:flutter/foundation.dart';
+import 'package:flutter/material.dart';
+import 'package:flutter_sodium/flutter_sodium.dart';
+import 'package:logging/logging.dart';
+
+Future<void> showEncryptedImportInstruction(BuildContext context) async {
+  final l10n = context.l10n;
+  final result = await showDialogWidget(
+    context: context,
+    title: l10n.importFromApp("ente Auth"),
+    body: l10n.importEnteEncGuide,
+    buttons: [
+      ButtonWidget(
+        buttonType: ButtonType.primary,
+        labelText: l10n.importSelectJsonFile,
+        isInAlert: true,
+        buttonSize: ButtonSize.large,
+        buttonAction: ButtonAction.first,
+      ),
+      ButtonWidget(
+        buttonType: ButtonType.secondary,
+        labelText: context.l10n.cancel,
+        buttonSize: ButtonSize.large,
+        isInAlert: true,
+        buttonAction: ButtonAction.second,
+      ),
+    ],
+  );
+  if (result?.action != null && result!.action != ButtonAction.cancel) {
+    if (result.action == ButtonAction.first) {
+      await _pickEnteJsonFile(context);
+    } else {}
+  }
+}
+
+Future<void> _decryptExportData(
+  BuildContext context,
+  EnteAuthExport enteAuthExport, {
+  String? password,
+}) async {
+  final l10n = context.l10n;
+  bool isPasswordIncorrect = false;
+  int? importedCodeCount;
+  await showTextInputDialog(
+    context,
+    title: l10n.passwordForDecryptingExport,
+    submitButtonLabel: l10n.importLabel,
+    hintText: l10n.enterYourPasswordHint,
+    isPasswordInput: true,
+    alwaysShowSuccessState: false,
+    showOnlyLoadingState: true,
+    onSubmit: (String password) async {
+      if (password.isEmpty) {
+        showToast(context, l10n.passwordEmptyError);
+        Future.delayed(const Duration(seconds: 0), () {
+          _decryptExportData(context, enteAuthExport, password: password);
+        });
+        return;
+      }
+      if (password.isNotEmpty) {
+        final progressDialog = createProgressDialog(context, l10n.pleaseWait);
+        try {
+          await progressDialog.show();
+          final derivedKey = await CryptoUtil.deriveKey(
+            utf8.encode(password) as Uint8List,
+            Sodium.base642bin(enteAuthExport.kdfParams.salt),
+            enteAuthExport.kdfParams.memLimit,
+            enteAuthExport.kdfParams.opsLimit,
+          );
+          Uint8List? decryptedContent;
+          // Encrypt the key with this derived key
+          try {
+            decryptedContent = await CryptoUtil.decryptChaCha(
+              Sodium.base642bin(enteAuthExport.encryptedData),
+              derivedKey,
+              Sodium.base642bin(enteAuthExport.encryptionNonce),
+            );
+          } catch (e) {
+            showToast(context, l10n.incorrectPasswordTitle);
+            isPasswordIncorrect = true;
+          }
+          if (isPasswordIncorrect) {
+            await progressDialog.hide();
+
+            Future.delayed(const Duration(seconds: 0), () {
+              _decryptExportData(context, enteAuthExport, password: password);
+            });
+            return;
+          }
+          String content = utf8.decode(decryptedContent!);
+          List<String> splitCodes = content.split("\n");
+          final parsedCodes = [];
+          for (final code in splitCodes) {
+            try {
+              parsedCodes.add(Code.fromRawData(code));
+            } catch (e) {
+              Logger('EncryptedText').severe("Could not parse code", e);
+            }
+          }
+          for (final code in parsedCodes) {
+            await CodeStore.instance.addCode(code, shouldSync: false);
+          }
+          unawaited(AuthenticatorService.instance.sync());
+          importedCodeCount = parsedCodes.length;
+          await progressDialog.hide();
+        } catch (e, s) {
+          await progressDialog.hide();
+          Logger("ExportWidget").severe(e, s);
+          showToast(context, "Error while exporting codes.");
+        }
+      }
+    },
+  );
+  if (importedCodeCount != null) {
+    await importSuccessDialog(context, importedCodeCount!);
+  }
+}
+
+Future<void> _pickEnteJsonFile(BuildContext context) async {
+  FilePickerResult? result = await FilePicker.platform.pickFiles();
+  if (result == null) {
+    return;
+  }
+
+  try {
+    File file = File(result.files.single.path!);
+    final jsonString = await file.readAsString();
+    EnteAuthExport exportedData =
+        EnteAuthExport.fromJson(jsonDecode(jsonString));
+    await _decryptExportData(context, exportedData);
+  } catch (e) {
+    await showErrorDialog(
+      context,
+      context.l10n.sorry,
+      context.l10n.importFailureDesc,
+    );
+  }
+}

lib/ui/settings/data/import/google_auth_import.dart

@@ -0,0 +1,134 @@
+import 'dart:async';
+import 'dart:convert';
+import 'dart:typed_data';
+import 'package:base32/base32.dart';
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/code.dart';
+import 'package:ente_auth/models/protos/googleauth.pb.dart';
+import 'package:ente_auth/services/authenticator_service.dart';
+import 'package:ente_auth/store/code_store.dart';
+import 'package:ente_auth/ui/components/buttons/button_widget.dart';
+import 'package:ente_auth/ui/components/dialog_widget.dart';
+import 'package:ente_auth/ui/components/models/button_type.dart';
+import 'package:ente_auth/ui/scanner_gauth_page.dart';
+import 'package:ente_auth/ui/settings/data/import/import_success.dart';
+import 'package:flutter/material.dart';
+import 'package:flutter/widgets.dart';
+import 'package:logging/logging.dart';
+
+const kGoogleAuthExportPrefix = 'otpauth-migration://offline?data=';
+
+Future<void> showGoogleAuthInstruction(BuildContext context) async {
+  final l10n = context.l10n;
+  final result = await showDialogWidget(
+    context: context,
+    title: l10n.importFromApp("Google Authenticator"),
+    body: l10n.importGoogleAuthGuide,
+    buttons: [
+      ButtonWidget(
+        buttonType: ButtonType.primary,
+        labelText: l10n.scanAQrCode,
+        isInAlert: true,
+        buttonSize: ButtonSize.large,
+        buttonAction: ButtonAction.first,
+      ),
+      ButtonWidget(
+        buttonType: ButtonType.secondary,
+        labelText: context.l10n.cancel,
+        buttonSize: ButtonSize.large,
+        isInAlert: true,
+        buttonAction: ButtonAction.second,
+      ),
+    ],
+  );
+  if (result?.action != null && result!.action != ButtonAction.cancel) {
+    if (result.action == ButtonAction.first) {
+      final List<Code>? codes = await Navigator.of(context).push(
+        MaterialPageRoute(
+          builder: (BuildContext context) {
+            return const ScannerGoogleAuthPage();
+          },
+        ),
+      );
+      if (codes == null || codes.isEmpty) {
+        return;
+      }
+      for (final code in codes) {
+        await CodeStore.instance.addCode(code, shouldSync: false);
+      }
+      unawaited(AuthenticatorService.instance.sync());
+      importSuccessDialog(context, codes.length);
+    }
+  }
+}
+
+List<Code> parseGoogleAuth(String qrCodeData) {
+  try {
+    List<Code> codes = <Code>[];
+    final String payload = qrCodeData.substring(kGoogleAuthExportPrefix.length);
+    debugPrint("GoogleAuthImport: payload: $payload");
+    final Uint8List base64Decoded = base64Decode(Uri.decodeComponent(payload));
+    final MigrationPayload mPayload =
+        MigrationPayload.fromBuffer(base64Decoded);
+    for (var otpParameter in mPayload.otpParameters) {
+      // Build the OTP URL
+      String otpUrl;
+      String issuer = otpParameter.issuer;
+      String account = otpParameter.name;
+      var counter = otpParameter.counter;
+      // Create a list of bytes from the list of integers.
+      Uint8List bytes = Uint8List.fromList(otpParameter.secret);
+
+      // Encode the bytes to base 32.
+      String base32String = base32.encode(bytes);
+      String secret = base32String;
+      // identify digit count
+      int digits = 6;
+      int timer = 30; // default timer, no field in Google Auth
+      Algorithm algorithm = Algorithm.sha1;
+      switch (otpParameter.algorithm) {
+        case MigrationPayload_Algorithm.ALGORITHM_MD5:
+          throw Exception('GoogleAuthImport: MD5 is not supported');
+        case MigrationPayload_Algorithm.ALGORITHM_SHA1:
+          algorithm = Algorithm.sha1;
+          break;
+        case MigrationPayload_Algorithm.ALGORITHM_SHA256:
+          algorithm = Algorithm.sha256;
+          break;
+        case MigrationPayload_Algorithm.ALGORITHM_SHA512:
+          algorithm = Algorithm.sha512;
+          break;
+        case MigrationPayload_Algorithm.ALGORITHM_UNSPECIFIED:
+          algorithm = Algorithm.sha1;
+          break;
+      }
+      switch (otpParameter.digits) {
+        case MigrationPayload_DigitCount.DIGIT_COUNT_EIGHT:
+          digits = 8;
+          break;
+        case MigrationPayload_DigitCount.DIGIT_COUNT_SIX:
+          digits = 6;
+          break;
+        case MigrationPayload_DigitCount.DIGIT_COUNT_UNSPECIFIED:
+          digits = 6;
+      }
+
+      if (otpParameter.type == MigrationPayload_OtpType.OTP_TYPE_TOTP ||
+          otpParameter.type == MigrationPayload_OtpType.OTP_TYPE_UNSPECIFIED) {
+        otpUrl =
+            'otpauth://totp/$issuer:$account?secret=$secret&issuer=$issuer&algorithm=$algorithm&digits=$digits&period=$timer';
+      } else if (otpParameter.type == MigrationPayload_OtpType.OTP_TYPE_HOTP) {
+        otpUrl =
+            'otpauth://hotp/$issuer:$account?secret=$secret&issuer=$issuer&algorithm=$algorithm&digits=$digits&counter=$counter';
+      } else {
+        throw Exception('Invalid OTP type');
+      }
+      codes.add(Code.fromRawData(otpUrl));
+    }
+    return codes;
+  } catch (e, s) {
+    Logger("GoogleAuthImport")
+        .severe("Error while parsing Google Auth QR code", e, s);
+    throw Exception('Failed to parse Google Auth QR code \n ${e.toString()}');
+  }
+}

lib/ui/settings/data/import/import_service.dart

@@ -0,0 +1,33 @@
+import 'package:ente_auth/ui/settings/data/import/encrypted_ente_import.dart';
+import 'package:ente_auth/ui/settings/data/import/google_auth_import.dart';
+import 'package:ente_auth/ui/settings/data/import/plain_text_import.dart';
+import 'package:ente_auth/ui/settings/data/import/raivo_plain_text_import.dart';
+import 'package:ente_auth/ui/settings/data/import_page.dart';
+import 'package:flutter/cupertino.dart';
+
+class ImportService {
+  static final ImportService _instance = ImportService._internal();
+
+  factory ImportService() => _instance;
+
+  ImportService._internal();
+
+  Future<void> initiateImport(BuildContext context, ImportType type) async {
+    switch (type) {
+      case ImportType.plainText:
+        showImportInstructionDialog(context);
+        break;
+      case ImportType.encrypted:
+        showEncryptedImportInstruction(context);
+        break;
+      case ImportType.ravio:
+        showRaivoImportInstruction(context);
+        break;
+      case ImportType.googleAuthenticator:
+        showGoogleAuthInstruction(context);
+
+        // showToast(context, 'coming soon');
+        break;
+    }
+  }
+}

lib/ui/settings/data/import/import_success.dart

@@ -0,0 +1,26 @@
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/ui/components/dialog_widget.dart';
+import 'package:ente_auth/ui/components/models/button_type.dart';
+import 'package:ente_auth/utils/dialog_util.dart';
+import 'package:flutter/cupertino.dart';
+
+Future<void> importSuccessDialog(BuildContext context, int count) async {
+  final DialogWidget dialog = choiceDialog(
+    title: context.l10n.importSuccessTitle,
+    body: context.l10n.importSuccessDesc(count),
+    firstButtonLabel: context.l10n.ok,
+    firstButtonOnTap: () async {
+      Navigator.of(context).pop();
+      if(Navigator.of(context).canPop()) {
+        Navigator.of(context).pop();
+      }
+    },
+    firstButtonType: ButtonType.primary,
+  );
+  await showConfettiDialog(
+    context: context,
+    dialogBuilder: (BuildContext context) {
+      return dialog;
+    },
+  );
+}

lib/ui/settings/data/import/plain_text_import.dart

@@ -0,0 +1,136 @@
+import 'dart:async';
+import 'dart:io';
+import 'dart:ui';
+
+import 'package:ente_auth/ente_theme_data.dart';
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/code.dart';
+import 'package:ente_auth/services/authenticator_service.dart';
+import 'package:ente_auth/store/code_store.dart';
+import 'package:ente_auth/ui/settings/data/import/import_success.dart';
+import 'package:ente_auth/utils/dialog_util.dart';
+import 'package:file_picker/file_picker.dart';
+import 'package:flutter/cupertino.dart';
+import 'package:flutter/material.dart';
+import 'package:logging/logging.dart';
+
+class PlainTextImport extends StatelessWidget {
+  const PlainTextImport({super.key});
+
+  @override
+  Widget build(BuildContext context) {
+    final l10n = context.l10n;
+    return Column(
+      children: [
+        Text(
+          l10n.importInstruction,
+        ),
+        const SizedBox(
+          height: 20,
+        ),
+        Container(
+          color: Theme.of(context).colorScheme.gNavBackgroundColor,
+          child: Padding(
+            padding: const EdgeInsets.all(8),
+            child: Text(
+              "otpauth://totp/provider.com:you@email.com?secret=YOUR_SECRET",
+              style: TextStyle(
+                fontFeatures: const [FontFeature.tabularFigures()],
+                fontFamily: Platform.isIOS ? "Courier" : "monospace",
+                fontSize: 13,
+              ),
+            ),
+          ),
+        ),
+        const SizedBox(
+          height: 20,
+        ),
+        Text(l10n.importCodeDelimiterInfo),
+      ],
+    );
+  }
+
+}
+
+
+Future<void> showImportInstructionDialog(BuildContext context) async {
+  final l10n = context.l10n;
+  final AlertDialog alert = AlertDialog(
+    shape: RoundedRectangleBorder(borderRadius: BorderRadius.circular(10)),
+    title: Text(
+      l10n.importCodes,
+      style: Theme.of(context).textTheme.headline6,
+    ),
+    content: const SingleChildScrollView(
+      child: PlainTextImport(),
+    ),
+    actions: [
+      TextButton(
+        child: Text(
+          l10n.cancel,
+          style: const TextStyle(
+            color: Colors.red,
+          ),
+        ),
+        onPressed: () {
+          Navigator.of(context, rootNavigator: true).pop('dialog');
+        },
+      ),
+      TextButton(
+        child: Text(l10n.selectFile),
+        onPressed: () {
+          Navigator.of(context, rootNavigator: true).pop('dialog');
+          _pickImportFile(context);
+        },
+      ),
+    ],
+  );
+
+  return showDialog(
+    context: context,
+    builder: (BuildContext context) {
+      return alert;
+    },
+    barrierColor: Colors.black12,
+  );
+}
+
+
+Future<void> _pickImportFile(BuildContext context) async {
+  final l10n = context.l10n;
+  FilePickerResult? result = await FilePicker.platform.pickFiles();
+  if (result == null) {
+    return;
+  }
+  final progressDialog = createProgressDialog(context, l10n.pleaseWait);
+  await progressDialog.show();
+  try {
+    File file = File(result.files.single.path!);
+    final codes = await file.readAsString();
+    List<String> splitCodes = codes.split(",");
+    if (splitCodes.length == 1) {
+      splitCodes = codes.split("\n");
+    }
+    final parsedCodes = [];
+    for (final code in splitCodes) {
+      try {
+        parsedCodes.add(Code.fromRawData(code));
+      } catch (e) {
+        Logger('PlainText').severe("Could not parse code", e);
+      }
+    }
+    for (final code in parsedCodes) {
+      await CodeStore.instance.addCode(code, shouldSync: false);
+    }
+    unawaited(AuthenticatorService.instance.sync());
+    await progressDialog.hide();
+    await importSuccessDialog(context, parsedCodes.length);
+  } catch (e) {
+    await progressDialog.hide();
+    await showErrorDialog(
+      context,
+      context.l10n.sorry,
+      context.l10n.importFailureDesc,
+    );
+  }
+}

lib/ui/settings/data/import/raivo_plain_text_import.dart

@@ -0,0 +1,117 @@
+import 'dart:async';
+import 'dart:convert';
+import 'dart:io';
+
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/code.dart';
+import 'package:ente_auth/services/authenticator_service.dart';
+import 'package:ente_auth/store/code_store.dart';
+import 'package:ente_auth/ui/components/buttons/button_widget.dart';
+import 'package:ente_auth/ui/components/dialog_widget.dart';
+import 'package:ente_auth/ui/components/models/button_type.dart';
+import 'package:ente_auth/ui/settings/data/import/import_success.dart';
+import 'package:ente_auth/utils/dialog_util.dart';
+import 'package:file_picker/file_picker.dart';
+import 'package:flutter/cupertino.dart';
+import 'package:flutter/material.dart';
+
+Future<void> showRaivoImportInstruction(BuildContext context) async {
+  final l10n = context.l10n;
+  final result = await showDialogWidget(
+    context: context,
+    title: l10n.importFromApp("Raivo OTP"),
+    body: l10n.importRaivoGuide,
+    buttons: [
+      ButtonWidget(
+        buttonType: ButtonType.primary,
+        labelText: l10n.importSelectJsonFile,
+        isInAlert: true,
+        buttonSize: ButtonSize.large,
+        buttonAction: ButtonAction.first,
+      ),
+      ButtonWidget(
+        buttonType: ButtonType.secondary,
+        labelText: context.l10n.cancel,
+        buttonSize: ButtonSize.large,
+        isInAlert: true,
+        buttonAction: ButtonAction.second,
+      ),
+    ],
+  );
+  if (result?.action != null && result!.action != ButtonAction.cancel) {
+    if (result.action == ButtonAction.first) {
+      await _pickRaivoJsonFile(context);
+    } else {}
+  }
+}
+
+Future<void> _pickRaivoJsonFile(BuildContext context) async {
+  final l10n = context.l10n;
+  FilePickerResult? result = await FilePicker.platform.pickFiles();
+  if (result == null) {
+    return;
+  }
+  final progressDialog = createProgressDialog(context, l10n.pleaseWait);
+  await progressDialog.show();
+  try {
+    String path = result.files.single.path!;
+    int? count = await _processRaivoExportFile(context, path);
+    await progressDialog.hide();
+    if(count != null) {
+      await importSuccessDialog(context, count);
+    }
+  } catch (e) {
+    await progressDialog.hide();
+    await showErrorDialog(
+      context,
+      context.l10n.sorry,
+      context.l10n.importFailureDesc,
+    );
+  }
+}
+
+Future<int?> _processRaivoExportFile(BuildContext context,String path) async {
+  File file = File(path);
+  if(path.endsWith('.zip')) {
+    await showErrorDialog(
+      context,
+      context.l10n.sorry,
+      "We don't support zip files yet. Please unzip the file and try again.",
+    );
+    return null;
+  }
+  final jsonString = await file.readAsString();
+  List<dynamic> jsonArray = jsonDecode(jsonString);
+  final parsedCodes = [];
+  for (var item in jsonArray) {
+    var kind = item['kind'];
+    var algorithm = item['algorithm'];
+    var timer = item['timer'];
+    var digits = item['digits'];
+    var issuer = item['issuer'];
+    var secret = item['secret'];
+    var account = item['account'];
+    var counter = item['counter'];
+
+    // Build the OTP URL
+    String otpUrl;
+
+    if (kind.toLowerCase() == 'totp') {
+      otpUrl =
+          'otpauth://$kind/$issuer:$account?secret=$secret&issuer=$issuer&algorithm=$algorithm&digits=$digits&period=$timer';
+    } else if (kind.toLowerCase() == 'hotp') {
+      otpUrl =
+          'otpauth://$kind/$issuer:$account?secret=$secret&issuer=$issuer&algorithm=$algorithm&digits=$digits&counter=$counter';
+    } else {
+      throw Exception('Invalid OTP type');
+    }
+    parsedCodes.add(Code.fromRawData(otpUrl));
+  }
+
+  for (final code in parsedCodes) {
+    await CodeStore.instance.addCode(code, shouldSync: false);
+  }
+  unawaited(AuthenticatorService.instance.sync());
+  int count = parsedCodes.length;
+  return count;
+}

lib/ui/settings/data/import_page.dart

@@ -0,0 +1,115 @@
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/theme/ente_theme.dart';
+import 'package:ente_auth/ui/components/buttons/icon_button_widget.dart';
+import 'package:ente_auth/ui/components/captioned_text_widget.dart';
+import 'package:ente_auth/ui/components/divider_widget.dart';
+import 'package:ente_auth/ui/components/menu_item_widget.dart';
+import 'package:ente_auth/ui/components/title_bar_title_widget.dart';
+import 'package:ente_auth/ui/components/title_bar_widget.dart';
+import 'package:ente_auth/ui/settings/data/import/import_service.dart';
+import 'package:flutter/cupertino.dart';
+import 'package:flutter/material.dart';
+
+enum ImportType {
+  plainText,
+  encrypted,
+  ravio,
+  googleAuthenticator,
+}
+
+class ImportCodePage extends StatelessWidget {
+  late List<ImportType> importOptions = [
+    ImportType.plainText,
+    ImportType.encrypted,
+    ImportType.ravio,
+    ImportType.googleAuthenticator,
+  ];
+
+  ImportCodePage({super.key});
+
+  String getTitle(BuildContext context, ImportType type) {
+    switch (type) {
+      case ImportType.plainText:
+        return context.l10n.importTypePlainText;
+      case ImportType.encrypted:
+        return context.l10n.importTypeEnteEncrypted;
+      case ImportType.ravio:
+        return 'Raivo OTP';
+      case ImportType.googleAuthenticator:
+        return 'Google Authenticator';
+    }
+  }
+
+  @override
+  Widget build(BuildContext context) {
+    return Material(
+      color: Colors.transparent,
+      child: Scaffold(
+        body: CustomScrollView(
+          primary: false,
+          slivers: <Widget>[
+            TitleBarWidget(
+              flexibleSpaceTitle: TitleBarTitleWidget(
+                title: context.l10n.importCodes,
+              ),
+              flexibleSpaceCaption: "Import source",
+              actionIcons: [
+                IconButtonWidget(
+                  icon: Icons.close_outlined,
+                  iconButtonType: IconButtonType.secondary,
+                  onTap: () {
+                    Navigator.pop(context);
+                    if(Navigator.canPop(context)) {
+                      Navigator.pop(context);
+                    }
+                  },
+                ),
+              ],
+            ),
+            SliverList(
+              delegate: SliverChildBuilderDelegate(
+                (delegateBuildContext, index) {
+                  final type = importOptions[index];
+                  return Padding(
+                    padding: const EdgeInsets.symmetric(horizontal: 16.0),
+                    child: Column(
+                      children: [
+                        if (index == 0)
+                          const SizedBox(
+                            height: 24,
+                          ),
+                        MenuItemWidget(
+                          captionedTextWidget: CaptionedTextWidget(
+                            title: getTitle(context, type),
+                          ),
+                          alignCaptionedTextToLeft: true,
+                          menuItemColor: getEnteColorScheme(context).fillFaint,
+                          pressedColor: getEnteColorScheme(context).fillFaint,
+                          trailingIcon: Icons.chevron_right_outlined,
+                          isBottomBorderRadiusRemoved:
+                              index != importOptions.length - 1,
+                          isTopBorderRadiusRemoved: index != 0,
+                          onTap: () async {
+                            ImportService().initiateImport(context, type);
+                            // routeToPage(context, ImportCodePage());
+                            // _showImportInstructionDialog(context);
+                          },
+                        ),
+                        if (index != importOptions.length - 1)
+                          DividerWidget(
+                            dividerType: DividerType.menu,
+                            bgColor: getEnteColorScheme(context).fillFaint,
+                          ),
+                      ],
+                    ),
+                  );
+                },
+                childCount: importOptions.length,
+              ),
+            ),
+          ],
+        ),
+      ),
+    );
+  }
+}

lib/ui/settings/data_section_widget.dart

@@ -1,267 +0,0 @@
-import 'dart:async';
-import 'dart:io';
-import 'dart:ui';
-
-import 'package:ente_auth/core/configuration.dart';
-import 'package:ente_auth/ente_theme_data.dart';
-import 'package:ente_auth/l10n/l10n.dart';
-import 'package:ente_auth/models/code.dart';
-import 'package:ente_auth/services/authenticator_service.dart';
-import 'package:ente_auth/services/local_authentication_service.dart';
-import 'package:ente_auth/store/code_store.dart';
-import 'package:ente_auth/theme/ente_theme.dart';
-import 'package:ente_auth/ui/components/captioned_text_widget.dart';
-import 'package:ente_auth/ui/components/dialog_widget.dart';
-import 'package:ente_auth/ui/components/expandable_menu_item_widget.dart';
-import 'package:ente_auth/ui/components/menu_item_widget.dart';
-import 'package:ente_auth/ui/components/models/button_type.dart';
-import 'package:ente_auth/ui/settings/common_settings.dart';
-import 'package:ente_auth/utils/dialog_util.dart';
-import 'package:file_picker/file_picker.dart';
-import 'package:flutter/material.dart';
-import 'package:logging/logging.dart';
-import 'package:share_plus/share_plus.dart';
-
-class DataSectionWidget extends StatelessWidget {
-  final _logger = Logger("AccountSectionWidget");
-
-  final _codeFile = File(
-    Configuration.instance.getTempDirectory() + "ente-authenticator-codes.txt",
-  );
-
-  DataSectionWidget({Key? key}) : super(key: key);
-
-  @override
-  Widget build(BuildContext context) {
-    final l10n = context.l10n;
-    return ExpandableMenuItemWidget(
-      title: l10n.data,
-      selectionOptionsWidget: _getSectionOptions(context),
-      leadingIcon: Icons.key_outlined,
-    );
-  }
-
-  Column _getSectionOptions(BuildContext context) {
-    final l10n = context.l10n;
-    List<Widget> children = [];
-    children.addAll([
-      sectionOptionSpacing,
-      MenuItemWidget(
-        captionedTextWidget: CaptionedTextWidget(
-          title: l10n.importCodes,
-        ),
-        pressedColor: getEnteColorScheme(context).fillFaint,
-        trailingIcon: Icons.chevron_right_outlined,
-        trailingIconIsMuted: true,
-        onTap: () async {
-          _showImportInstructionDialog(context);
-        },
-      ),
-      sectionOptionSpacing,
-      MenuItemWidget(
-        captionedTextWidget: CaptionedTextWidget(
-          title: l10n.exportCodes,
-        ),
-        pressedColor: getEnteColorScheme(context).fillFaint,
-        trailingIcon: Icons.chevron_right_outlined,
-        trailingIconIsMuted: true,
-        onTap: () async {
-          _showExportWarningDialog(context);
-        },
-      ),
-      sectionOptionSpacing,
-    ]);
-    return Column(
-      children: children,
-    );
-  }
-
-  Future<void> _showImportInstructionDialog(BuildContext context) async {
-    final l10n = context.l10n;
-    final AlertDialog alert = AlertDialog(
-      shape: RoundedRectangleBorder(borderRadius: BorderRadius.circular(10)),
-      title: Text(
-        l10n.importCodes,
-        style: Theme.of(context).textTheme.headline6,
-      ),
-      content: SingleChildScrollView(
-        child: Column(
-          children: [
-            Text(
-              l10n.importInstruction,
-            ),
-            const SizedBox(
-              height: 20,
-            ),
-            Container(
-              color: Theme.of(context).colorScheme.gNavBackgroundColor,
-              child: Padding(
-                padding: const EdgeInsets.all(8),
-                child: Text(
-                  "otpauth://totp/provider.com:you@email.com?secret=YOUR_SECRET",
-                  style: TextStyle(
-                    fontFeatures: const [FontFeature.tabularFigures()],
-                    fontFamily: Platform.isIOS ? "Courier" : "monospace",
-                    fontSize: 13,
-                  ),
-                ),
-              ),
-            ),
-            const SizedBox(
-              height: 20,
-            ),
-            Text(l10n.importCodeDelimiterInfo),
-          ],
-        ),
-      ),
-      actions: [
-        TextButton(
-          child: Text(
-            l10n.cancel,
-            style: const TextStyle(
-              color: Colors.red,
-            ),
-          ),
-          onPressed: () {
-            Navigator.of(context, rootNavigator: true).pop('dialog');
-          },
-        ),
-        TextButton(
-          child: Text(l10n.selectFile),
-          onPressed: () {
-            Navigator.of(context, rootNavigator: true).pop('dialog');
-            _pickImportFile(context);
-          },
-        ),
-      ],
-    );
-
-    return showDialog(
-      context: context,
-      builder: (BuildContext context) {
-        return alert;
-      },
-      barrierColor: Colors.black12,
-    );
-  }
-
-  Future<void> _showExportWarningDialog(BuildContext context) async {
-    final AlertDialog alert = AlertDialog(
-      shape: RoundedRectangleBorder(borderRadius: BorderRadius.circular(10)),
-      title: Text(
-        context.l10n.warning,
-        style: Theme.of(context).textTheme.headline6,
-      ),
-      content: Text(
-        context.l10n.exportWarningDesc,
-      ),
-      actions: [
-        TextButton(
-          child: Text(
-            context.l10n.iUnderStand,
-            style: const TextStyle(
-              color: Colors.red,
-            ),
-          ),
-          onPressed: () {
-            Navigator.of(context, rootNavigator: true).pop('dialog');
-            _exportCodes(context);
-          },
-        ),
-        TextButton(
-          child: Text(
-            context.l10n.cancel,
-          ),
-          onPressed: () {
-            Navigator.of(context, rootNavigator: true).pop('dialog');
-          },
-        ),
-      ],
-    );
-
-    return showDialog(
-      context: context,
-      builder: (BuildContext context) {
-        return alert;
-      },
-      barrierColor: Colors.black12,
-    );
-  }
-
-  Future<void> _exportCodes(BuildContext context) async {
-    final hasAuthenticated = await LocalAuthenticationService.instance
-        .requestLocalAuthentication(context, context.l10n.authToExportCodes);
-    if (!hasAuthenticated) {
-      return;
-    }
-    if (_codeFile.existsSync()) {
-      await _codeFile.delete();
-    }
-    final codes = await CodeStore.instance.getAllCodes();
-    String data = "";
-    for (final code in codes) {
-      data += code.rawData + "\n";
-    }
-    _codeFile.writeAsStringSync(data);
-    await Share.shareFiles([_codeFile.path]);
-    Future.delayed(const Duration(seconds: 15), () async {
-      if (_codeFile.existsSync()) {
-        _codeFile.deleteSync();
-      }
-    });
-  }
-
-  Future<void> _pickImportFile(BuildContext context) async {
-    final l10n = context.l10n;
-    FilePickerResult? result = await FilePicker.platform.pickFiles();
-    if (result == null) {
-      return;
-    }
-    final dialog = createProgressDialog(context, l10n.pleaseWait);
-    await dialog.show();
-    try {
-      File file = File(result.files.single.path!);
-      final codes = await file.readAsString();
-      List<String> splitCodes = codes.split(",");
-      if (splitCodes.length == 1) {
-        splitCodes = codes.split("\n");
-      }
-      final parsedCodes = [];
-      for (final code in splitCodes) {
-        try {
-          parsedCodes.add(Code.fromRawData(code));
-        } catch (e) {
-          _logger.severe("Could not parse code", e);
-        }
-      }
-      for (final code in parsedCodes) {
-        await CodeStore.instance.addCode(code, shouldSync: false);
-      }
-      unawaited(AuthenticatorService.instance.sync());
-
-      final DialogWidget dialog = choiceDialog(
-        title: context.l10n.importSuccessTitle,
-        body: context.l10n.importSuccessDesc(parsedCodes.length),
-        // body: "You have imported " + parsedCodes.length.toString() + " codes!",
-        firstButtonLabel: l10n.ok,
-        firstButtonOnTap: () async {
-          Navigator.of(context, rootNavigator: true).pop('dialog');
-        },
-        firstButtonType: ButtonType.primary,
-      );
-      await showConfettiDialog(
-        context: context,
-        dialogBuilder: (BuildContext context) {
-          return dialog;
-        },
-      );
-    } catch (e) {
-      await dialog.hide();
-      await showErrorDialog(
-        context,
-        context.l10n.sorry,
-        context.l10n.importFailureDesc,
-      );
-    }
-  }
-}

lib/ui/settings/faq.dart

@@ -0,0 +1,124 @@
+import 'dart:convert';
+
+import 'package:ente_auth/ente_theme_data.dart';
+import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/ui/common/loading_widget.dart';
+import 'package:expansion_tile_card/expansion_tile_card.dart';
+import 'package:flutter/material.dart';
+
+class FAQQuestionsWidget extends StatelessWidget {
+  const FAQQuestionsWidget({
+    Key? key,
+  }) : super(key: key);
+
+  @override
+  Widget build(BuildContext context) {
+    return FutureBuilder<List<FaqItem>>(
+      future: Future.value(_getFAQs(context)),
+      builder: (BuildContext context, AsyncSnapshot snapshot) {
+        if (snapshot.hasData) {
+          final faqs = <Widget>[];
+          faqs.add(
+             Padding(
+              padding: const EdgeInsets.all(24),
+              child: Text(
+                context.l10n.faq,
+                style: const TextStyle(
+                  fontSize: 18,
+                  fontWeight: FontWeight.bold,
+                ),
+              ),
+            ),
+          );
+          for (final faq in snapshot.data) {
+            faqs.add(FaqWidget(faq: faq));
+          }
+          faqs.add(
+            const Padding(
+              padding: EdgeInsets.all(16),
+            ),
+          );
+          return SingleChildScrollView(
+            child: Column(
+              children: faqs,
+            ),
+          );
+        } else {
+          return const EnteLoadingWidget();
+        }
+      },
+    );
+  }
+
+  List<FaqItem> _getFAQs(BuildContext context) {
+    final l01n = context.l10n;
+    List<FaqItem> faqs = [];
+    faqs.add(FaqItem(q: l01n.faq_q_1, a: l01n.faq_a_1));
+    faqs.add(FaqItem(q: l01n.faq_q_2, a: l01n.faq_a_2));
+    faqs.add(FaqItem(q: l01n.faq_q_3, a: l01n.faq_a_3));
+    faqs.add(FaqItem(q: l01n.faq_q_4, a: l01n.faq_a_4));
+    faqs.add(FaqItem(q: l01n.faq_q_5, a: l01n.faq_a_5));
+    return faqs;
+  }
+}
+
+class FaqWidget extends StatelessWidget {
+  const FaqWidget({
+    Key? key,
+    required this.faq,
+  }) : super(key: key);
+
+  final FaqItem? faq;
+
+  @override
+  Widget build(BuildContext context) {
+    return Padding(
+      padding: const EdgeInsets.all(2),
+      child: ExpansionTileCard(
+        elevation: 0,
+        title: Text(faq!.q),
+        expandedTextColor: Theme.of(context).colorScheme.alternativeColor,
+        baseColor: Theme.of(context).cardColor,
+        children: [
+          Align(
+            alignment: Alignment.centerLeft,
+            child: Padding(
+              padding: const EdgeInsets.only(
+                left: 16,
+                right: 16,
+                bottom: 12,
+              ),
+              child: Text(
+                faq!.a,
+                style: const TextStyle(
+                  height: 1.5,
+                ),
+              ),
+            ),
+          )
+        ],
+      ),
+    );
+  }
+}
+
+class FaqItem {
+  final String q;
+  final String a;
+
+  FaqItem({
+    required this.q,
+    required this.a,
+  });
+
+  factory FaqItem.fromMap(Map<String, dynamic> map) {
+    return FaqItem(
+      q: map['q'] ?? 'q',
+      a: map['a'] ?? 'a',
+    );
+  }
+
+  factory FaqItem.fromJson(String source) =>
+      FaqItem.fromMap(json.decode(source));
+
+}

lib/ui/settings/security_section_widget.dart

@@ -1,14 +1,26 @@
+import 'dart:async';
+import 'dart:typed_data';
+
 import 'package:ente_auth/core/configuration.dart';
 import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/models/user_details.dart';
 import 'package:ente_auth/services/local_authentication_service.dart';
+import 'package:ente_auth/services/user_service.dart';
 import 'package:ente_auth/theme/ente_theme.dart';
+import 'package:ente_auth/ui/account/recovery_key_page.dart';
+import 'package:ente_auth/ui/account/request_pwd_verification_page.dart';
 import 'package:ente_auth/ui/account/sessions_page.dart';
 import 'package:ente_auth/ui/components/captioned_text_widget.dart';
 import 'package:ente_auth/ui/components/expandable_menu_item_widget.dart';
 import 'package:ente_auth/ui/components/menu_item_widget.dart';
 import 'package:ente_auth/ui/components/toggle_switch_widget.dart';
 import 'package:ente_auth/ui/settings/common_settings.dart';
+import 'package:ente_auth/utils/crypto_util.dart';
+import 'package:ente_auth/utils/dialog_util.dart';
+import 'package:ente_auth/utils/navigation_util.dart';
+import 'package:ente_auth/utils/toast_util.dart';
 import 'package:flutter/material.dart';
+import 'package:flutter_sodium/flutter_sodium.dart';
 
 class SecuritySectionWidget extends StatefulWidget {
   const SecuritySectionWidget({Key? key}) : super(key: key);
@@ -41,9 +53,49 @@ class _SecuritySectionWidgetState extends State<SecuritySectionWidget> {
   }
 
   Widget _getSectionOptions(BuildContext context) {
+    final bool? canDisableMFA = UserService.instance.canDisableEmailMFA();
+    if (canDisableMFA == null) {
+      // We don't know if the user can disable MFA yet, so we fetch the info
+      UserService.instance.getUserDetailsV2().ignore();
+    }
     final l10n = context.l10n;
     final List<Widget> children = [];
     children.addAll([
+      sectionOptionSpacing,
+      MenuItemWidget(
+        captionedTextWidget: CaptionedTextWidget(
+          title: l10n.recoveryKey,
+        ),
+        pressedColor: getEnteColorScheme(context).fillFaint,
+        trailingIcon: Icons.chevron_right_outlined,
+        trailingIconIsMuted: true,
+        onTap: () async {
+          final hasAuthenticated = await LocalAuthenticationService.instance
+              .requestLocalAuthentication(
+            context,
+            l10n.authToViewYourRecoveryKey,
+          );
+          if (hasAuthenticated) {
+            String recoveryKey;
+            try {
+              recoveryKey =
+                  Sodium.bin2hex(Configuration.instance.getRecoveryKey());
+            } catch (e) {
+              showGenericErrorDialog(context: context);
+              return;
+            }
+            routeToPage(
+              context,
+              RecoveryKeyPage(
+                recoveryKey,
+                l10n.ok,
+                showAppBar: true,
+                onDone: () {},
+              ),
+            );
+          }
+        },
+      ),
       MenuItemWidget(
         captionedTextWidget: CaptionedTextWidget(
           title: l10n.lockscreen,
@@ -65,6 +117,29 @@ class _SecuritySectionWidgetState extends State<SecuritySectionWidget> {
         ),
       ),
       sectionOptionSpacing,
+      MenuItemWidget(
+        captionedTextWidget: CaptionedTextWidget(
+          title: l10n.emailVerificationToggle,
+        ),
+        trailingWidget: ToggleSwitchWidget(
+          value: () => UserService.instance.hasEmailMFAEnabled(),
+          onChanged: () async {
+            final hasAuthenticated = await LocalAuthenticationService.instance
+                .requestLocalAuthentication(
+              context,
+              l10n.authToChangeEmailVerificationSetting,
+            );
+            final isEmailMFAEnabled = UserService.instance.hasEmailMFAEnabled();
+            if (hasAuthenticated) {
+              await updateEmailMFA(!isEmailMFAEnabled);
+              if (mounted) {
+                setState(() {});
+              }
+            }
+          },
+        ),
+      ),
+      sectionOptionSpacing,
       MenuItemWidget(
         captionedTextWidget: CaptionedTextWidget(
           title: context.l10n.viewActiveSessions,
@@ -95,4 +170,19 @@ class _SecuritySectionWidgetState extends State<SecuritySectionWidget> {
       children: children,
     );
   }
+
+  Future<void> updateEmailMFA(bool isEnabled) async {
+    try {
+      final UserDetails details = await UserService.instance.getUserDetailsV2(memoryCount: false);
+      if(details.profileData?.canDisableEmailMFA == false) {
+        await routeToPage(context, RequestPasswordVerificationPage(onPasswordVerified: (Uint8List keyEncryptionKey) async {
+          final Uint8List loginKey = await CryptoUtil.deriveLoginKey(keyEncryptionKey);
+          await UserService.instance.registerOrUpdateSrp(loginKey);
+        },),);
+      }
+      await UserService.instance.updateEmailMFA(isEnabled);
+    } catch (e) {
+      showToast(context, context.l10n.somethingWentWrongMessage);
+    }
+  }
 }

lib/ui/settings/social_section_widget.dart

@@ -1,4 +1,7 @@
+import 'dart:io';
+
 import 'package:ente_auth/l10n/l10n.dart';
+import 'package:ente_auth/services/update_service.dart';
 import 'package:ente_auth/theme/ente_theme.dart';
 import 'package:ente_auth/ui/components/captioned_text_widget.dart';
 import 'package:ente_auth/ui/components/expandable_menu_item_widget.dart';
@@ -21,10 +24,32 @@ class SocialSectionWidget extends StatelessWidget {
   }
 
   Widget _getSectionOptions(BuildContext context) {
+    final l10n = context.l10n;
+    final result = UpdateService.instance.getRateDetails();
+    final String ratePlace = result.item1;
+    final String rateUrl = result.item2;
+
     final List<Widget> options = [
+      sectionOptionSpacing,
+      SocialsMenuItemWidget(l10n.rateUsOnStore(ratePlace), rateUrl),
+      sectionOptionSpacing,
+      SocialsMenuItemWidget(
+        l10n.blog,
+        "https://ente.io/blog",
+        launchInExternalApp: !Platform.isAndroid,
+      ),
+      sectionOptionSpacing,
+      SocialsMenuItemWidget(
+        l10n.merchandise,
+        "https://shop.ente.io",
+        launchInExternalApp: !Platform.isAndroid,
+      ),
+      const SocialsMenuItemWidget("Mastodon", "https://mstdn.social/@ente/"),
       sectionOptionSpacing,
       const SocialsMenuItemWidget("Twitter", "https://twitter.com/enteio"),
       sectionOptionSpacing,
+      const SocialsMenuItemWidget("Matrix", "https://ente.io/matrix"),
+      sectionOptionSpacing,
       const SocialsMenuItemWidget("Discord", "https://ente.io/discord"),
       sectionOptionSpacing,
       const SocialsMenuItemWidget("Reddit", "https://reddit.com/r/enteio"),
@@ -36,9 +61,15 @@ class SocialSectionWidget extends StatelessWidget {
 
 class SocialsMenuItemWidget extends StatelessWidget {
   final String text;
-  final String urlSring;
-  const SocialsMenuItemWidget(this.text, this.urlSring, {Key? key})
-      : super(key: key);
+  final String url;
+  final bool launchInExternalApp;
+
+  const SocialsMenuItemWidget(
+      this.text,
+      this.url, {
+        Key? key,
+        this.launchInExternalApp = true,
+      }) : super(key: key);
 
   @override
   Widget build(BuildContext context) {
@@ -50,7 +81,12 @@ class SocialsMenuItemWidget extends StatelessWidget {
       trailingIcon: Icons.chevron_right_outlined,
       trailingIconIsMuted: true,
       onTap: () async {
-        launchUrlString(urlSring);
+        launchUrlString(
+          url,
+          mode: launchInExternalApp
+              ? LaunchMode.externalApplication
+              : LaunchMode.platformDefault,
+        );
       },
     );
   }

lib/ui/settings/support_dev_widget.dart

@@ -23,7 +23,7 @@ class SupportDevWidget extends StatelessWidget {
       builder: (context, snapshot) {
         if (snapshot.hasData) {
           final subscription = snapshot.data;
-          if (subscription != null && subscription.productID != "free") {
+          if (subscription != null && subscription.productID == "free") {
             return GestureDetector(
               onTap: () {
                 launchUrl(Uri.parse("https://ente.io"));

lib/ui/settings/support_section_widget.dart

@@ -7,8 +7,10 @@ import 'package:ente_auth/ui/components/expandable_menu_item_widget.dart';
 import 'package:ente_auth/ui/components/menu_item_widget.dart';
 import 'package:ente_auth/ui/components/toggle_switch_widget.dart';
 import 'package:ente_auth/ui/settings/common_settings.dart';
+import 'package:ente_auth/ui/settings/faq.dart';
 import 'package:ente_auth/utils/email_util.dart';
 import 'package:flutter/material.dart';
+import 'package:url_launcher/url_launcher_string.dart';
 
 class SupportSectionWidget extends StatefulWidget {
   const SupportSectionWidget({Key? key}) : super(key: key);
@@ -33,6 +35,41 @@ class _SupportSectionWidgetState extends State<SupportSectionWidget> {
     return Column(
       children: [
         sectionOptionSpacing,
+
+        MenuItemWidget(
+          captionedTextWidget: CaptionedTextWidget(
+            title: l10n.faq,
+          ),
+          pressedColor: getEnteColorScheme(context).fillFaint,
+          trailingIcon: Icons.chevron_right_outlined,
+          trailingIconIsMuted: true,
+          onTap: () async {
+            showModalBottomSheet<void>(
+              backgroundColor: Theme.of(context).colorScheme.background,
+              barrierColor: Colors.black87,
+              context: context,
+              builder: (context) {
+                return const FAQQuestionsWidget();
+              },
+            );
+          },
+        ),
+        sectionOptionSpacing,
+        MenuItemWidget(
+          captionedTextWidget: CaptionedTextWidget(
+            title: l10n.suggestFeatures,
+          ),
+          pressedColor: getEnteColorScheme(context).fillFaint,
+          trailingIcon: Icons.chevron_right_outlined,
+          trailingIconIsMuted: true,
+          onTap: () async {
+            launchUrlString(
+              githubIssuesUrl,
+              mode: LaunchMode.externalApplication,
+            );
+          },
+        ),
+        sectionOptionSpacing,
         MenuItemWidget(
           captionedTextWidget: CaptionedTextWidget(
             title: l10n.email,

lib/ui/settings_page.dart

@@ -1,12 +1,12 @@
 import 'dart:io';
 
+import 'package:ente_auth/services/user_service.dart';
 import 'package:ente_auth/theme/colors.dart';
 import 'package:ente_auth/theme/ente_theme.dart';
 import 'package:ente_auth/ui/settings/about_section_widget.dart';
 import 'package:ente_auth/ui/settings/account_section_widget.dart';
 import 'package:ente_auth/ui/settings/app_version_widget.dart';
-import 'package:ente_auth/ui/settings/danger_section_widget.dart';
-import 'package:ente_auth/ui/settings/data_section_widget.dart';
+import 'package:ente_auth/ui/settings/data/data_section_widget.dart';
 import 'package:ente_auth/ui/settings/security_section_widget.dart';
 import 'package:ente_auth/ui/settings/social_section_widget.dart';
 import 'package:ente_auth/ui/settings/support_dev_widget.dart';
@@ -20,8 +20,10 @@ class SettingsPage extends StatelessWidget {
   final ValueNotifier<String?> emailNotifier;
   const SettingsPage({Key? key, required this.emailNotifier}) : super(key: key);
 
+
   @override
   Widget build(BuildContext context) {
+    UserService.instance.getUserDetailsV2().ignore();
     final enteColorScheme = getEnteColorScheme(context);
     return Scaffold(
       body: Container(
@@ -79,8 +81,6 @@ class SettingsPage extends StatelessWidget {
       const SocialSectionWidget(),
       sectionSpacing,
       const AboutSectionWidget(),
-      sectionSpacing,
-      const DangerSectionWidget(),
       const AppVersionWidget(),
       const SupportDevWidget(),
       const Padding(

lib/utils/auth_util.dart

@@ -1,5 +1,5 @@
-import 'package:local_auth/auth_strings.dart';
 import 'package:local_auth/local_auth.dart';
+import 'package:local_auth_android/local_auth_android.dart';
 import 'package:logging/logging.dart';
 
 Future<bool> requestAuthentication(String reason) async {
@@ -7,18 +7,20 @@ Future<bool> requestAuthentication(String reason) async {
   await LocalAuthentication().stopAuthentication();
   return await LocalAuthentication().authenticate(
     localizedReason: reason,
-    androidAuthStrings: const AndroidAuthMessages(
-      biometricHint: "Verify identity",
-      biometricNotRecognized: "Not recognized, try again",
-      biometricRequiredTitle: "Biometric required",
-      biometricSuccess: "Successfully verified",
-      cancelButton: "Cancel",
-      deviceCredentialsRequiredTitle: "Device credentials required",
-      deviceCredentialsSetupDescription: "Device credentials required",
-      goToSettingsButton: "Go to settings",
-      goToSettingsDescription:
-          "Authentication is not setup on your device, go to Settings > Security to set it up",
-      signInTitle: "Authentication required",
-    ),
+    authMessages: [
+      const AndroidAuthMessages(
+        biometricHint: "Verify identity",
+        biometricNotRecognized: "Not recognized, try again",
+        biometricRequiredTitle: "Biometric required",
+        biometricSuccess: "Successfully verified",
+        cancelButton: "Cancel",
+        deviceCredentialsRequiredTitle: "Device credentials required",
+        deviceCredentialsSetupDescription: "Device credentials required",
+        goToSettingsButton: "Go to settings",
+        goToSettingsDescription:
+            "Authentication is not setup on your device, go to Settings > Security to set it up",
+        signInTitle: "Authentication required",
+      ),
+    ],
   );
 }

lib/utils/crypto_util.dart

@@ -1,7 +1,9 @@
+import 'dart:convert';
 import 'dart:io' as io;
 import 'dart:typed_data';
 
 import 'package:computer/computer.dart';
+import 'package:ente_auth/core/errors.dart';
 import 'package:ente_auth/models/derived_key_result.dart';
 import 'package:ente_auth/models/encryption_result.dart';
 import 'package:ente_auth/utils/device_info.dart';
@@ -11,6 +13,10 @@ import 'package:logging/logging.dart';
 const int encryptionChunkSize = 4 * 1024 * 1024;
 final int decryptionChunkSize =
     encryptionChunkSize + Sodium.cryptoSecretstreamXchacha20poly1305Abytes;
+const int hashChunkSize = 4 * 1024 * 1024;
+const int loginSubKeyLen = 32;
+const int loginSubKeyId = 1;
+const String loginSubKeyContext = "loginctx";
 
 Uint8List cryptoSecretboxEasy(Map<String, dynamic> args) {
   return Sodium.cryptoSecretboxEasy(args["source"], args["nonce"], args["key"]);
@@ -31,35 +37,47 @@ Uint8List cryptoPwHash(Map<String, dynamic> args) {
     args["salt"],
     args["opsLimit"],
     args["memLimit"],
-    Sodium.cryptoPwhashAlgDefault,
+    Sodium.cryptoPwhashAlgArgon2id13,
   );
 }
 
-Uint8List cryptoGenericHash(Map<String, dynamic> args) {
+Uint8List cryptoKdfDeriveFromKey(
+    Map<String, dynamic> args,
+    ) {
+  return Sodium.cryptoKdfDeriveFromKey(
+    args["subkeyLen"],
+    args["subkeyId"],
+    args["context"],
+    args["key"],
+  );
+}
+
+// Returns the hash for a given file, chunking it in batches of hashChunkSize
+Future<Uint8List> cryptoGenericHash(Map<String, dynamic> args) async {
   final sourceFile = io.File(args["sourceFilePath"]);
-  final sourceFileLength = sourceFile.lengthSync();
+  final sourceFileLength = await sourceFile.length();
   final inputFile = sourceFile.openSync(mode: io.FileMode.read);
   final state =
-      Sodium.cryptoGenerichashInit(null, Sodium.cryptoGenerichashBytesMax);
+  Sodium.cryptoGenerichashInit(null, Sodium.cryptoGenerichashBytesMax);
   var bytesRead = 0;
   bool isDone = false;
   while (!isDone) {
-    var chunkSize = encryptionChunkSize;
+    var chunkSize = hashChunkSize;
     if (bytesRead + chunkSize >= sourceFileLength) {
       chunkSize = sourceFileLength - bytesRead;
       isDone = true;
     }
-    final buffer = inputFile.readSync(chunkSize);
+    final buffer = await inputFile.read(chunkSize);
     bytesRead += chunkSize;
     Sodium.cryptoGenerichashUpdate(state, buffer);
   }
-  inputFile.closeSync();
+  await inputFile.close();
   return Sodium.cryptoGenerichashFinal(state, Sodium.cryptoGenerichashBytesMax);
 }
 
 EncryptionResult chachaEncryptData(Map<String, dynamic> args) {
   final initPushResult =
-      Sodium.cryptoSecretstreamXchacha20poly1305InitPush(args["key"]);
+  Sodium.cryptoSecretstreamXchacha20poly1305InitPush(args["key"]);
   final encryptedData = Sodium.cryptoSecretstreamXchacha20poly1305Push(
     initPushResult.state,
     args["source"],
@@ -72,6 +90,7 @@ EncryptionResult chachaEncryptData(Map<String, dynamic> args) {
   );
 }
 
+// Encrypts a given file, in chunks of encryptionChunkSize
 Future<EncryptionResult> chachaEncryptFile(Map<String, dynamic> args) async {
   final encryptionStartTime = DateTime.now().millisecondsSinceEpoch;
   final logger = Logger("ChaChaEncrypt");
@@ -83,7 +102,7 @@ Future<EncryptionResult> chachaEncryptFile(Map<String, dynamic> args) async {
   final inputFile = sourceFile.openSync(mode: io.FileMode.read);
   final key = args["key"] ?? Sodium.cryptoSecretstreamXchacha20poly1305Keygen();
   final initPushResult =
-      Sodium.cryptoSecretstreamXchacha20poly1305InitPush(key);
+  Sodium.cryptoSecretstreamXchacha20poly1305InitPush(key);
   var bytesRead = 0;
   var tag = Sodium.cryptoSecretstreamXchacha20poly1305TagMessage;
   while (tag != Sodium.cryptoSecretstreamXchacha20poly1305TagFinal) {
@@ -92,7 +111,7 @@ Future<EncryptionResult> chachaEncryptFile(Map<String, dynamic> args) async {
       chunkSize = sourceFileLength - bytesRead;
       tag = Sodium.cryptoSecretstreamXchacha20poly1305TagFinal;
     }
-    final buffer = inputFile.readSync(chunkSize);
+    final buffer = await inputFile.read(chunkSize);
     bytesRead += chunkSize;
     final encryptedData = Sodium.cryptoSecretstreamXchacha20poly1305Push(
       initPushResult.state,
@@ -102,7 +121,7 @@ Future<EncryptionResult> chachaEncryptFile(Map<String, dynamic> args) async {
     );
     await destinationFile.writeAsBytes(encryptedData, mode: io.FileMode.append);
   }
-  inputFile.closeSync();
+  await inputFile.close();
 
   logger.info(
     "Encryption time: " +
@@ -134,10 +153,10 @@ Future<void> chachaDecryptFile(Map<String, dynamic> args) async {
     if (bytesRead + chunkSize >= sourceFileLength) {
       chunkSize = sourceFileLength - bytesRead;
     }
-    final buffer = inputFile.readSync(chunkSize);
+    final buffer = await inputFile.read(chunkSize);
     bytesRead += chunkSize;
     final pullResult =
-        Sodium.cryptoSecretstreamXchacha20poly1305Pull(pullState, buffer, null);
+    Sodium.cryptoSecretstreamXchacha20poly1305Pull(pullState, buffer, null);
     await destinationFile.writeAsBytes(pullResult.m, mode: io.FileMode.append);
     tag = pullResult.tag;
   }
@@ -164,13 +183,43 @@ Uint8List chachaDecryptData(Map<String, dynamic> args) {
 }
 
 class CryptoUtil {
-  static final Computer _computer = Computer();
+  // Note: workers are turned on during app startup.
+  static final Computer _computer = Computer.shared();
 
   static init() {
-    _computer.turnOn(workersCount: 4);
-    // Sodium.init();
+    Sodium.init();
   }
 
+  static Uint8List base642bin(String b64, {
+    String? ignore,
+    int variant = Sodium.base64VariantOriginal,
+  }) {
+    return Sodium.base642bin(b64, ignore: ignore, variant: variant);
+  }
+
+  static String bin2base64(Uint8List bin, {
+    bool urlSafe = false,
+  }) {
+    return Sodium.bin2base64(
+      bin,
+      variant:
+      urlSafe ? Sodium.base64VariantUrlsafe : Sodium.base64VariantOriginal,
+    );
+  }
+
+  static String bin2hex(Uint8List bin) {
+    return Sodium.bin2hex(bin);
+  }
+
+  static Uint8List hex2bin(String hex) {
+    return Sodium.hex2bin(hex);
+  }
+
+  // Encrypts the given source, with the given key and a randomly generated
+  // nonce, using XSalsa20 (w Poly1305 MAC).
+  // This function runs on the same thread as the caller, so should be used only
+  // for small amounts of data where thread switching can result in a degraded
+  // user experience
   static EncryptionResult encryptSync(Uint8List source, Uint8List key) {
     final nonce = Sodium.randombytesBuf(Sodium.cryptoSecretboxNoncebytes);
 
@@ -186,24 +235,30 @@ class CryptoUtil {
     );
   }
 
-  static Future<Uint8List> decrypt(
-    Uint8List cipher,
-    Uint8List key,
-    Uint8List nonce,
-  ) async {
+  // Decrypts the given cipher, with the given key and nonce using XSalsa20
+  // (w Poly1305 MAC).
+  static Future<Uint8List> decrypt(Uint8List cipher,
+      Uint8List key,
+      Uint8List nonce,) async {
     final args = <String, dynamic>{};
     args["cipher"] = cipher;
     args["nonce"] = nonce;
     args["key"] = key;
-    return _computer.compute(cryptoSecretboxOpenEasy, param: args);
+    return _computer.compute(
+      cryptoSecretboxOpenEasy,
+      param: args,
+      taskName: "decrypt",
+    );
   }
 
-  static Uint8List decryptSync(
-    Uint8List cipher,
-    Uint8List? key,
-    Uint8List nonce,
-  ) {
-    assert(key != null, "key can not be null");
+  // Decrypts the given cipher, with the given key and nonce using XSalsa20
+  // (w Poly1305 MAC).
+  // This function runs on the same thread as the caller, so should be used only
+  // for small amounts of data where thread switching can result in a degraded
+  // user experience
+  static Uint8List decryptSync(Uint8List cipher,
+      Uint8List key,
+      Uint8List nonce,) {
     final args = <String, dynamic>{};
     args["cipher"] = cipher;
     args["nonce"] = nonce;
@@ -211,94 +266,130 @@ class CryptoUtil {
     return cryptoSecretboxOpenEasy(args);
   }
 
-  static Future<EncryptionResult> encryptChaCha(
-    Uint8List source,
-    Uint8List key,
-  ) async {
+  // Encrypts the given source, with the given key and a randomly generated
+  // nonce, using XChaCha20 (w Poly1305 MAC).
+  // This function runs on the isolate pool held by `_computer`.
+  // TODO: Remove "ChaCha", an implementation detail from the function name
+  static Future<EncryptionResult> encryptChaCha(Uint8List source,
+      Uint8List key,) async {
     final args = <String, dynamic>{};
     args["source"] = source;
     args["key"] = key;
-    return _computer.compute(chachaEncryptData, param: args);
+    return _computer.compute(
+      chachaEncryptData,
+      param: args,
+      taskName: "encryptChaCha",
+    );
   }
 
-  static Future<Uint8List> decryptChaCha(
-    Uint8List source,
-    Uint8List key,
-    Uint8List header,
-  ) async {
+  // Decrypts the given source, with the given key and header using XChaCha20
+  // (w Poly1305 MAC).
+  // TODO: Remove "ChaCha", an implementation detail from the function name
+  static Future<Uint8List> decryptChaCha(Uint8List source,
+      Uint8List key,
+      Uint8List header,) async {
     final args = <String, dynamic>{};
     args["source"] = source;
     args["key"] = key;
     args["header"] = header;
-    return _computer.compute(chachaDecryptData, param: args);
+    return _computer.compute(
+      chachaDecryptData,
+      param: args,
+      taskName: "decryptChaCha",
+    );
   }
 
+  // Encrypts the file at sourceFilePath, with the key (if provided) and a
+  // randomly generated nonce using XChaCha20 (w Poly1305 MAC), and writes it
+  // to the destinationFilePath.
+  // If a key is not provided, one is generated and returned.
   static Future<EncryptionResult> encryptFile(
-    String sourceFilePath,
-    String destinationFilePath, {
-    Uint8List? key,
-  }) {
+      String sourceFilePath,
+      String destinationFilePath, {
+        Uint8List? key,
+      }) {
     final args = <String, dynamic>{};
     args["sourceFilePath"] = sourceFilePath;
     args["destinationFilePath"] = destinationFilePath;
     args["key"] = key;
-    return _computer.compute(chachaEncryptFile, param: args);
+    return _computer.compute(
+      chachaEncryptFile,
+      param: args,
+      taskName: "encryptFile",
+    );
   }
 
+  // Decrypts the file at sourceFilePath, with the given key and header using
+  // XChaCha20 (w Poly1305 MAC), and writes it to the destinationFilePath.
   static Future<void> decryptFile(
-    String sourceFilePath,
-    String destinationFilePath,
-    Uint8List header,
-    Uint8List key,
-  ) {
+      String sourceFilePath,
+      String destinationFilePath,
+      Uint8List header,
+      Uint8List key,) {
     final args = <String, dynamic>{};
     args["sourceFilePath"] = sourceFilePath;
     args["destinationFilePath"] = destinationFilePath;
     args["header"] = header;
     args["key"] = key;
-    return _computer.compute(chachaDecryptFile, param: args);
+    return _computer.compute(
+      chachaDecryptFile,
+      param: args,
+      taskName: "decryptFile",
+    );
   }
 
+  // Generates and returns a 256-bit key.
   static Uint8List generateKey() {
     return Sodium.cryptoSecretboxKeygen();
   }
 
+  // Generates and returns a random byte buffer of length
+  // crypto_pwhash_SALTBYTES (16)
   static Uint8List getSaltToDeriveKey() {
     return Sodium.randombytesBuf(Sodium.cryptoPwhashSaltbytes);
   }
 
+  // Generates and returns a secret key and the corresponding public key.
   static Future<KeyPair> generateKeyPair() async {
     return Sodium.cryptoBoxKeypair();
   }
 
+  // Decrypts the input using the given publicKey-secretKey pair
   static Uint8List openSealSync(
-    Uint8List input,
-    Uint8List publicKey,
-    Uint8List secretKey,
-  ) {
+      Uint8List input,
+      Uint8List publicKey,
+      Uint8List secretKey,
+      ) {
     return Sodium.cryptoBoxSealOpen(input, publicKey, secretKey);
   }
 
+  // Encrypts the input using the given publicKey
   static Uint8List sealSync(Uint8List input, Uint8List publicKey) {
     return Sodium.cryptoBoxSeal(input, publicKey);
   }
 
+  // Derives a key for a given password and salt using Argon2id, v1.3.
+  // The function first attempts to derive a key with both memLimit and opsLimit
+  // set to their Sensitive variants.
+  // If this fails, say on a device with insufficient RAM, we retry by halving
+  // the memLimit and doubling the opsLimit, while ensuring that we stay within
+  // the min and max limits for both parameters.
+  // At all points, we ensure that the product of these two variables (the area
+  // under the graph that determines the amount of work required) is a constant.
   static Future<DerivedKeyResult> deriveSensitiveKey(
-    Uint8List password,
-    Uint8List salt,
-  ) async {
+      Uint8List password,
+      Uint8List salt,
+      ) async {
     final logger = Logger("pwhash");
-    // Default with 1 GB mem and 4 ops limit
     int memLimit = Sodium.cryptoPwhashMemlimitSensitive;
     int opsLimit = Sodium.cryptoPwhashOpslimitSensitive;
-
     if (await isLowSpecDevice()) {
       logger.info("low spec device detected");
       // When sensitive memLimit (1 GB) is used, on low spec device the OS might
-      // kill the app with OOM. To avoid that, start with 256 MB and 
+      // kill the app with OOM. To avoid that, start with 256 MB and
       // corresponding ops limit (16).
       // This ensures that the product of these two variables
-      // (the area under the graph that determines the amount of work required) 
+      // (the area under the graph that determines the amount of work required)
       // stays the same
       // SODIUM_CRYPTO_PWHASH_MEMLIMIT_SENSITIVE: 1073741824
       // SODIUM_CRYPTO_PWHASH_MEMLIMIT_MODERATE: 268435456
@@ -315,11 +406,8 @@ class CryptoUtil {
         key = await deriveKey(password, salt, memLimit, opsLimit);
         return DerivedKeyResult(key, memLimit, opsLimit);
       } catch (e, s) {
-        logger.severe(
-          "failed to derive memLimit: $memLimit and opsLimit: $opsLimit",
-          e,
-          s,
-        );
+        logger.warning(
+          "failed to deriveKey mem: $memLimit, ops: $opsLimit", e, s,);
       }
       memLimit = (memLimit / 2).round();
       opsLimit = opsLimit * 2;
@@ -327,29 +415,76 @@ class CryptoUtil {
     throw UnsupportedError("Cannot perform this operation on this device");
   }
 
-  static Future<Uint8List> deriveKey(
-    Uint8List password,
-    Uint8List salt,
-    int memLimit,
-    int opsLimit,
-  ) {
-    return _computer.compute(
-      cryptoPwHash,
-      param: {
-        "password": password,
-        "salt": salt,
-        "memLimit": memLimit,
-        "opsLimit": opsLimit,
-      },
-    );
+  // Derives a key for the given password and salt, using Argon2id, v1.3
+  // with memory and ops limit hardcoded to their Interactive variants
+  // NOTE: This is only used while setting passwords for shared links, as an
+  // extra layer of authentication (atop the access token and collection key).
+  // More details @ https://ente.io/blog/building-shareable-links/
+  static Future<DerivedKeyResult> deriveInteractiveKey(
+      Uint8List password,
+      Uint8List salt,
+      ) async {
+    final int memLimit = Sodium.cryptoPwhashMemlimitInteractive;
+    final int opsLimit = Sodium.cryptoPwhashOpslimitInteractive;
+    final key = await deriveKey(password, salt, memLimit, opsLimit);
+    return DerivedKeyResult(key, memLimit, opsLimit);
   }
 
+  // Derives a key for a given password, salt, memLimit and opsLimit using
+  // Argon2id, v1.3.
+  static Future<Uint8List> deriveKey(
+      Uint8List password,
+      Uint8List salt,
+      int memLimit,
+      int opsLimit,
+      ) {
+    try {
+      return _computer.compute(
+        cryptoPwHash,
+        param: {
+          "password": password,
+          "salt": salt,
+          "memLimit": memLimit,
+          "opsLimit": opsLimit,
+        },
+        taskName: "deriveKey",
+      );
+    } catch(e,s) {
+      final String errMessage = 'failed to deriveKey memLimit: $memLimit and '
+          'opsLimit: $opsLimit';
+      Logger("CryptoUtilDeriveKey").warning(errMessage, e, s);
+      throw KeyDerivationError();
+    }
+  }
+
+  // derives a Login key as subKey from the given key by applying KDF
+  // (Key Derivation Function) with the `loginSubKeyId` and
+  // `loginSubKeyLen` and `loginSubKeyContext` as context
+  static Future<Uint8List> deriveLoginKey(
+      Uint8List key,
+      ) async {
+    final Uint8List derivedKey = await  _computer.compute(
+      cryptoKdfDeriveFromKey,
+      param: {
+        "key": key,
+        "subkeyId": loginSubKeyId,
+        "subkeyLen": loginSubKeyLen,
+        "context": utf8.encode(loginSubKeyContext),
+      },
+      taskName: "deriveLoginKey",
+    );
+    // return the first 16 bytes of the derived key
+    return derivedKey.sublist(0, 16);
+  }
+
+  // Computes and returns the hash of the source file
   static Future<Uint8List> getHash(io.File source) {
     return _computer.compute(
       cryptoGenericHash,
       param: {
         "sourceFilePath": source.path,
       },
+      taskName: "fileHash",
     );
   }
 }

lib/utils/device_info.dart

@@ -8,13 +8,26 @@ late DeviceInfoPlugin deviceInfoPlugin = DeviceInfoPlugin();
 
 // https://gist.github.com/adamawolf/3048717
 late Set<String> iOSLowEndMachineCodes = <String>{
-  "iPhone5,2",
-  "iPhone5,3",
-  "iPhone5,4",
-  "iPhone6,1",
-  "iPhone6,2",
-  "iPhone7,2",
-  "iPhone7,1",
+  "iPhone5,1", //iPhone 5 (GSM)
+  "iPhone5,2", //iPhone 5 (GSM+CDMA)
+  "iPhone5,3", //iPhone 5C (GSM)
+  "iPhone5,4", //iPhone 5C (Global)
+  "iPhone6,1", //iPhone 5S (GSM)
+  "iPhone6,2", //iPhone 5S (Global)
+  "iPhone7,1", //iPhone 6 Plus
+  "iPhone7,2", //iPhone 6
+  "iPhone8,1", // iPhone 6s
+  "iPhone8,2", // iPhone 6s Plus
+  "iPhone8,4", // iPhone SE (GSM)
+  "iPhone9,1", // iPhone 7
+  "iPhone9,2", // iPhone 7 Plus
+  "iPhone9,3", // iPhone 7
+  "iPhone9,4", // iPhone 7 Plus
+  "iPhone10,1", // iPhone 8
+  "iPhone10,2", // iPhone 8 Plus
+  "iPhone10,3", // iPhone X Global
+  "iPhone10,4", // iPhone 8
+  "iPhone10,5" //  iPhone 8
 };
 
 Future<bool> isLowSpecDevice() async {

lib/utils/dialog_util.dart

@@ -310,26 +310,29 @@ Future<dynamic> showTextInputDialog(
     builder: (context) {
       final bottomInset = MediaQuery.of(context).viewInsets.bottom;
       final isKeyboardUp = bottomInset > 100;
-      return Center(
-        child: Padding(
-          padding: EdgeInsets.only(bottom: isKeyboardUp ? bottomInset : 0),
-          child: TextInputDialog(
-            title: title,
-            message: message,
-            label: label,
-            body: body,
-            icon: icon,
-            submitButtonLabel: submitButtonLabel,
-            onSubmit: onSubmit,
-            hintText: hintText,
-            prefixIcon: prefixIcon,
-            initialValue: initialValue,
-            alignMessage: alignMessage,
-            maxLength: maxLength,
-            showOnlyLoadingState: showOnlyLoadingState,
-            textCapitalization: textCapitalization,
-            alwaysShowSuccessState: alwaysShowSuccessState,
-            isPasswordInput: isPasswordInput,
+      return Material(
+        color: Colors.transparent,
+        child: Center(
+          child: Padding(
+            padding: EdgeInsets.only(bottom: isKeyboardUp ? bottomInset : 0),
+            child: TextInputDialog(
+              title: title,
+              message: message,
+              label: label,
+              body: body,
+              icon: icon,
+              submitButtonLabel: submitButtonLabel,
+              onSubmit: onSubmit,
+              hintText: hintText,
+              prefixIcon: prefixIcon,
+              initialValue: initialValue,
+              alignMessage: alignMessage,
+              maxLength: maxLength,
+              showOnlyLoadingState: showOnlyLoadingState,
+              textCapitalization: textCapitalization,
+              alwaysShowSuccessState: alwaysShowSuccessState,
+              isPasswordInput: isPasswordInput,
+            ),
           ),
         ),
       );

lib/utils/totp_util.dart

@@ -1,7 +1,11 @@
 import 'package:ente_auth/models/code.dart';
+import 'package:flutter/foundation.dart';
 import 'package:otp/otp.dart' as otp;
 
-String getTotp(Code code) {
+String getOTP(Code code) {
+  if(code.type == Type.hotp) {
+    return _getHOTPCode(code);
+  }
   return otp.OTP.generateTOTPCodeString(
     getSanitizedSecret(code.secret),
     DateTime.now().millisecondsSinceEpoch,
@@ -12,6 +16,16 @@ String getTotp(Code code) {
   );
 }
 
+String _getHOTPCode(Code code) {
+  return otp.OTP.generateHOTPCodeString(
+    getSanitizedSecret(code.secret),
+    code.counter,
+    length: code.digits,
+    algorithm: _getAlgorithm(code),
+    isGoogle: true,
+  );
+}
+
 String getNextTotp(Code code) {
   return otp.OTP.generateTOTPCodeString(
     getSanitizedSecret(code.secret),
@@ -35,5 +49,15 @@ otp.Algorithm _getAlgorithm(Code code) {
 }
 
 String getSanitizedSecret(String secret) {
-  return secret.toUpperCase().trim();
+  return secret.toUpperCase().trim().replaceAll(' ', '');
 }
+
+String safeDecode(String value) {
+  try {
+    return Uri.decodeComponent(value);
+  } catch (e) {
+    // note: don't log the value, it might contain sensitive information
+    debugPrint("Failed to decode $e");
+    return value;
+  }
+}

macos/Podfile

@@ -1,4 +1,4 @@
-platform :osx, '10.11'
+platform :osx, '10.14'
 
 # CocoaPods analytics sends network stats synchronously affecting flutter build latency.
 ENV['COCOAPODS_DISABLE_STATS'] = 'true'

macos/Podfile.lock

@@ -2,7 +2,11 @@ PODS:
   - connectivity_macos (0.0.1):
     - FlutterMacOS
     - Reachability
-  - flutter_secure_storage_macos (3.3.1):
+  - device_info_plus (0.0.1):
+    - FlutterMacOS
+  - flutter_local_notifications (0.0.1):
+    - FlutterMacOS
+  - flutter_secure_storage_macos (6.1.1):
     - FlutterMacOS
   - FlutterMacOS (1.0.0)
   - FMDB (2.7.5):
@@ -10,12 +14,19 @@ PODS:
   - FMDB/standard (2.7.5)
   - package_info_plus_macos (0.0.1):
     - FlutterMacOS
-  - path_provider_macos (0.0.1):
+  - path_provider_foundation (0.0.1):
+    - Flutter
     - FlutterMacOS
   - Reachability (3.2)
+  - Sentry/HybridSDK (7.31.5)
+  - sentry_flutter (0.0.1):
+    - Flutter
+    - FlutterMacOS
+    - Sentry/HybridSDK (= 7.31.5)
   - share_plus_macos (0.0.1):
     - FlutterMacOS
-  - shared_preferences_macos (0.0.1):
+  - shared_preferences_foundation (0.0.1):
+    - Flutter
     - FlutterMacOS
   - sqflite (0.0.2):
     - FlutterMacOS
@@ -25,12 +36,15 @@ PODS:
 
 DEPENDENCIES:
   - connectivity_macos (from `Flutter/ephemeral/.symlinks/plugins/connectivity_macos/macos`)
+  - device_info_plus (from `Flutter/ephemeral/.symlinks/plugins/device_info_plus/macos`)
+  - flutter_local_notifications (from `Flutter/ephemeral/.symlinks/plugins/flutter_local_notifications/macos`)
   - flutter_secure_storage_macos (from `Flutter/ephemeral/.symlinks/plugins/flutter_secure_storage_macos/macos`)
   - FlutterMacOS (from `Flutter/ephemeral`)
   - package_info_plus_macos (from `Flutter/ephemeral/.symlinks/plugins/package_info_plus_macos/macos`)
-  - path_provider_macos (from `Flutter/ephemeral/.symlinks/plugins/path_provider_macos/macos`)
+  - path_provider_foundation (from `Flutter/ephemeral/.symlinks/plugins/path_provider_foundation/macos`)
+  - sentry_flutter (from `Flutter/ephemeral/.symlinks/plugins/sentry_flutter/macos`)
   - share_plus_macos (from `Flutter/ephemeral/.symlinks/plugins/share_plus_macos/macos`)
-  - shared_preferences_macos (from `Flutter/ephemeral/.symlinks/plugins/shared_preferences_macos/macos`)
+  - shared_preferences_foundation (from `Flutter/ephemeral/.symlinks/plugins/shared_preferences_foundation/macos`)
   - sqflite (from `Flutter/ephemeral/.symlinks/plugins/sqflite/macos`)
   - url_launcher_macos (from `Flutter/ephemeral/.symlinks/plugins/url_launcher_macos/macos`)
 
@@ -38,22 +52,29 @@ SPEC REPOS:
   trunk:
     - FMDB
     - Reachability
+    - Sentry
 
 EXTERNAL SOURCES:
   connectivity_macos:
     :path: Flutter/ephemeral/.symlinks/plugins/connectivity_macos/macos
+  device_info_plus:
+    :path: Flutter/ephemeral/.symlinks/plugins/device_info_plus/macos
+  flutter_local_notifications:
+    :path: Flutter/ephemeral/.symlinks/plugins/flutter_local_notifications/macos
   flutter_secure_storage_macos:
     :path: Flutter/ephemeral/.symlinks/plugins/flutter_secure_storage_macos/macos
   FlutterMacOS:
     :path: Flutter/ephemeral
   package_info_plus_macos:
     :path: Flutter/ephemeral/.symlinks/plugins/package_info_plus_macos/macos
-  path_provider_macos:
-    :path: Flutter/ephemeral/.symlinks/plugins/path_provider_macos/macos
+  path_provider_foundation:
+    :path: Flutter/ephemeral/.symlinks/plugins/path_provider_foundation/macos
+  sentry_flutter:
+    :path: Flutter/ephemeral/.symlinks/plugins/sentry_flutter/macos
   share_plus_macos:
     :path: Flutter/ephemeral/.symlinks/plugins/share_plus_macos/macos
-  shared_preferences_macos:
-    :path: Flutter/ephemeral/.symlinks/plugins/shared_preferences_macos/macos
+  shared_preferences_foundation:
+    :path: Flutter/ephemeral/.symlinks/plugins/shared_preferences_foundation/macos
   sqflite:
     :path: Flutter/ephemeral/.symlinks/plugins/sqflite/macos
   url_launcher_macos:
@@ -61,17 +82,21 @@ EXTERNAL SOURCES:
 
 SPEC CHECKSUMS:
   connectivity_macos: 5dae6ee11d320fac7c05f0d08bd08fc32b5514d9
-  flutter_secure_storage_macos: 6ceee8fbc7f484553ad17f79361b556259df89aa
-  FlutterMacOS: ae6af50a8ea7d6103d888583d46bd8328a7e9811
+  device_info_plus: 5401765fde0b8d062a2f8eb65510fb17e77cf07f
+  flutter_local_notifications: 3805ca215b2fb7f397d78b66db91f6a747af52e4
+  flutter_secure_storage_macos: d56e2d218c1130b262bef8b4a7d64f88d7f9c9ea
+  FlutterMacOS: 8f6f14fa908a6fb3fba0cd85dbd81ec4b251fb24
   FMDB: 2ce00b547f966261cd18927a3ddb07cb6f3db82a
   package_info_plus_macos: f010621b07802a241d96d01876d6705f15e77c1c
-  path_provider_macos: 3c0c3b4b0d4a76d2bf989a913c2de869c5641a19
+  path_provider_foundation: 37748e03f12783f9de2cb2c4eadfaa25fe6d4852
   Reachability: 33e18b67625424e47b6cde6d202dce689ad7af96
+  Sentry: 4c9babff9034785067c896fd580b1f7de44da020
+  sentry_flutter: b10ae7a5ddcbc7f04648eeb2672b5747230172f1
   share_plus_macos: 853ee48e7dce06b633998ca0735d482dd671ade4
-  shared_preferences_macos: a64dc611287ed6cbe28fd1297898db1336975727
+  shared_preferences_foundation: 297b3ebca31b34ec92be11acd7fb0ba932c822ca
   sqflite: a5789cceda41d54d23f31d6de539d65bb14100ea
-  url_launcher_macos: 597e05b8e514239626bcf4a850fcf9ef5c856ec3
+  url_launcher_macos: c04e4fa86382d4f94f6b38f14625708be3ae52e2
 
-PODFILE CHECKSUM: 6eac6b3292e5142cfc23bdeb71848a40ec51c14c
+PODFILE CHECKSUM: 353c8bcc5d5b0994e508d035b5431cfe18c1dea7
 
-COCOAPODS: 1.11.3
+COCOAPODS: 1.12.1

macos/Runner.xcodeproj/project.pbxproj

@@ -3,7 +3,7 @@
 	archiveVersion = 1;
 	classes = {
 	};
-	objectVersion = 51;
+	objectVersion = 54;
 	objects = {
 
 /* Begin PBXAggregateTarget section */
@@ -256,6 +256,7 @@
 /* Begin PBXShellScriptBuildPhase section */
 		3399D490228B24CF009A79C7 /* ShellScript */ = {
 			isa = PBXShellScriptBuildPhase;
+			alwaysOutOfDate = 1;
 			buildActionMask = 2147483647;
 			files = (
 			);
@@ -404,7 +405,7 @@
 				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
-				MACOSX_DEPLOYMENT_TARGET = 10.11;
+				MACOSX_DEPLOYMENT_TARGET = 10.14;
 				MTL_ENABLE_DEBUG_INFO = NO;
 				SDKROOT = macosx;
 				SWIFT_COMPILATION_MODE = wholemodule;
@@ -483,7 +484,7 @@
 				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
-				MACOSX_DEPLOYMENT_TARGET = 10.11;
+				MACOSX_DEPLOYMENT_TARGET = 10.14;
 				MTL_ENABLE_DEBUG_INFO = YES;
 				ONLY_ACTIVE_ARCH = YES;
 				SDKROOT = macosx;
@@ -530,7 +531,7 @@
 				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
-				MACOSX_DEPLOYMENT_TARGET = 10.11;
+				MACOSX_DEPLOYMENT_TARGET = 10.14;
 				MTL_ENABLE_DEBUG_INFO = NO;
 				SDKROOT = macosx;
 				SWIFT_COMPILATION_MODE = wholemodule;

migration-guides/authy.md

@@ -0,0 +1,58 @@
+# Migrating from Authy
+A guide written by Green, an ente.io lover
+
+---
+
+Migrating from Authy can be tiring, as you cannot export your 2FA codes through the app, meaning that you would have to reconfigure 2FA for all of your accounts for your new 2FA authenticator. But do not fear, as there is a much simpler way to migrate from Authy to ente!
+
+A user on GitHub has written a guide to export our data from Authy (morpheus on Discord found this and showed it to us), so we are going to be using that for the migration.
+
+## Exporting from Authy
+To export your data, please follow [this guide](https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93). This will create a new JSON file with all your Authy TOTP data in it. **Do not share this file with anyone!**
+
+## Converting the export for ente Authenticator
+So now that you have the JSON file, does that mean it can be imported into ente Authenticator? Nope.
+
+This is because the code in the guide exports your Authy data for Bitwarden, not ente Authenticator. If you have opened the JSON file, you might have noticed that the file created is not in a format that ente Authenticator asks for:
+
+<img width="454" alt="ente Authenticator Screenshot" src="https://github.com/gweeeen/auth/assets/41323182/30566a69-cfa0-4de0-9f0d-95967d4c5cad">
+
+So, this means that even if you try to import this file, nothing will happen. But don't worry, I've written a program in Python that converts the JSON file into a TXT file that ente Authenticator can use!
+
+You can download my program [here](https://github.com/gweeeen/ducky/blob/main/duckys_other_stuff/authy_to_ente.py). Or if you **really like making life hard**, then you can make a new Python file and copy this code to it:
+
+```py
+import json
+import os
+
+totp = []
+
+accounts = json.load(open('authy-to-bitwarden-export.json','r',encoding='utf-8'))
+
+for account in accounts['items']:
+    totp.append(account['login']['totp']+'\n')
+
+writer = open('auth_codes.txt','w+',encoding='utf-8')
+writer.writelines(totp)
+writer.close()
+
+print('Saved to ' + os.getcwd() + '/auth_codes.txt')
+```
+
+To convert the file with this program, you will need to install [Python](https://www.python.org/downloads/) on your computer.
+
+Before you run the program, make sure that both the Python program and the JSON file are in the same directory, otherwise this will not work!
+
+To run the Python program, open it in IDLE and press F5, or open your terminal and type `python3 authy_to_ente.py` or `py -3 authy_to_ente.py`, depending on which OS you have. Once you run it, a new TXT file called `auth_codes.txt` will be generated. You can now import your data to ente Authenticator!
+
+## Importing to ente Authenticator
+Now that we have the TXT file, let's import it. This should be the easiest part of the entire migration process.
+
+1. Copy the TXT file to one of your devices with ente Authenticator.
+2. Log in to your account (if you haven't already).
+3. Open the navigation menu (hamburger button on the top left), then press "Data", then press "Import codes".
+4. Select the TXT file that was made earlier.
+
+And that's it! You have now successfully migrated from Authy to ente Authenticator.
+
+Just one more thing: Now that your secrets are safely stored, I recommend you delete the unencrypted JSON and TXT files that were made during the migration process for security.

migration-guides/encrypted_export.md

@@ -0,0 +1,52 @@
+# Auth Encrypted Export format
+
+## Overview
+
+When we export the auth codes, the data is encrypted using a key derived from the user's password. 
+This document describes the JSON structure used to organize exported data, including versioning and key derivation parameters.
+
+## Export JSON Sample
+
+```json
+{
+  "version": 1,
+  "kdfParams": {
+    "memLimit": 4096,
+    "opsLimit": 3,
+    "salt": "example_salt"
+  },
+  "encryptedData": "encrypted_data_here",
+  "encryptionNonce": "nonce_here"
+}
+```
+
+The main object used to represent the export data. It contains the following key-value pairs:
+
+- `version`: The version of the export format.
+- `kdfParams`:  Key derivation function parameters.
+- `encryptedData"`:  The encrypted authentication data.
+- `encryptionNonce`: The nonce used for encryption.
+
+### Version 
+
+Export version is used to identify the format of the export data. 
+#### Ver: 1
+* KDF Algorithm: `ARGON2ID`
+* Decrypted data format: `otpauth://totp/...`, separated by a new line.
+* Encryption Algo: `XChaCha20-Poly1305`
+
+#### Key Derivation Function  Params (KDF)
+
+This section contains the parameters that were using during KDF operation:
+
+- `memLimit`: Memory limit for the algorithm.
+- `opsLimit`: Operations limit for the algorithm.
+- `salt`:  The salt used in the derivation process.
+
+#### Encrypted Data
+As mentioned above, the auth data is encrypted using a key that's derived by using user provided password & kdf params.
+For encryption, we are using `XChaCha20-Poly1305` algorithm. 
+
+## How to use the export data
+* **ente Authenticator app**: You can directly import the codes in the ente Authenticator app. 
+    >Settings -> Data -> Import Codes -> ente Encrypted export. 

protos/googleauth.proto

@@ -0,0 +1,40 @@
+syntax = "proto3";
+package googleauth;
+
+message MigrationPayload {
+  enum Algorithm {
+    ALGORITHM_UNSPECIFIED = 0;
+    ALGORITHM_SHA1 = 1;
+    ALGORITHM_SHA256 = 2;
+    ALGORITHM_SHA512 = 3;
+    ALGORITHM_MD5 = 4;
+  }
+
+  enum DigitCount {
+    DIGIT_COUNT_UNSPECIFIED = 0;
+    DIGIT_COUNT_SIX = 1;
+    DIGIT_COUNT_EIGHT = 2;
+  }
+
+  enum OtpType {
+    OTP_TYPE_UNSPECIFIED = 0;
+    OTP_TYPE_HOTP = 1;
+    OTP_TYPE_TOTP = 2;
+  }
+
+  message OtpParameters {
+    bytes secret = 1;
+    string name = 2;
+    string issuer = 3;
+    Algorithm algorithm = 4;
+    DigitCount digits = 5;
+    OtpType type = 6;
+    int64 counter = 7;
+  }
+
+  repeated OtpParameters otp_parameters = 1;
+  int32 version = 2;
+  int32 batch_size = 3;
+  int32 batch_index = 4;
+  int32 batch_id = 5;
+}

pubspec.lock

@@ -5,42 +5,42 @@ packages:
     dependency: transitive
     description:
       name: _fe_analyzer_shared
-      sha256: "4897882604d919befd350648c7f91926a9d5de99e67b455bf0917cc2362f4bb8"
+      sha256: ae92f5d747aee634b87f89d9946000c2de774be1d6ac3e58268224348cd0101a
       url: "https://pub.dev"
     source: hosted
-    version: "47.0.0"
+    version: "61.0.0"
   adaptive_theme:
     dependency: "direct main"
     description:
       name: adaptive_theme
-      sha256: "84af26cfc68220df3cd35d9d94cb8953e7182ef560e13d8efb87f32bf1e588fc"
+      sha256: "3568bb526d4823c7bb35f9ce3604af15e04cc0e9cc4f257da3604fe6b48d74ae"
       url: "https://pub.dev"
     source: hosted
-    version: "3.1.1"
+    version: "3.2.1"
   analyzer:
     dependency: transitive
     description:
       name: analyzer
-      sha256: "690e335554a8385bc9d787117d9eb52c0c03ee207a607e593de3c9d71b1cfe80"
+      sha256: ea3d8652bda62982addfd92fdc2d0214e5f82e43325104990d4f4c4a2a313562
       url: "https://pub.dev"
     source: hosted
-    version: "4.7.0"
+    version: "5.13.0"
   archive:
-    dependency: transitive
+    dependency: "direct main"
     description:
       name: archive
-      sha256: d6347d54a2d8028e0437e3c099f66fdb8ae02c4720c1e7534c9f24c10351f85d
+      sha256: "0c8368c9b3f0abbc193b9d6133649a614204b528982bebc7026372d61677ce3a"
       url: "https://pub.dev"
     source: hosted
-    version: "3.3.6"
+    version: "3.3.7"
   args:
     dependency: transitive
     description:
       name: args
-      sha256: "139d809800a412ebb26a3892da228b2d0ba36f0ef5d9a82166e5e52ec8d61611"
+      sha256: eef6c46b622e0494a36c5a12d10d77fb4e855501a91c1b9ef9339326e58f0596
       url: "https://pub.dev"
     source: hosted
-    version: "2.3.2"
+    version: "2.4.2"
   async:
     dependency: transitive
     description:
@@ -50,7 +50,7 @@ packages:
     source: hosted
     version: "2.10.0"
   base32:
-    dependency: transitive
+    dependency: "direct main"
     description:
       name: base32
       sha256: ddad4ebfedf93d4500818ed8e61443b734ffe7cf8a45c668c9b34ef6adde02e2
@@ -69,18 +69,18 @@ packages:
     dependency: "direct main"
     description:
       name: bloc
-      sha256: bd4f8027bfa60d96c8046dec5ce74c463b2c918dce1b0d36593575995344534a
+      sha256: "3820f15f502372d979121de1f6b97bfcf1630ebff8fe1d52fb2b0bfa49be5b49"
       url: "https://pub.dev"
     source: hosted
-    version: "8.1.0"
+    version: "8.1.2"
   bloc_test:
     dependency: "direct dev"
     description:
       name: bloc_test
-      sha256: "622b97678bf8c06a94f4c26a89ee9ebf7319bf775383dee2233e86e1f94ee28d"
+      sha256: "43d5b2f3d09ba768d6b611151bdf20ca141ffb46e795eb9550a58c9c2f4eae3f"
       url: "https://pub.dev"
     source: hosted
-    version: "9.1.0"
+    version: "9.1.3"
   boolean_selector:
     dependency: transitive
     description:
@@ -109,34 +109,34 @@ packages:
     dependency: transitive
     description:
       name: build_daemon
-      sha256: "6bc5544ea6ce4428266e7ea680e945c68806c4aae2da0eb5e9ccf38df8d6acbf"
+      sha256: "757153e5d9cd88253cb13f28c2fb55a537dc31fefd98137549895b5beb7c6169"
       url: "https://pub.dev"
     source: hosted
-    version: "3.1.0"
+    version: "3.1.1"
   build_resolvers:
     dependency: transitive
     description:
       name: build_resolvers
-      sha256: "687cf90a3951affac1bd5f9ecb5e3e90b60487f3d9cdc359bb310f8876bb02a6"
+      sha256: "6c4dd11d05d056e76320b828a1db0fc01ccd376922526f8e9d6c796a5adbac20"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.10"
+    version: "2.2.1"
   build_runner:
     dependency: "direct dev"
     description:
       name: build_runner
-      sha256: "93f05c041932674be039b0a2323d6cf57e5f2bbf884a3c0382f9e53fc45ebace"
+      sha256: b0a8a7b8a76c493e85f1b84bffa0588859a06197863dba8c9036b15581fd9727
       url: "https://pub.dev"
     source: hosted
-    version: "2.3.0"
+    version: "2.3.3"
   build_runner_core:
     dependency: transitive
     description:
       name: build_runner_core
-      sha256: "14febe0f5bac5ae474117a36099b4de6f1dbc52df6c5e55534b3da9591bf4292"
+      sha256: "0671ad4162ed510b70d0eb4ad6354c249f8429cab4ae7a4cec86bbc2886eb76e"
       url: "https://pub.dev"
     source: hosted
-    version: "7.2.7"
+    version: "7.2.7+1"
   built_collection:
     dependency: transitive
     description:
@@ -149,10 +149,10 @@ packages:
     dependency: transitive
     description:
       name: built_value
-      sha256: "169565c8ad06adb760c3645bf71f00bff161b00002cace266cad42c5d22a7725"
+      sha256: "598a2a682e2a7a90f08ba39c0aaa9374c5112340f0a2e275f61b59389543d166"
       url: "https://pub.dev"
     source: hosted
-    version: "8.4.3"
+    version: "8.6.1"
   characters:
     dependency: transitive
     description:
@@ -165,10 +165,10 @@ packages:
     dependency: transitive
     description:
       name: checked_yaml
-      sha256: "3d1505d91afa809d177efd4eed5bb0eb65805097a1463abdd2add076effae311"
+      sha256: feb6bed21949061731a7a75fc5d2aa727cf160b91af9a3e464c5e3a32e28b5ff
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.2"
+    version: "2.0.3"
   clipboard:
     dependency: "direct main"
     description:
@@ -189,10 +189,10 @@ packages:
     dependency: transitive
     description:
       name: code_builder
-      sha256: "0d43dd1288fd145de1ecc9a3948ad4a6d5a82f0a14c4fdd0892260787d975cbe"
+      sha256: "4ad01d6e56db961d29661561effde45e519939fdaeb46c351275b182eac70189"
       url: "https://pub.dev"
     source: hosted
-    version: "4.4.0"
+    version: "4.5.0"
   collection:
     dependency: "direct main"
     description:
@@ -204,11 +204,12 @@ packages:
   computer:
     dependency: "direct main"
     description:
-      name: computer
-      sha256: "3df9f1ef497aaf69e066b00f4441726eb28037dc33e97b5d56393967f92c5fe8"
-      url: "https://pub.dev"
-    source: hosted
-    version: "2.0.0"
+      path: "."
+      ref: HEAD
+      resolved-ref: "82e365fed8a1a76f6eea0220de98389eed7b0445"
+      url: "https://github.com/ente-io/computer.git"
+    source: git
+    version: "3.2.1"
   confetti:
     dependency: "direct main"
     description:
@@ -261,10 +262,10 @@ packages:
     dependency: transitive
     description:
       name: coverage
-      sha256: "961c4aebd27917269b1896382c7cb1b1ba81629ba669ba09c27a7e5710ec9040"
+      sha256: "2fb815080e44a09b85e0f2ca8a820b15053982b2e714b59267719e8a9ff17097"
       url: "https://pub.dev"
     source: hosted
-    version: "1.6.2"
+    version: "1.6.3"
   cross_file:
     dependency: transitive
     description:
@@ -277,18 +278,18 @@ packages:
     dependency: transitive
     description:
       name: crypto
-      sha256: aa274aa7774f8964e4f4f38cc994db7b6158dd36e9187aaceaddc994b35c6c67
+      sha256: ff625774173754681d66daaf4a448684fb04b78f902da9cb3d308c19cc5e8bab
       url: "https://pub.dev"
     source: hosted
-    version: "3.0.2"
+    version: "3.0.3"
   csslib:
     dependency: transitive
     description:
       name: csslib
-      sha256: b36c7f7e24c0bdf1bf9a3da461c837d1de64b9f8beb190c9011d8c72a3dfd745
+      sha256: "706b5707578e0c1b4b7550f64078f0a0f19dec3f50a178ffae7006b0a9ca58fb"
       url: "https://pub.dev"
     source: hosted
-    version: "0.17.2"
+    version: "1.0.0"
   cupertino_icons:
     dependency: "direct main"
     description:
@@ -301,10 +302,10 @@ packages:
     dependency: transitive
     description:
       name: dart_style
-      sha256: "7a03456c3490394c8e7665890333e91ae8a49be43542b616e414449ac358acd4"
+      sha256: "1efa911ca7086affd35f463ca2fc1799584fb6aa89883cf0af8e3664d6a02d55"
       url: "https://pub.dev"
     source: hosted
-    version: "2.2.4"
+    version: "2.3.2"
   dbus:
     dependency: transitive
     description:
@@ -317,10 +318,10 @@ packages:
     dependency: "direct main"
     description:
       name: device_info_plus
-      sha256: "7ff671ed0a6356fa8f2e1ae7d3558d3fb7b6a41e24455e4f8df75b811fb8e4ab"
+      sha256: f52ab3b76b36ede4d135aab80194df8925b553686f0fa12226b4e2d658e45903
       url: "https://pub.dev"
     source: hosted
-    version: "8.0.0"
+    version: "8.2.2"
   device_info_plus_platform_interface:
     dependency: transitive
     description:
@@ -397,10 +398,10 @@ packages:
     dependency: transitive
     description:
       name: ffi
-      sha256: a38574032c5f1dd06c4aee541789906c12ccaab8ba01446e800d9c5b79c4a978
+      sha256: ed5337a5660c506388a9f012be0288fb38b49020ce2b45fe1f8b8323fe429f99
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.1"
+    version: "2.0.2"
   file:
     dependency: transitive
     description:
@@ -413,18 +414,18 @@ packages:
     dependency: "direct main"
     description:
       name: file_picker
-      sha256: d090ae03df98b0247b82e5928f44d1b959867049d18d73635e2e0bc3f49542b9
+      sha256: b85eb92b175767fdaa0c543bf3b0d1f610fe966412ea72845fe5ba7801e763ff
       url: "https://pub.dev"
     source: hosted
-    version: "5.2.5"
+    version: "5.2.10"
   fixnum:
     dependency: transitive
     description:
       name: fixnum
-      sha256: "04be3e934c52e082558cc9ee21f42f5c1cd7a1262f4c63cd0357c08d5bba81ec"
+      sha256: "25517a4deb0c03aa0f32fd12db525856438902d9c16536311e76cdc57b31d7d1"
       url: "https://pub.dev"
     source: hosted
-    version: "1.0.1"
+    version: "1.1.0"
   fk_user_agent:
     dependency: "direct main"
     description:
@@ -442,10 +443,10 @@ packages:
     dependency: "direct main"
     description:
       name: flutter_bloc
-      sha256: "890c51c8007f0182360e523518a0c732efb89876cb4669307af7efada5b55557"
+      sha256: e74efb89ee6945bcbce74a5b3a5a3376b088e5f21f55c263fc38cbdc6237faae
       url: "https://pub.dev"
     source: hosted
-    version: "8.1.1"
+    version: "8.1.3"
   flutter_email_sender:
     dependency: "direct main"
     description:
@@ -511,10 +512,10 @@ packages:
     dependency: transitive
     description:
       name: flutter_plugin_android_lifecycle
-      sha256: "60fc7b78455b94e6de2333d2f95196d32cf5c22f4b0b0520a628804cb463503b"
+      sha256: "950e77c2bbe1692bc0874fc7fb491b96a4dc340457f4ea1641443d0a6c1ea360"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.7"
+    version: "2.0.15"
   flutter_secure_storage:
     dependency: "direct main"
     description:
@@ -602,26 +603,26 @@ packages:
     dependency: "direct main"
     description:
       name: fluttertoast
-      sha256: "7cc92eabe01e3f1babe1571c5560b135dfc762a34e41e9056881e2196b178ec1"
+      sha256: "474f7d506230897a3cd28c965ec21c5328ae5605fc9c400cd330e9e9d6ac175c"
       url: "https://pub.dev"
     source: hosted
-    version: "8.1.2"
+    version: "8.2.2"
   frontend_server_client:
     dependency: transitive
     description:
       name: frontend_server_client
-      sha256: "4f4a162323c86ffc1245765cfe138872b8f069deb42f7dbb36115fa27f31469b"
+      sha256: "408e3ca148b31c20282ad6f37ebfa6f4bdc8fede5b74bc2f08d9d92b55db3612"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.3"
+    version: "3.2.0"
   glob:
     dependency: transitive
     description:
       name: glob
-      sha256: "4515b5b6ddb505ebdd242a5f2cc5d22d3d6a80013789debfbda7777f47ea308c"
+      sha256: "0e7014b3b7d4dac1ca4d6114f82bf1782ee86745b9b42a92c9289c23d8a0ab63"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.1"
+    version: "2.1.2"
   google_nav_bar:
     dependency: "direct main"
     description:
@@ -634,10 +635,10 @@ packages:
     dependency: transitive
     description:
       name: graphs
-      sha256: f9e130f3259f52d26f0cfc0e964513796dafed572fa52e45d2f8d6ca14db39b2
+      sha256: aedc5a15e78fc65a6e23bcd927f24c64dd995062bcd1ca6eda65a3cff92a4d19
       url: "https://pub.dev"
     source: hosted
-    version: "2.2.0"
+    version: "2.3.1"
   hex:
     dependency: transitive
     description:
@@ -650,18 +651,18 @@ packages:
     dependency: transitive
     description:
       name: html
-      sha256: d9793e10dbe0e6c364f4c59bf3e01fb33a9b2a674bc7a1081693dba0614b6269
+      sha256: "3a7812d5bcd2894edf53dfaf8cd640876cf6cef50a8f238745c8b8120ea74d3a"
       url: "https://pub.dev"
     source: hosted
-    version: "0.15.1"
+    version: "0.15.4"
   http:
     dependency: "direct main"
     description:
       name: http
-      sha256: "6aa2946395183537c8b880962d935877325d6a09a2867c3970c05c0fed6ac482"
+      sha256: "5895291c13fa8a3bd82e76d5627f69e0d85ca6a30dcac95c4ea19a5d555879c2"
       url: "https://pub.dev"
     source: hosted
-    version: "0.13.5"
+    version: "0.13.6"
   http_multi_server:
     dependency: transitive
     description:
@@ -714,18 +715,18 @@ packages:
     dependency: "direct main"
     description:
       name: json_annotation
-      sha256: "3520fa844009431b5d4491a5a778603520cdc399ab3406332dcc50f93547258c"
+      sha256: b10a7b2ff83d83c777edba3c6a0f97045ddadd56c944e1a23a3fdf43a1bf4467
       url: "https://pub.dev"
     source: hosted
-    version: "4.7.0"
+    version: "4.8.1"
   json_serializable:
     dependency: "direct dev"
     description:
       name: json_serializable
-      sha256: f3c2c18a7889580f71926f30c1937727c8c7d4f3a435f8f5e8b0ddd25253ef5d
+      sha256: "43793352f90efa5d8b251893a63d767b2f7c833120e3cc02adad55eefec04dc7"
       url: "https://pub.dev"
     source: hosted
-    version: "6.5.4"
+    version: "6.6.2"
   lints:
     dependency: "direct dev"
     description:
@@ -738,18 +739,50 @@ packages:
     dependency: "direct main"
     description:
       name: local_auth
-      sha256: d3fece0749101725b03206f84a7dab7aaafb702dbbd09131ff8d8173259a9b19
+      sha256: "0cf238be2bfa51a6c9e7e9cfc11c05ea39f2a3a4d3e5bb255d0ebc917da24401"
       url: "https://pub.dev"
     source: hosted
-    version: "1.1.11"
+    version: "2.1.6"
+  local_auth_android:
+    dependency: transitive
+    description:
+      name: local_auth_android
+      sha256: "523dd636ce061ddb296cbc3db410cb8f21efb7d8798f7b9532c8038ce2f8bad5"
+      url: "https://pub.dev"
+    source: hosted
+    version: "1.0.31"
+  local_auth_ios:
+    dependency: transitive
+    description:
+      name: local_auth_ios
+      sha256: edc2977c5145492f3451db9507a2f2f284ee4f408950b3e16670838726761940
+      url: "https://pub.dev"
+    source: hosted
+    version: "1.1.3"
+  local_auth_platform_interface:
+    dependency: transitive
+    description:
+      name: local_auth_platform_interface
+      sha256: "9e160d59ef0743e35f1b50f4fb84dc64f55676b1b8071e319ef35e7f3bc13367"
+      url: "https://pub.dev"
+    source: hosted
+    version: "1.0.7"
+  local_auth_windows:
+    dependency: transitive
+    description:
+      name: local_auth_windows
+      sha256: "19323b75ab781d5362dbb15dcb7e0916d2431c7a6dbdda016ec9708689877f73"
+      url: "https://pub.dev"
+    source: hosted
+    version: "1.0.8"
   logging:
     dependency: "direct main"
     description:
       name: logging
-      sha256: "04094f2eb032cbb06c6f6e8d3607edcfcb0455e2bb6cbc010cb01171dcb64e6d"
+      sha256: "623a88c9594aa774443aa3eb2d41807a48486b5613e67599fb4c41c0ad47c340"
       url: "https://pub.dev"
     source: hosted
-    version: "1.1.1"
+    version: "1.2.0"
   matcher:
     dependency: transitive
     description:
@@ -818,10 +851,10 @@ packages:
     dependency: transitive
     description:
       name: node_preamble
-      sha256: "8ebdbaa3b96d5285d068f80772390d27c21e1fa10fb2df6627b1b9415043608d"
+      sha256: "6e7eac89047ab8a8d26cf16127b5ed26de65209847630400f9aefd7cd5c730db"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.1"
+    version: "2.0.2"
   open_filex:
     dependency: "direct main"
     description:
@@ -834,10 +867,10 @@ packages:
     dependency: "direct main"
     description:
       name: otp
-      sha256: "337fddb07d10df56dc57f3f8a3e1a7e7abe7463cd85e4efc567c4d2bc94d4ed6"
+      sha256: fcb7f21e30c4cd80a0a982c27a9b75151cc1fe3d8f7ee680673c090171b1ad55
       url: "https://pub.dev"
     source: hosted
-    version: "3.1.3"
+    version: "3.1.4"
   package_config:
     dependency: transitive
     description:
@@ -930,50 +963,50 @@ packages:
     dependency: "direct main"
     description:
       name: path_provider
-      sha256: dcea5feb97d8abf90cab9e9030b497fb7c3cbf26b7a1fe9e3ef7dcb0a1ddec95
+      sha256: "3087813781ab814e4157b172f1a11c46be20179fcc9bea043e0fba36bc0acaa2"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.12"
+    version: "2.0.15"
   path_provider_android:
     dependency: transitive
     description:
       name: path_provider_android
-      sha256: a776c088d671b27f6e3aa8881d64b87b3e80201c64e8869b811325de7a76c15e
+      sha256: "2cec049d282c7f13c594b4a73976b0b4f2d7a1838a6dd5aaf7bd9719196bee86"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.22"
+    version: "2.0.27"
   path_provider_foundation:
     dependency: transitive
     description:
       name: path_provider_foundation
-      sha256: "62a68e7e1c6c459f9289859e2fae58290c981ce21d1697faf54910fe1faa4c74"
+      sha256: "916731ccbdce44d545414dd9961f26ba5fbaa74bcbb55237d8e65a623a8c7297"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.1"
+    version: "2.2.4"
   path_provider_linux:
     dependency: transitive
     description:
       name: path_provider_linux
-      sha256: ab0987bf95bc591da42dffb38c77398fc43309f0b9b894dcc5d6f40c4b26c379
+      sha256: ffbb8cc9ed2c9ec0e4b7a541e56fd79b138e8f47d2fb86815f15358a349b3b57
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.7"
+    version: "2.1.11"
   path_provider_platform_interface:
     dependency: transitive
     description:
       name: path_provider_platform_interface
-      sha256: f0abc8ebd7253741f05488b4813d936b4d07c6bae3e86148a09e342ee4b08e76
+      sha256: "57585299a729335f1298b43245842678cb9f43a6310351b18fb577d6e33165ec"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.5"
+    version: "2.0.6"
   path_provider_windows:
     dependency: transitive
     description:
       name: path_provider_windows
-      sha256: bcabbe399d4042b8ee687e17548d5d3f527255253b4a639f5f8d2094a9c2b45c
+      sha256: "1cb68ba4cd3a795033de62ba1b7b4564dace301f952de6bfb3cd91b202b6ee96"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.3"
+    version: "2.1.7"
   petitparser:
     dependency: transitive
     description:
@@ -1002,18 +1035,18 @@ packages:
     dependency: transitive
     description:
       name: plugin_platform_interface
-      sha256: dbf0f707c78beedc9200146ad3cb0ab4d5da13c246336987be6940f026500d3a
+      sha256: "6a2128648c854906c53fa8e33986fc0247a1116122f9534dd20e3ab9e16a32bc"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.3"
+    version: "2.1.4"
   pointycastle:
-    dependency: transitive
+    dependency: "direct main"
     description:
       name: pointycastle
-      sha256: db7306cf0249f838d1a24af52b5a5887c5bf7f31d8bb4e827d071dc0939ad346
+      sha256: "7c1e5f0d23c9016c5bbd8b1473d0d3fb3fc851b876046039509e18e0c7485f2c"
       url: "https://pub.dev"
     source: hosted
-    version: "3.6.2"
+    version: "3.7.3"
   pool:
     dependency: transitive
     description:
@@ -1030,6 +1063,14 @@ packages:
       url: "https://pub.dev"
     source: hosted
     version: "4.2.4"
+  protobuf:
+    dependency: "direct main"
+    description:
+      name: protobuf
+      sha256: "4034a02b7e231e7e60bff30a8ac13a7347abfdac0798595fae0b90a3f0afe759"
+      url: "https://pub.dev"
+    source: hosted
+    version: "3.0.0"
   provider:
     dependency: transitive
     description:
@@ -1042,18 +1083,26 @@ packages:
     dependency: transitive
     description:
       name: pub_semver
-      sha256: "307de764d305289ff24ad257ad5c5793ce56d04947599ad68b3baa124105fc17"
+      sha256: "40d3ab1bbd474c4c2328c91e3a7df8c6dd629b79ece4c4bd04bee496a224fb0c"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.3"
+    version: "2.1.4"
   pubspec_parse:
     dependency: transitive
     description:
       name: pubspec_parse
-      sha256: "75f6614d6dde2dc68948dffbaa4fe5dae32cd700eb9fb763fe11dfb45a3c4d0a"
+      sha256: c63b2876e58e194e4b0828fcb080ad0e06d051cb607a6be51a9e084f47cb9367
       url: "https://pub.dev"
     source: hosted
-    version: "1.2.1"
+    version: "1.2.3"
+  qr:
+    dependency: transitive
+    description:
+      name: qr
+      sha256: "5c4208b4dc0d55c3184d10d83ee0ded6212dc2b5e2ba17c5a0c0aab279128d21"
+      url: "https://pub.dev"
+    source: hosted
+    version: "2.1.0"
   qr_code_scanner:
     dependency: "direct main"
     description:
@@ -1062,22 +1111,30 @@ packages:
       url: "https://pub.dev"
     source: hosted
     version: "1.0.1"
+  qr_flutter:
+    dependency: "direct main"
+    description:
+      name: qr_flutter
+      sha256: c5c121c54cb6dd837b9b9d57eb7bc7ec6df4aee741032060c8833a678c80b87e
+      url: "https://pub.dev"
+    source: hosted
+    version: "4.0.0"
   sentry:
     dependency: "direct main"
     description:
       name: sentry
-      sha256: c64db3444237ff747c5a68f5214897bcb078de248785d0d816e3c55ab94dd71d
+      sha256: a1529c545fcbc899e5dcc7c94ff1c6ad0c334dfc99a3cda366b1da98af7c5678
       url: "https://pub.dev"
     source: hosted
-    version: "6.19.0"
+    version: "6.22.0"
   sentry_flutter:
     dependency: "direct main"
     description:
       name: sentry_flutter
-      sha256: a76cf5180d571535fb8fc3bf10358ab385d78134fcf652d0e03ba7741525ab09
+      sha256: cab07e99a8f27af94f399cabceaff6968011660505b30a0e2286728a81bc476c
       url: "https://pub.dev"
     source: hosted
-    version: "6.19.0"
+    version: "6.22.0"
   share_plus:
     dependency: "direct main"
     description:
@@ -1106,10 +1163,10 @@ packages:
     dependency: transitive
     description:
       name: share_plus_platform_interface
-      sha256: "82ddd4ab9260c295e6e39612d4ff00390b9a7a21f1bb1da771e2f232d80ab8a1"
+      sha256: "0c6e61471bd71b04a138b8b588fa388e66d8b005e6f2deda63371c5c505a0981"
       url: "https://pub.dev"
     source: hosted
-    version: "3.2.0"
+    version: "3.2.1"
   share_plus_web:
     dependency: transitive
     description:
@@ -1130,90 +1187,90 @@ packages:
     dependency: "direct main"
     description:
       name: shared_preferences
-      sha256: "5949029e70abe87f75cfe59d17bf5c397619c4b74a099b10116baeb34786fad9"
+      sha256: "0344316c947ffeb3a529eac929e1978fcd37c26be4e8468628bac399365a3ca1"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.17"
+    version: "2.2.0"
   shared_preferences_android:
     dependency: transitive
     description:
       name: shared_preferences_android
-      sha256: "955e9736a12ba776bdd261cf030232b30eadfcd9c79b32a3250dd4a494e8c8f7"
+      sha256: fe8401ec5b6dcd739a0fe9588802069e608c3fdbfd3c3c93e546cf2f90438076
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.15"
+    version: "2.2.0"
   shared_preferences_foundation:
     dependency: transitive
     description:
       name: shared_preferences_foundation
-      sha256: "2b55c18636a4edc529fa5cd44c03d3f3100c00513f518c5127c951978efcccd0"
+      sha256: f39696b83e844923b642ce9dd4bd31736c17e697f6731a5adf445b1274cf3cd4
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.3"
+    version: "2.3.2"
   shared_preferences_linux:
     dependency: transitive
     description:
       name: shared_preferences_linux
-      sha256: f8ea038aa6da37090093974ebdcf4397010605fd2ff65c37a66f9d28394cb874
+      sha256: "71d6806d1449b0a9d4e85e0c7a917771e672a3d5dc61149cc9fac871115018e1"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.3"
+    version: "2.3.0"
   shared_preferences_platform_interface:
     dependency: transitive
     description:
       name: shared_preferences_platform_interface
-      sha256: da9431745ede5ece47bc26d5d73a9d3c6936ef6945c101a5aca46f62e52c1cf3
+      sha256: "23b052f17a25b90ff2b61aad4cc962154da76fb62848a9ce088efe30d7c50ab1"
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.0"
+    version: "2.3.0"
   shared_preferences_web:
     dependency: transitive
     description:
       name: shared_preferences_web
-      sha256: a4b5bc37fe1b368bbc81f953197d55e12f49d0296e7e412dfe2d2d77d6929958
+      sha256: "7347b194fb0bbeb4058e6a4e87ee70350b6b2b90f8ac5f8bd5b3a01548f6d33a"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.4"
+    version: "2.2.0"
   shared_preferences_windows:
     dependency: transitive
     description:
       name: shared_preferences_windows
-      sha256: "5eaf05ae77658d3521d0e993ede1af962d4b326cd2153d312df716dc250f00c9"
+      sha256: f95e6a43162bce43c9c3405f3eb6f39e5b5d11f65fab19196cf8225e2777624d
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.3"
+    version: "2.3.0"
   shelf:
     dependency: transitive
     description:
       name: shelf
-      sha256: c24a96135a2ccd62c64b69315a14adc5c3419df63b4d7c05832a346fdb73682c
+      sha256: ad29c505aee705f41a4d8963641f91ac4cee3c8fad5947e033390a7bd8180fa4
       url: "https://pub.dev"
     source: hosted
-    version: "1.4.0"
+    version: "1.4.1"
   shelf_packages_handler:
     dependency: transitive
     description:
       name: shelf_packages_handler
-      sha256: aef74dc9195746a384843102142ab65b6a4735bb3beea791e63527b88cc83306
+      sha256: "89f967eca29607c933ba9571d838be31d67f53f6e4ee15147d5dc2934fee1b1e"
       url: "https://pub.dev"
     source: hosted
-    version: "3.0.1"
+    version: "3.0.2"
   shelf_static:
     dependency: transitive
     description:
       name: shelf_static
-      sha256: e792b76b96a36d4a41b819da593aff4bdd413576b3ba6150df5d8d9996d2e74c
+      sha256: a41d3f53c4adf0f57480578c1d61d90342cd617de7fc8077b1304643c2d85c1e
       url: "https://pub.dev"
     source: hosted
-    version: "1.1.1"
+    version: "1.1.2"
   shelf_web_socket:
     dependency: transitive
     description:
       name: shelf_web_socket
-      sha256: a988c0e8d8ffbdb8a28aa7ec8e449c260f3deb808781fe1284d22c5bba7156e8
+      sha256: "9ca081be41c60190ebcb4766b2486a7d50261db7bd0f5d9615f2d653637a84c1"
       url: "https://pub.dev"
     source: hosted
-    version: "1.0.3"
+    version: "1.0.4"
   sky_engine:
     dependency: transitive
     description: flutter
@@ -1223,18 +1280,18 @@ packages:
     dependency: transitive
     description:
       name: source_gen
-      sha256: "2d79738b6bbf38a43920e2b8d189e9a3ce6cc201f4b8fc76be5e4fe377b1c38d"
+      sha256: "373f96cf5a8744bc9816c1ff41cf5391bbdbe3d7a96fe98c622b6738a8a7bd33"
       url: "https://pub.dev"
     source: hosted
-    version: "1.2.6"
+    version: "1.3.2"
   source_helper:
     dependency: transitive
     description:
       name: source_helper
-      sha256: "3b67aade1d52416149c633ba1bb36df44d97c6b51830c2198e934e3fca87ca1f"
+      sha256: "6adebc0006c37dd63fe05bca0a929b99f06402fc95aa35bf36d67f5c06de01fd"
       url: "https://pub.dev"
     source: hosted
-    version: "1.3.3"
+    version: "1.3.4"
   source_map_stack_trace:
     dependency: transitive
     description:
@@ -1247,10 +1304,10 @@ packages:
     dependency: transitive
     description:
       name: source_maps
-      sha256: "490098075234dcedb83c5d949b4c93dad5e6b7702748de000be2b57b8e6b2427"
+      sha256: "708b3f6b97248e5781f493b765c3337db11c5d2c81c3094f10904bfa8004c703"
       url: "https://pub.dev"
     source: hosted
-    version: "0.10.11"
+    version: "0.10.12"
   source_span:
     dependency: transitive
     description:
@@ -1263,18 +1320,18 @@ packages:
     dependency: "direct main"
     description:
       name: sqflite
-      sha256: "78324387dc81df14f78df06019175a86a2ee0437624166c382e145d0a7fd9a4f"
+      sha256: b4d6710e1200e96845747e37338ea8a819a12b51689a3bcf31eff0003b37a0b9
       url: "https://pub.dev"
     source: hosted
-    version: "2.2.4+1"
+    version: "2.2.8+4"
   sqflite_common:
     dependency: transitive
     description:
       name: sqflite_common
-      sha256: bfd6973aaeeb93475bc0d875ac9aefddf7965ef22ce09790eb963992ffc5183f
+      sha256: "8f7603f3f8f126740bc55c4ca2d1027aab4b74a1267a3e31ce51fe40e3b65b8f"
       url: "https://pub.dev"
     source: hosted
-    version: "2.4.2+2"
+    version: "2.4.5+1"
   stack_trace:
     dependency: transitive
     description:
@@ -1327,10 +1384,10 @@ packages:
     dependency: transitive
     description:
       name: synchronized
-      sha256: "33b31b6beb98100bf9add464a36a8dd03eb10c7a8cf15aeec535e9b054aaf04b"
+      sha256: "5fcbd27688af6082f5abd611af56ee575342c30e87541d0245f7ff99faa02c60"
       url: "https://pub.dev"
     source: hosted
-    version: "3.0.1"
+    version: "3.1.0"
   term_glyph:
     dependency: transitive
     description:
@@ -1367,10 +1424,10 @@ packages:
     dependency: transitive
     description:
       name: timezone
-      sha256: "24c8fcdd49a805d95777a39064862133ff816ebfffe0ceff110fb5960e557964"
+      sha256: "1cfd8ddc2d1cfd836bc93e67b9be88c3adaeca6f40a00ca999104c30693cdca0"
       url: "https://pub.dev"
     source: hosted
-    version: "0.9.1"
+    version: "0.9.2"
   timing:
     dependency: transitive
     description:
@@ -1379,14 +1436,22 @@ packages:
       url: "https://pub.dev"
     source: hosted
     version: "1.0.1"
+  tuple:
+    dependency: "direct main"
+    description:
+      name: tuple
+      sha256: a97ce2013f240b2f3807bcbaf218765b6f301c3eff91092bcfa23a039e7dd151
+      url: "https://pub.dev"
+    source: hosted
+    version: "2.0.2"
   typed_data:
     dependency: transitive
     description:
       name: typed_data
-      sha256: "26f87ade979c47a150c9eaab93ccd2bebe70a27dc0b4b29517f2904f04eb11a5"
+      sha256: facc8d6582f16042dd49f2463ff1bd6e2c9ef9f3d5da3d9b087e244a7b564b3c
       url: "https://pub.dev"
     source: hosted
-    version: "1.3.1"
+    version: "1.3.2"
   uni_links:
     dependency: "direct main"
     description:
@@ -1415,74 +1480,74 @@ packages:
     dependency: transitive
     description:
       name: universal_io
-      sha256: "79f78ddad839ee3aae3ec7c01eb4575faf0d5c860f8e5223bc9f9c17f7f03cef"
+      sha256: "06866290206d196064fd61df4c7aea1ffe9a4e7c4ccaa8fcded42dd41948005d"
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.4"
+    version: "2.2.0"
   url_launcher:
     dependency: "direct main"
     description:
       name: url_launcher
-      sha256: "698fa0b4392effdc73e9e184403b627362eb5fbf904483ac9defbb1c2191d809"
+      sha256: eb1e00ab44303d50dd487aab67ebc575456c146c6af44422f9c13889984c00f3
       url: "https://pub.dev"
     source: hosted
-    version: "6.1.8"
+    version: "6.1.11"
   url_launcher_android:
     dependency: transitive
     description:
       name: url_launcher_android
-      sha256: "3e2f6dfd2c7d9cd123296cab8ef66cfc2c1a13f5845f42c7a0f365690a8a7dd1"
+      sha256: "15f5acbf0dce90146a0f5a2c4a002b1814a6303c4c5c075aa2623b2d16156f03"
       url: "https://pub.dev"
     source: hosted
-    version: "6.0.23"
+    version: "6.0.36"
   url_launcher_ios:
     dependency: transitive
     description:
       name: url_launcher_ios
-      sha256: bb328b24d3bccc20bdf1024a0990ac4f869d57663660de9c936fb8c043edefe3
+      sha256: "9af7ea73259886b92199f9e42c116072f05ff9bea2dcb339ab935dfc957392c2"
       url: "https://pub.dev"
     source: hosted
-    version: "6.0.18"
+    version: "6.1.4"
   url_launcher_linux:
     dependency: transitive
     description:
       name: url_launcher_linux
-      sha256: "318c42cba924e18180c029be69caf0a1a710191b9ec49bb42b5998fdcccee3cc"
+      sha256: "207f4ddda99b95b4d4868320a352d374b0b7e05eefad95a4a26f57da413443f5"
       url: "https://pub.dev"
     source: hosted
-    version: "3.0.2"
+    version: "3.0.5"
   url_launcher_macos:
     dependency: transitive
     description:
       name: url_launcher_macos
-      sha256: "41988b55570df53b3dd2a7fc90c76756a963de6a8c5f8e113330cb35992e2094"
+      sha256: "1c4fdc0bfea61a70792ce97157e5cc17260f61abbe4f39354513f39ec6fd73b1"
       url: "https://pub.dev"
     source: hosted
-    version: "3.0.2"
+    version: "3.0.6"
   url_launcher_platform_interface:
     dependency: transitive
     description:
       name: url_launcher_platform_interface
-      sha256: "4eae912628763eb48fc214522e58e942fd16ce195407dbf45638239523c759a6"
+      sha256: bfdfa402f1f3298637d71ca8ecfe840b4696698213d5346e9d12d4ab647ee2ea
       url: "https://pub.dev"
     source: hosted
-    version: "2.1.1"
+    version: "2.1.3"
   url_launcher_web:
     dependency: transitive
     description:
       name: url_launcher_web
-      sha256: "44d79408ce9f07052095ef1f9a693c258d6373dc3944249374e30eff7219ccb0"
+      sha256: cc26720eefe98c1b71d85f9dc7ef0cada5132617046369d9dc296b3ecaa5cbb4
       url: "https://pub.dev"
     source: hosted
-    version: "2.0.14"
+    version: "2.0.18"
   url_launcher_windows:
     dependency: transitive
     description:
       name: url_launcher_windows
-      sha256: b6217370f8eb1fd85c8890c539f5a639a01ab209a36db82c921ebeacefc7a615
+      sha256: "7967065dd2b5fccc18c653b97958fdf839c5478c28e767c61ee879f4e7882422"
       url: "https://pub.dev"
     source: hosted
-    version: "3.0.3"
+    version: "3.0.7"
   uuid:
     dependency: "direct main"
     description:
@@ -1519,10 +1584,10 @@ packages:
     dependency: transitive
     description:
       name: web_socket_channel
-      sha256: ca49c0bc209c687b887f30527fb6a9d80040b072cc2990f34b9bec3e7663101b
+      sha256: d88238e5eac9a42bb43ca4e721edba3c08c6354d4a53063afaa568516217621b
       url: "https://pub.dev"
     source: hosted
-    version: "2.3.0"
+    version: "2.4.0"
   webkit_inspection_protocol:
     dependency: transitive
     description:
@@ -1535,10 +1600,10 @@ packages:
     dependency: transitive
     description:
       name: win32
-      sha256: c9ebe7ee4ab0c2194e65d3a07d8c54c5d00bb001b76081c4a04cdb8448b59e46
+      sha256: a6f0236dbda0f63aa9a25ad1ff9a9d8a4eaaa5012da0dc59d21afdb1dc361ca4
       url: "https://pub.dev"
     source: hosted
-    version: "3.1.3"
+    version: "3.1.4"
   xdg_directories:
     dependency: transitive
     description:
@@ -1551,10 +1616,10 @@ packages:
     dependency: transitive
     description:
       name: xml
-      sha256: ac0e3f4bf00ba2708c33fbabbbe766300e509f8c82dbd4ab6525039813f7e2fb
+      sha256: "979ee37d622dec6365e2efa4d906c37470995871fe9ae080d967e192d88286b5"
       url: "https://pub.dev"
     source: hosted
-    version: "6.1.0"
+    version: "6.2.2"
   xmlstream:
     dependency: transitive
     description:
@@ -1567,10 +1632,10 @@ packages:
     dependency: transitive
     description:
       name: yaml
-      sha256: "23812a9b125b48d4007117254bca50abb6c712352927eece9e155207b1db2370"
+      sha256: "75769501ea3489fca56601ff33454fe45507ea3bfb014161abc3b43ae25989d5"
       url: "https://pub.dev"
     source: hosted
-    version: "3.1.1"
+    version: "3.1.2"
 sdks:
-  dart: ">=2.18.0 <3.0.0"
+  dart: ">=2.19.0 <3.0.0"
   flutter: ">=3.7.0"

pubspec.yaml

@@ -1,18 +1,21 @@
 name: ente_auth
 description: ente two-factor authenticator
-version: 1.0.40+40
+version: 1.0.54+54
 publish_to: none
 
 environment:
-  sdk: '>=2.17.0 <3.0.0'
+  sdk: ">=2.17.0 <3.0.0"
 
 dependencies:
   adaptive_theme: ^3.1.0 # done
+  archive: ^3.3.7
+  base32: ^2.1.3
   bip39: ^1.0.6 #done
   bloc: ^8.0.3 #done
   clipboard: ^0.1.3
   collection: # dart
-  computer: ^2.0.0
+  computer:
+    git: "https://github.com/ente-io/computer.git"
   confetti: ^0.7.0
   connectivity: ^3.0.3
   cupertino_icons: ^1.0.0
@@ -46,7 +49,7 @@ dependencies:
   http: ^0.13.4
   intl: ^0.17.0
   json_annotation: ^4.5.0
-  local_auth: ^1.1.5
+  local_auth: ^2.1.3
   logging: ^1.0.1
   modal_bottom_sheet: ^3.0.0-pre
   move_to_background: ^1.0.2
@@ -56,7 +59,10 @@ dependencies:
   password_strength: ^0.2.0
   path_provider: ^2.0.11
   pinput: ^1.2.2
+  pointycastle: ^3.7.3
+  protobuf: ^3.0.0
   qr_code_scanner: ^1.0.1
+  qr_flutter: 4.0.0
   sentry: ^6.12.1
   sentry_flutter: ^6.12.1
   share_plus: ^4.4.0
@@ -64,6 +70,7 @@ dependencies:
   sqflite: ^2.1.0
   step_progress_indicator: ^1.0.2
   styled_text: ^7.0.0
+  tuple: ^2.0.0
   uni_links: ^0.5.1
   url_launcher: ^6.1.5
   uuid: ^3.0.4
@@ -77,7 +84,6 @@ dev_dependencies:
   lints: ^1.0.1
   mocktail: ^0.3.0
 
-
 # The following section is specific to Flutter.
 flutter:
   uses-material-design: true

test/app/view/app_test.dart

@@ -1,13 +0,0 @@
-import "dart:ui";
-
-import "package:ente_auth/app/app.dart";
-import "package:flutter_test/flutter_test.dart";
-
-void main() {
-  group("App", () {
-    testWidgets("renders CounterPage", (tester) async {
-      await tester.pumpWidget(const App(locale: Locale("en")));
-      // expect(find.byType(CounterPage), findsOneWidget);
-    });
-  });
-}

test/models/code_test.dart

@@ -19,4 +19,36 @@ void main() {
     expect(code.account, "testdata@ente.io", reason: "accountMismatch");
     expect(code.secret, "ASKZNWOU6SVYAMVS");
   });
+
+  test("validateCount", () {
+    final code = Code.fromRawData(
+      "otpauth://hotp/testdata@ente.io?secret=ASKZNWOU6SVYAMVS&issuer=GitHub&counter=15",
+    );
+    expect(code.issuer, "GitHub", reason: "issuerMismatch");
+    expect(code.account, "testdata@ente.io", reason: "accountMismatch");
+    expect(code.secret, "ASKZNWOU6SVYAMVS");
+    expect(code.counter, 15);
+  });
+//
+
+  test("parseWithFunnyAccountName", () {
+    final code = Code.fromRawData(
+      "otpauth://totp/Mongo Atlas:Acc !@#444?algorithm=sha1&digits=6&issuer=Mongo Atlas&period=30&secret=NI4CTTFEV4G2JFE6",
+    );
+    expect(code.issuer, "Mongo Atlas", reason: "issuerMismatch");
+    expect(code.account, "Acc !@#444", reason: "accountMismatch");
+    expect(code.secret, "NI4CTTFEV4G2JFE6");
+  });
+
+  test("parseAndUpdateInChinese", () {
+    const String rubberDuckQr =
+        'otpauth://totp/%E6%A9%A1%E7%9A%AE%E9%B8%AD?secret=2CWDCK4EOIN5DJDRMYUMYBBO4MKSR5AX&issuer=ente.io';
+    final code = Code.fromRawData(rubberDuckQr);
+    expect(code.account, '橡皮鸭');
+    final String updatedRawCode =
+        code.copyWith(account: '伍迪', issuer: '鸭子').rawData;
+    final updateCode = Code.fromRawData(updatedRawCode);
+    expect(updateCode.account, '伍迪', reason: 'updated accountMismatch');
+    expect(updateCode.issuer, '鸭子', reason: 'updated issuerMismatch');
+  });
 }

test/widget_test.dart

@@ -1,28 +0,0 @@
-// This is a basic Flutter widget test.
-//
-// To perform an interaction with a widget in your test, use the WidgetTester
-// utility in the flutter_test package. For example, you can send tap and scroll
-// gestures. You can also use WidgetTester to find child widgets in the widget
-// tree, read text, and verify that the values of widget properties are correct.
-
-import "package:ente_auth/app/view/app.dart";
-import "package:flutter_test/flutter_test.dart";
-
-void main() {
-  testWidgets("Counter increments smoke test", (WidgetTester tester) async {
-    // Build our app and trigger a frame.
-    await tester.pumpWidget(const App());
-
-    // Verify that our counter starts at 0.
-    expect(find.text("Get Started"), findsOneWidget);
-    expect(find.text("1"), findsNothing);
-
-    // // Tap the "+" icon and trigger a frame.
-    // await tester.tap(find.byIcon(Icons.add));
-    // await tester.pump();
-    //
-    // // Verify that our counter has incremented.
-    // expect(find.text("0"), findsNothing);
-    // expect(find.text("1"), findsOneWidget);
-  });
-}

windows/flutter/generated_plugin_registrant.cc

@@ -7,12 +7,15 @@
 #include "generated_plugin_registrant.h"
 
 #include <flutter_secure_storage_windows/flutter_secure_storage_windows_plugin.h>
+#include <local_auth_windows/local_auth_plugin.h>
 #include <sentry_flutter/sentry_flutter_plugin.h>
 #include <url_launcher_windows/url_launcher_windows.h>
 
 void RegisterPlugins(flutter::PluginRegistry* registry) {
   FlutterSecureStorageWindowsPluginRegisterWithRegistrar(
       registry->GetRegistrarForPlugin("FlutterSecureStorageWindowsPlugin"));
+  LocalAuthPluginRegisterWithRegistrar(
+      registry->GetRegistrarForPlugin("LocalAuthPlugin"));
   SentryFlutterPluginRegisterWithRegistrar(
       registry->GetRegistrarForPlugin("SentryFlutterPlugin"));
   UrlLauncherWindowsRegisterWithRegistrar(

windows/flutter/generated_plugins.cmake

@@ -4,6 +4,7 @@
 
 list(APPEND FLUTTER_PLUGIN_LIST
   flutter_secure_storage_windows
+  local_auth_windows
   sentry_flutter
   url_launcher_windows
 )