JWT Cookies or Local Storage for Mobile Apps
-
After researching on this topic a couple of days, it seems the usage of JWT cookies is safer than local storage but is cookies applicable for Cordova mobile (Android/iOS) apps?
-
Yes. From my understanding, using cookies in Cordova requires a plugin, but should be ok otherwise.
@metalsadman can probably offer more insight.
Scott
-
@susansiow it’s relatively safe to use local storage in mobile apps. furthermore you can use something like https://github.com/softvar/secure-ls to encrypt your localstorage data. IOS clears the local storage on low memory without notice tho, so take also that in consideration.
-
@metalsadman Thanks for the light!
-
@s-molinari Thanks for sharing your view!
-
@susansiow just take note that IOS may clear the local storage on low memory without notice.
-
@metalsadman Noted with thanks!
-
@metalsadman Sorry, just want to confirm that whether JWT cookies are applicable for Cordova mobile apps.
-
@susansiow yeah, there should be a plugin out there in the cordova wild. I suppose you are looking for some kind of persistent login, then there also plugins that provide api where you can save your jwt in the app’s shared preference.
-
@metalsadman Noted, it means local storage is still the best choice in this case, thank you!
My backend API is constructed, I wonder if you can share your thoughts on my queries - https://forum.quasar-framework.org/topic/8081/cordova-mobile-apps-signed-builds-and-env-file , is it advised to break the app into two parts (backend API and frontend Cordova app) or is it fine to include both into a Cordova’s signed build? My concern is the .env file (with backend/db credentials).
Thanking you in advance!
