Hi,
I’m using localStorage in my app to store authentication data so that my users don’t have to log in every time they use the app. It looks like it’s working when I run it while developing, but then when it’s used in production it seems like users have to log in every other day.
Is localStorage cleared sporadically in ionic apps?
Should I use the Storage plugin instead?
iPhones will indeed sporadically clear localStorage, apparently in order to make more space on the phone.
So if you need something less violate then Storage is the way to go.
Do I have to mention how unsecure it is to save user data locally? Or do u encrypt them somehow?
Please do mention and please reference any relevant sources. This is quite important to me, but I don’t know much about it unfortunately.
Here is a nice article about this Problem:
You didn’t mention the whole story. How are you authenticating a backend server ? A php script ?
A node engine ? If so. The official answer is Passport.
How critical is this ? Do you need change-password , forgot-password and signup?
I hate to be a buzz kill to tell you to change your design but
I would use firebase or Auth0 for login mechanism.
Unless you can use node +passport+ bcrypt.
Firebase auth takes about 20 minutes to set up.
Okay, so I may have expressed myself unclear - but I’m not storing any passwords in localStorage. But I am storing accessToken and refreshTokens in there. Does that change anything?
According to Auth0:
Refresh tokens are subject to strict storage requirements to ensure that they are not leaked.
How would someone with malicious intent access localStorage in a mobile/hybrid app? That’s the part I don’t understand.