什么是最合适的方式来存储在Android应用程序的用户设置 [英] What is the most appropriate way to store user settings in Android application

问题描述

我创造它连接到服务器的应用程序使用用户名/密码，我想使保存密码选项，这样用户就不必每次都输入密码的应用程序启动。

I am creating an application which connects to the server using username/password and I would like to enable the option "Save password" so the user wouldn't have to type the password each time the application starts.

我试图与共享preferences做，但我不知道这是否是最佳的解决方案。

I was trying to do it with Shared Preferences but am not sure if this is the best solution.

我会AP preciate如何存储在Android应用程序的用户价值/设置的任何建议。

I would appreciate any suggestion on how to store user values/settings in Android application.

推荐答案

在一般的共享preferences是存储preferences你最好的选择，所以一般我建议的方法用于保存应用程序和用户设置

In general SharedPreferences are your best bet for storing preferences, so in general I'd recommend that approach for saving application and user settings.

在这里关注的唯一领域是要保存的东西。密码总是一件棘手的事情来存储，而且我会特别警惕它们存储明文的。 Android的架构使得应用程序的共享preferences从能够访问值，因此有一定的安全有沙盒，以prevent其他应用程序，但手机的物理访问可能允许访问的值。

The only area of concern here is what you're saving. Passwords are always a tricky thing to store, and I'd be particularly wary of storing them as clear text. The Android architecture is such that your application's SharedPreferences are sandboxed to prevent other applications from being able to access the values so there's some security there, but physical access to a phone could potentially allow access to the values.

如果可能，我会考虑修改服务器使用谈判的令牌提供接入，像的OAuth 。或者你可能需要建立某种形式的加密存储，虽然这是不平凡的。最起码，要确保你加密密码，将其写入磁盘之前。

If possible I'd consider modifying the server to use a negotiated token for providing access, something like OAuth. Alternatively you may need to construct some sort of cryptographic store, though that's non-trivial. At the very least, make sure you're encrypting the password before writing it to disk.

这篇关于什么是最合适的方式来存储在Android应用程序的用户设置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！