react-native-secure-storage-hqs
v0.1.3
Published
A secure AsyncStorage partial implementation
Downloads
2
Maintainers
Readme
react-native-secure-storage
This package is based on react-native-keychain and implemented a secure storage engine. It is compatiable with redux-persist-sensitive-storage
Getting started
$ npm install react-native-secure-storage --save
or
$ yarn add react-native-secure-storage
Mostly automatic installation
$ react-native link react-native-secure-storage
Manual installation
iOS
- In XCode, in the project navigator, right click
Libraries
➜Add Files to [your project's name]
- Go to
node_modules
➜react-native-secure-storage
and addRNSecureStorage.xcodeproj
- In XCode, in the project navigator, select your project. Add
libRNSecureStorage.a
to your project'sBuild Phases
➜Link Binary With Libraries
- Run your project (
Cmd+R
)<
Android
- Open up
android/app/src/main/java/[...]/MainApplication.java
- Add
import li.yunqi.rnsecurestorage.RNSecureStoragePackage;
to the imports at the top of the file - Add
new RNSecureStoragePackage()
to the list returned by thegetPackages()
method
- Append the following lines to
android/settings.gradle
:include ':react-native-secure-storage' project(':react-native-secure-storage').projectDir = new File(rootProject.projectDir, '../node_modules/react-native-secure-storage/android')
- Insert the following lines inside the dependencies block in
android/app/build.gradle
:implementation project(':react-native-secure-storage')
Usage
import SecureStorage, { ACCESS_CONTROL, ACCESSIBLE, AUTHENTICATION_TYPE } from 'react-native-secure-storage'
async() => {
const config = {
accessControl: ACCESS_CONTROL.BIOMETRY_ANY_OR_DEVICE_PASSCODE,
accessible: ACCESSIBLE.WHEN_UNLOCKED,
authenticationPrompt: 'auth with yourself',
service: 'example',
authenticateType: AUTHENTICATION_TYPE.BIOMETRICS,
}
const key = 'someKey'
await SecureStorage.setItem(key, 'some value', config)
const got = await SecureStorage.getItem(key, config)
console.log(got)
}
Methods
This library has now implemented getItem
, setItem
, removeItem
and getAllKeys
methods of AsyncStorage
from React Native. It doesn't support callback and replaced the callback
param with an option
param.
In addition, this library has a getSupportedBiometryType()
method which Returns one of BIOMETRY_TYPE
indicating which biometry type the device supports, and a canCheckAuthentication([{ authenticationType }])
method which checks whether the specified authenticationType is available.
Options
| Key | Platform | Description | Default |
|---|---|---|---|
|accessControl
|iOS only|This dictates how a keychain item may be used, see possible values in SecureStorage.ACCESS_CONTROL
. |None|
|accessible
|iOS only|This dictates when a keychain item is accessible, see possible values in SecureStorage.ACCESSIBLE
. |SecureStorage.ACCESSIBLE.WHEN_UNLOCKED
|
|accessGroup
|iOS only|In which App Group to share the keychain. Requires additional setup with entitlements. |None|
|authenticationPrompt
|iOS only|What to prompt the user when unlocking the keychain with biometry or device password. |Authenticate to retrieve secret data
|
|authenticationType
|iOS only|Policies specifying which forms of authentication are acceptable. |SecureStorage.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS
|
|service
|All|Qualifier for the service. |App bundle ID|
SecureStorage.ACCESS_CONTROL
enum
| Key | Description |
|-----|-------------|
|USER_PRESENCE
|Constraint to access an item with either Touch ID or passcode.|
|BIOMETRY_ANY
|Constraint to access an item with Touch ID for any enrolled fingers.|
|BIOMETRY_CURRENT_SET
|Constraint to access an item with Touch ID for currently enrolled fingers.|
|DEVICE_PASSCODE
|Constraint to access an item with a passcode.|
|APPLICATION_PASSWORD
|Constraint to use an application-provided password for data encryption key generation.|
|BIOMETRY_ANY_OR_DEVICE_PASSCODE
|Constraint to access an item with Touch ID for any enrolled fingers or passcode.|
|BIOMETRY_CURRENT_SET_OR_DEVICE_PASSCODE
|Constraint to access an item with Touch ID for currently enrolled fingers or passcode.|
SecureStorage.ACCESSIBLE
enum
| Key | Description |
|-----|-------------|
|WHEN_UNLOCKED
|The data in the keychain item can be accessed only while the device is unlocked by the user.|
|AFTER_FIRST_UNLOCK
|The data in the keychain item cannot be accessed after a restart until the device has been unlocked once by the user.|
|ALWAYS
|The data in the keychain item can always be accessed regardless of whether the device is locked.|
|WHEN_PASSCODE_SET_THIS_DEVICE_ONLY
|The data in the keychain can only be accessed when the device is unlocked. Only available if a passcode is set on the device. Items with this attribute never migrate to a new device.|
|WHEN_UNLOCKED_THIS_DEVICE_ONLY
|The data in the keychain item can be accessed only while the device is unlocked by the user. Items with this attribute do not migrate to a new device.|
|AFTER_FIRST_UNLOCK_THIS_DEVICE_ONLY
|The data in the keychain item cannot be accessed after a restart until the device has been unlocked once by the user. Items with this attribute never migrate to a new device.|
|ALWAYS_THIS_DEVICE_ONLY
|The data in the keychain item can always be accessed regardless of whether the device is locked. Items with this attribute never migrate to a new device.|
SecureStorage.AUTHENTICATION_TYPE
enum
| Key | Description |
|-----|-------------|
|DEVICE_PASSCODE_OR_BIOMETRICS
|Device owner is going to be authenticated by biometry or device passcode.|
|BIOMETRICS
|Device owner is going to be authenticated using a biometric method (Touch ID or Face ID).|
SecureStorage.BIOMETRY_TYPE
enum
| Key | Description |
|-----|-------------|
|TOUCH_ID
|Device supports authentication with Touch ID.|
|FACE_ID
|Device supports authentication with Face ID.|
|FINGERPRINT
|Device supports authentication with Android Fingerprint.|