@heywhy/ns-secure-storage
by heywhy | v0.3.0
Add a plugin description
npm i --save @heywhy/ns-secure-storage

@heywhy/ns-secure-storage

NPM version Twitter Follow

Installation

From the command prompt go to your app's root folder and execute:

ns plugin add @heywhy/ns-secure-storage

Usage

This plugin maintains the same API as @nativescript/secure-storage but with missing improvements.

iOS Security++

By default the plugin uses kSecAttrAccessibleAlwaysThisDeviceOnly access control to the keychain. This means that the keychain value can be accessed even if the device is locked. If you want to enhance security and you do not need background access, or if you want to allow the value to be backed up and migrated to another device, you can use any of keys defined here and pass it when you create an instance of SecureStorage, for example

declare const kSecAttrAccessibleWhenUnlockedThisDeviceOnly; // This is needed in case you don't have tns-platform-declarations module installed. 
const secureStorage = new SecureStorage({accessibilityType: kSecAttrAccessibleWhenUnlockedThisDeviceOnly})

iOS Simulator

Currently this plugin defaults to using NSUserDefaults on iOS Simulators. You can change this behaviour by providing disableFallbackToUserDefaults to the constructor of SecureStorage. This then uses the keychain instead of NSUserDefaults on simulators.

const secureStorage = new SecureStorage({disableFallbackToUserDefaults: true})

If you're running into issues similar to issue_10, consider using the default behaviour again.

iOS Keychain Access Groups

You can share secrets between apps/extensions via Keychain access groups.

To setup:

  • Add a keychain access group entitlement to your app by adding an entry in the app/App_Resources/iOS/<someName>.entitlements file.

    e.g.

    <key>keychain-access-groups</key>
    <array>
    <string>$(AppIdentifierPrefix)com.my.app.sharedgroup</string>
    </array>
  • Then in your app specify the accessGroup property when getting/setting values. e.g.

    import { SecureStorage } from "@heywhy/ns-secure-storage";

    export class MyComponent {
    secureStorage = new SecureStorage();
    // a method that can be called from your view
    setSecureValue() {
    this.secureStorage.set({
    accessGroup:"<TeamID>.com.my.app.sharedgroup",
    key: 'myKey',
    value: 'my value'
    }).then(success => { console.log(success)});
    }
    }

License

Apache License Version 2.0