-1

Good day, I am currently building the Login system for an Android App (it connects to a server and retrieves a web token) and I have multiple questions on the matter:

  • What is the preferred way for storing such token locally in Android?
  • Is there a library that allows me to encrypt it and store it safely on SharedPrefs without needing to store separately the Key and Salt for the encryption?
  • Is it safe to send the token from LoginActivity to AnotherActivity inside an Intent Extra?

Apart, an additional question would be if it is safe to send the email/password combination from LoginActivity to LoginViewModel and finally to the DataSource (EndpointInterface, etc) by passing them as parameters to methods of such classes.

Thanks in advance!

Improve this question
0

3 Answers 3

Reset to default
1

SharedPreferences is best for storing the data locally. When you app have existence in system the data will present and you can easily access throughout the app.

SharedPreferences mPreferences = context.getSharedPreferences(PREF_NAME,PRIVATE_MODE); mSharedEditor = mPreferences.edit(); for save the token

mSharedEditor.putString("FCM_TOKEN",fcmToken); mSharedEditor.commit();

**to get the token **

mPreferences.getString("FCM_TOKEN",null)
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0
  1. shared prefs are pretty safe, can be accessed only by your app or root user.
  2. not sure about library, but u can use some simple ndk methods to encrypt/decrypt data. it will give you some extra points of security
  3. Its safe if u use explicit intents

P.s. if your app is a bank client, than you should n't folow this answer

Improve this answer

Comments

0

Use account manager for this case.

https://developer.android.com/reference/android/accounts/AccountManager.html

You can even share your account manager across apps as long as they are signed by the same keystore cert.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.