在iOS中存储有关用户的信息

时间:2016-08-08 08:06:50

标签: ios objective-c core-data nsuserdefaults amazon-cognito

我想存储一些基本信息,其中一些是敏感数据。

我通常想要存储的信息是:

username
identityId (unique user identityid for amazon users)
some other basic user details
email (but no passwords stored)

我读到使用NSUserDefaults很容易入侵或查看和存储其中一些像用户名和identityId不够好。我应该使用核心数据还是其他什么?我需要加密核心数据吗?这些数据并不是非常敏感,但我仍然希望谨慎对待。从技术上讲,它将是登录用户的一个数据,并在用户注销时清除。

关于一个记录核心数据文件的任何简单教程都会很棒。

3 个答案:

答案 0 :(得分:0)

使用密钥链存储此类数据:

npm install gulp -g

<强>用法 

import UIKit
import Security

// Identifiers
let serviceIdentifier = "MySerivice"
let userAccount = "authenticatedUser"
let accessGroup = "MySerivice"

// Arguments for the keychain queries
let kSecClassValue = kSecClass.takeRetainedValue() as NSString
let kSecAttrAccountValue = kSecAttrAccount.takeRetainedValue() as NSString
let kSecValueDataValue = kSecValueData.takeRetainedValue() as NSString
let kSecClassGenericPasswordValue = kSecClassGenericPassword.takeRetainedValue() as NSString
let kSecAttrServiceValue = kSecAttrService.takeRetainedValue() as NSString
let kSecMatchLimitValue = kSecMatchLimit.takeRetainedValue() as NSString
let kSecReturnDataValue = kSecReturnData.takeRetainedValue() as NSString
let kSecMatchLimitOneValue = kSecMatchLimitOne.takeRetainedValue() as NSString

class KeychainService: NSObject {

  /**
   * Exposed methods to perform queries.
   * Note: feel free to play around with the arguments
   * for these if you want to be able to customise the
   * service identifier, user accounts, access groups, etc.
   */
  public class func saveToken(token: NSString) {
    self.save(serviceIdentifier, data: token)
  }

  public class func loadToken() -> NSString? {
    var token = self.load(serviceIdentifier)

    return token
  }

  /**
   * Internal methods for querying the keychain.
   */
  private class func save(service: NSString, data: NSString) {
    var dataFromString: NSData = data.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)

    // Instantiate a new default keychain query
    var keychainQuery: NSMutableDictionary = NSMutableDictionary(objects: [kSecClassGenericPasswordValue, service, userAccount, dataFromString], forKeys: [kSecClassValue, kSecAttrServiceValue, kSecAttrAccountValue, kSecValueDataValue])

    // Delete any existing items
    SecItemDelete(keychainQuery as CFDictionaryRef)

    // Add the new keychain item
    var status: OSStatus = SecItemAdd(keychainQuery as CFDictionaryRef, nil)
  }

  private class func load(service: NSString) -> NSString? {
    // Instantiate a new default keychain query
    // Tell the query to return a result
    // Limit our results to one item
    var keychainQuery: NSMutableDictionary = NSMutableDictionary(objects: [kSecClassGenericPasswordValue, service, userAccount, kCFBooleanTrue, kSecMatchLimitOneValue], forKeys: [kSecClassValue, kSecAttrServiceValue, kSecAttrAccountValue, kSecReturnDataValue, kSecMatchLimitValue])

    var dataTypeRef :Unmanaged<AnyObject>?

    // Search for the keychain items
    let status: OSStatus = SecItemCopyMatching(keychainQuery, &dataTypeRef)

    let opaque = dataTypeRef?.toOpaque()

    var contentsOfKeychain: NSString?

    if let op = opaque? {
      let retrievedData = Unmanaged<NSData>.fromOpaque(op).takeUnretainedValue()

      // Convert the data retrieved from the keychain into a string
      contentsOfKeychain = NSString(data: retrievedData, encoding: NSUTF8StringEncoding)
    } else {
      println("Nothing was retrieved from the keychain. Status code \(status)")
    }

    return contentsOfKeychain
  }
}

(来自示例代码:http://matthewpalmer.net/blog/2014/06/21/example-ios-keychain-swift-save-query/

或使用“锁匠”,更清洁,更轻松:

https://github.com/matthewpalmer/Locksmith

答案 1 :(得分:0)

你可以在Md5 + salt中考虑,然后存储在NSUserDefault中。

答案 2 :(得分:0)

您可以将数据存储为两种形式:

  1. 核心数据:所以如果黑客需要提取应用(用户)信息。他需要用户设备来提取coredata base的SQL文件。然后必须将其加密形式转换为可理解的形式。

  2. 我们可以做的第二件事是。我们可以让api存储app(用户)信息。每次我们需要提取用户数据时,我们都可以在viewdidload中点击服务。

    3. (新泽西州)

相关问题
最新问题