npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@nativescript/secure-storage

v3.0.3

Published

Secure Storage NativeScript plugin

Downloads

4,827

Readme

@nativescript/secure-storage

Secure Storage using SAMKeychain on iOS and Hawk on Android.

npm install @nativescript/secure-storage

API

set | setSync

// require the plugin
import { SecureStorage } from "@nativescript/secure-storage";

// instantiate the plugin
const secureStorage = new SecureStorage();

// async
secureStorage.set({
  key: "foo",
  value: "I was set at " + new Date()
}).then(success => console.log("Successfully set a value? " + success));

// sync
const success = secureStorage.setSync({
  key: "foo",
  value: "I was set at " + new Date()
});

get | getSync

Will return null if not found.

// async
secureStorage.get({
  key: "foo"
}).then(value => console.log("Got value: " + value));

// sync
const value = secureStorage.getSync({
  key: "foo"
});

remove | removeSync

// async
secureStorage.remove({
  key: "foo"
}).then(success => console.log("Successfully removed a value? " + success));

// sync
const success = secureStorage.removeSync({
  key: "foo"
});

removeAll | removeAllSync

// async
secureStorage.removeAll().then(success => console.log("Successfully removed a value? " + success));

// sync
const success = secureStorage.removeAllSync();

clearAllOnFirstRun | clearAllOnFirstRunSync

These functions can be used if you want to clear data when your app is reinstalled.

This is only really useful on iOS because if you write something (through this plugin) to the Keychain, this data won't be removed when the app is uninstalled. So the next time the same app is installed, it will find the data in the keychain.

So if you want to clear 'lingering' data from a previous install, make sure you run one of these methods before using other methods this plugin provides.

// async
secureStorage.clearAllOnFirstRun().then(success => {
    console.log(success ? "Successfully removed all data on the first run" : "Data not removed because this is not the first run");
});

// sync
const success = secureStorage.clearAllOnFirstRunSync();

isFirstRun | isFirstRunSync

As a bonus, you can piggyback the 'first run' mechanism to do anything you want when the plugin detects this is the first run (after an install or install-delete-reinstall).

// sync
if (secureStorage.isFirstRunSync()) {
  // do whatever you want
}

// async
secureStorage.isFirstRun().then(isFirst => {
  // if isFirst is true, do whatever you like
});

iOS Security++

By default the plugin uses kSecAttrAccessibleAlwaysThisDeviceOnly access control to the keychain. This means that the keychain value can be accessed even if the device is locked. If you want to enhance security and you do not need background access, or if you want to allow the value to be backed up and migrated to another device, you can use any of keys defined here and pass it when you create an instance of SecureStorage, for example

declare const kSecAttrAccessibleWhenUnlockedThisDeviceOnly; // This is needed in case you don't have tns-platform-declarations module installed. 
const secureStorage = new SecureStorage(kSecAttrAccessibleWhenUnlockedThisDeviceOnly);

iOS Simulator

Currently this plugin defaults to using NSUserDefaults on iOS Simulators. You can change this behaviour by providing disableFallbackToUserDefaults to the constructor of SecureStorage. This then uses the keychain instead of NSUserDefaults on simulators.

If you're running into issues similar to issue_10, consider using the default behaviour again.

iOS Keychain Access/App Groups

You can share secrets between iOS apps/extensions via Keychain access groups, or App Groups, see here for details.

To setup:

  • Add a keychain access group entitlement to your app by adding an entry in the app/App_Resources/iOS/<someName>.entitlements file.

    e.g.

    <key>keychain-access-groups</key>
    <array>
      <string>$(AppIdentifierPrefix)com.my.app.sharedgroup</string>
    </array>
  • Then in your app specify the accessGroup property when getting/setting values. e.g.

    import { SecureStorage } from "nativescript-secure-storage";
    export class MyComponent {
      secureStorage = new SecureStorage();
      // a method that can be called from your view
      setSecureValue() {
        this.secureStorage.set({
          accessGroup:"<TeamID>.com.my.app.sharedgroup",
          key: 'myKey',
          value: 'my value'
        }).then(success => { console.log(success)});
      }
    }

Credits

License

Apache License Version 2.0