在 Android 应用程序中存储用户设置的最合适方法是什么 [英] What is the most appropriate way to store user settings in Android application

查看:32
本文介绍了在 Android 应用程序中存储用户设置的最合适方法是什么的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在创建一个使用用户名/密码连接到服务器的应用程序,我想启用保存密码"选项,这样用户就不必在每次应用程序启动时输入密码.

I am creating an application which connects to the server using username/password and I would like to enable the option "Save password" so the user wouldn't have to type the password each time the application starts.

我尝试使用共享首选项来实现,但不确定这是否是最佳解决方案.

I was trying to do it with Shared Preferences but am not sure if this is the best solution.

对于如何在 Android 应用程序中存储用户值/设置的任何建议,我将不胜感激.

I would appreciate any suggestion on how to store user values/settings in Android application.

推荐答案

一般而言,SharedPreferences 是存储首选项的最佳选择,因此一般而言,我建议使用这种方法来保存应用程序和用户设置.

In general SharedPreferences are your best bet for storing preferences, so in general I'd recommend that approach for saving application and user settings.

这里唯一需要关注的方面是您正在保存的内容.存储密码总是一件棘手的事情,我会特别谨慎地将它们存储为明文.Android 架构是这样的,您的应用程序的 SharedPreferences 被沙盒化以防止其他应用程序能够访问这些值,因此那里有一些安全性,但对手机的物理访问可能允许访问这些值.

The only area of concern here is what you're saving. Passwords are always a tricky thing to store, and I'd be particularly wary of storing them as clear text. The Android architecture is such that your application's SharedPreferences are sandboxed to prevent other applications from being able to access the values so there's some security there, but physical access to a phone could potentially allow access to the values.

如果可能,我会考虑修改服务器以使用协商令牌来提供访问权限,例如 OAuth.或者,您可能需要构建某种加密存储,尽管这很重要.至少,请确保在将密码写入磁盘之前对其进行加密.

If possible I'd consider modifying the server to use a negotiated token for providing access, something like OAuth. Alternatively you may need to construct some sort of cryptographic store, though that's non-trivial. At the very least, make sure you're encrypting the password before writing it to disk.

这篇关于在 Android 应用程序中存储用户设置的最合适方法是什么的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆