如何在React Native应用程序中确保客户端JSON Web令牌安全? [英] How to keep client JSON web token secure in a React Native app?
问题描述
我们正在为iOS开发一个React Native应用,并且正在使用基于node + express + jsonwebtoken构建的内部API.
We are building a React Native app for iOS and we are using an internal API built on node + express + jsonwebtoken.
当用户使用用户名/密码登录时,服务器会验证这些凭据并将其发送回客户端JSON Web令牌,然后必须将其与每个API请求一起发送.因此,React本机应用程序必须存储此令牌.
When the user logs in with username/password, the server validates those credentials and sends the client back a JSON web token that they must then send along with every API request. So the React native app must store this token.
如何在React本机应用程序中安全地存储此客户端令牌?除了将令牌存储在变量中之外,是否还需要采取其他任何步骤?
How do I securely store this client token in the React native app? Is it necessary to take any additional steps besides just storing the token in a variable?
推荐答案
To be app agnostic, I would store it using ASyncStorage. In fact I am testing this on a new project.
这篇关于如何在React Native应用程序中确保客户端JSON Web令牌安全?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!