RocketChat · reinaldonetof · Feb 21, 2022 · Jan 27, 2022 · Jan 28, 2022 · Jan 27, 2022
diff --git a/app/lib/rocketchat/rocketchat.js b/app/lib/rocketchat/rocketchat.js
@@ -175,6 +175,17 @@ const RocketChat = {
 			message: I18n.t('Not_RC_Server', { contact: I18n.t('Contact_your_server_admin') })
 		};
 	},
+	async getServerTimeSync(server) {
+		try {
+			const response = await RNFetchBlob.fetch('GET', `${server}/_timesync`);
+			if (response?.data) {
+				return parseInt(response.data);
+			}
+			return null;
+		} catch {
+			return null;
+		}
+	},
 	stopListener(listener) {
 		return listener && listener.stop();
 	},

diff --git a/app/utils/localAuthentication.ts b/app/utils/localAuthentication.ts
@@ -1,12 +1,13 @@
 import * as LocalAuthentication from 'expo-local-authentication';
-import moment from 'moment';
 import RNBootSplash from 'react-native-bootsplash';
 import AsyncStorage from '@react-native-community/async-storage';
 import { sha256 } from 'js-sha256';
+import moment from 'moment';
 
 import UserPreferences from '../lib/userPreferences';
 import { store } from '../lib/auxStore';
 import database from '../lib/database';
+import RocketChat from '../lib/rocketchat';
 import {
 	ATTEMPTS_KEY,
 	BIOMETRY_ENABLED_KEY,
@@ -22,15 +23,19 @@ import EventEmitter from './events';
 import { isIOS } from './deviceInfo';
 
 export const saveLastLocalAuthenticationSession = async (server: string, serverRecord?: TServerModel): Promise<void> => {
+	// We need to get the timesync again because this function is been called when we turn the app to background too
+	const timesync = await RocketChat.getServerTimeSync(server);
+
 	const serversDB = database.servers;
 	const serversCollection = serversDB.get('servers');
 	await serversDB.write(async () => {
 		try {
 			if (!serverRecord) {
-				serverRecord = (await serversCollection.find(server)) as TServerModel;
+				serverRecord = await serversCollection.find(server);
 			}
+			const time = timesync || 0;
 			await serverRecord.update(record => {
-				record.lastLocalAuthenticatedSession = new Date();
+				record.lastLocalAuthenticatedSession = new Date(time);
 			});
 		} catch (e) {
 			// Do nothing
@@ -103,6 +108,9 @@ export const localAuthenticate = async (server: string): Promise<void> => {
 
 	// if screen lock is enabled
 	if (serverRecord?.autoLock) {
+		// Get time from server
+		const timesync = await RocketChat.getServerTimeSync(server);
+
 		// Make sure splash screen has been hidden
 		try {
 			await RNBootSplash.hide();
@@ -116,10 +124,10 @@ export const localAuthenticate = async (server: string): Promise<void> => {
 		// `checkHasPasscode` results newPasscode = true if a passcode has been set
 		if (!result?.newPasscode) {
 			// diff to last authenticated session
-			const diffToLastSession = moment().diff(serverRecord?.lastLocalAuthenticatedSession, 'seconds');
+			const diffToLastSession = moment(timesync).diff(serverRecord?.lastLocalAuthenticatedSession, 'seconds');
 
-			// if last authenticated session is older than configured auto lock time, authentication is required
-			if (diffToLastSession >= serverRecord.autoLockTime!) {
+			// if can't receive the timesync value from the server or last authenticated session is older than configured auto lock time, authentication is required
+			if (!timesync || (serverRecord?.autoLockTime && diffToLastSession >= serverRecord.autoLockTime)) {
 				// set isLocalAuthenticated to false
 				store.dispatch(setLocalAuthenticated(false));