feat(auth): add biometric authentication support

[grdsdev]

Summary

Add biometric authentication (Face ID/Touch ID) support to the Auth module. Features include configurable policies (.default, .always, .session(timeout:), .appLifecycle), automatic integration with session retrieval, and full Swift 6/Sendable conformance.

Usage

// Check biometric availability
let availability = client.auth.biometricsAvailability()
if availability.isAvailable {
    // Enable biometrics with custom policy
    try await client.auth.enableBiometrics(
        title: "Unlock with Face ID",
        policy: .session(timeoutInSeconds: 300)
    )
}

// Get session - automatically prompts for biometrics when enabled
let session = try await client.auth.session

// Check if auth would be required (useful for UI hints)
if client.auth.isBiometricAuthenticationRequired() {
    // Show "unlock" UI
}

// Force re-authentication on next access
client.auth.invalidateBiometricSession()

// Disable biometrics
client.auth.disableBiometrics()

Policies:

• .default - Authenticate on first access only
• .always - Authenticate every time
• .session(timeoutInSeconds:) - Authenticate after timeout expires
• .appLifecycle - Authenticate when returning from background

Changes

• New types: BiometricTypes, BiometricAuthenticator, BiometricSession, BiometricStorage
• Internal helper: withBiometrics() for protecting sensitive operations
• AuthClient API: enableBiometrics(), disableBiometrics(), biometricsAvailability(), isBiometricAuthenticationRequired()
• SessionManager integration: automatic biometric checks via withBiometrics guard
• Platform support: iOS, macOS, tvOS, watchOS, visionOS via conditional compilation

Test Plan

• Verify builds successfully on all platforms
• Test biometrics availability detection
• Test each policy type: .default, .always, .session(timeout:), .appLifecycle
• Verify session() automatically prompts for biometrics when enabled
• Test user cancellation returns .userCancelled error
• Test disableBiometrics() removes biometric requirement

🤖 Generated with Claude Code

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch grdsdev/auth-biometrics

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[kkarlsen06]

This caught my eye and is a valued addition. This made it much easier to implement stable Face ID authentication in my iOS app using the Supabase-swift SDK.