Metamask-extension: Add auto-logout timer and warning

yeah this is a legit feature request
but not relevant until we are on mainnet
we should implement this soon so we can perfect the ux, signalling that its closed, etc

MVP is to enable by default, lock out after some time period, with a boolean check in config.

Hi I wanted to take a crack at creating a PR for this, I have been using metamask myself for a bit now and would really like an auto lock option as I always forget. Is there a way I can help contribute?

In some ways, this is a very simple feature, but it also requires understanding a pretty wide portion of MetaMask's architecture.

Without going into a full lesson/screencast (which I really should maybe do), the key files here would be:

• Preferences Controller, for recording the timeout duration and boolean for disabling.
• MetaMask Controller for exposing the new timer managing methods from the Preferences Controller to the UI.
• ui/app/actions.js for exposing those MetaMask controller api methods as redux actions to the UI.
• ui/app/config.js for creating the timeout UI.

I would like to suggest the timer to be based on last interaction with Metamask and not based on last login. Eagerly waiting for this feature!

I think this is a security risk waiting to happen. Auto-logoff is default on most apps and many desktop wallets. I never remember to go log off - especially since its off in a sub menu. My brain is often 3 levels deep into a trade or sending a friend coins - not worried about recalling to see if this particular wallet logs me off (I have like 10 various wallet softwares). I once found Metamask logged in and it had been a weeks!

My opinion is that it should be bumped up for implementation consideration because it effects the security of so many users of your great tool. Default to 30 min auto-logoff... have an advanced setting to change it to any time-frame or off.

Thanks for the superb wallet!

@cjeria _does_ this need design? We could simply auto-lock after a certain time period has passed.

cc @bdresser

relates to #5790

Let's address this with a drop-down in the "Security and Privacy" portion of settings.

Default behavior remains the same, but allow users to specify a time after which the extension requires unlocking.

Is this done, or has it been decided not to implement it?

@asymmetric I "closed" this because the work was done with https://github.com/MetaMask/metamask-extension/pull/6558 and merged to our develop branch. Your comment has prompted myself and @whymarrh to realize that my closing of the issue was incorrect for two reasons:
(1) I should have left a comment to say why I was closing
(2) The PR that I thought completed this was insufficient. There is a little more work needed.

So reopening for now, and will give proper comment before next closing