-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve security for storing current user profile and access token in client app #250
Labels
Comments
👍 for this. |
Steven-Chan
added a commit
to SkygearIO/skygear-SDK-Android
that referenced
this issue
Sep 24, 2018
Steven-Chan
added a commit
to SkygearIO/skygear-SDK-iOS
that referenced
this issue
Sep 26, 2018
This was referenced Sep 27, 2018
carmenlau
added a commit
to SkygearIO/skygear-SDK-iOS
that referenced
this issue
Oct 2, 2018
carmenlau
added a commit
to SkygearIO/skygear-SDK-Android
that referenced
this issue
Oct 2, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Currently ios is using
UserDefaults
, android is usingSharedPreferences
, and js is using local storage. To improve the security, we should use a more secured store for current user data.Some reference:
iOS keychain services: https://developer.apple.com/documentation/security/keychain_services
example: https://developer.apple.com/library/archive/samplecode/GenericKeychain/Listings/GenericKeychain_KeychainPasswordItem_swift.html#//apple_ref/doc/uid/DTS40007797-GenericKeychain_KeychainPasswordItem_swift-DontLinkElementID_7
Android keystore system: https://developer.android.com/training/articles/keystore
Scenario
Put list of Scenario how developers will use this API
Portal Design
Remove this section if the feature have no Portal
API Design
Remove this section if the feature have no API
Open Questions
Put a list of open questions here before a complete design / specification is decided
Related Issues
The text was updated successfully, but these errors were encountered: