堆栈内存溢出
  简体   繁体   English

如何使用安全存储将用户名和密码存储在 flutter 中

[英]how about to use secure storage to store the user username and password in flutter

 原文  2022-03-17 16:03:59       flutter/ security

问题描述

I am using flutter to write an app, now I want to use secure storage to store the username/passowrd like this:我正在使用 flutter 编写应用程序,现在我想使用安全存储来存储用户名/密码,如下所示:

SecureStorageUtil.putString("password", password);

is it a good practice?这是一个好习惯吗? Or never store the user password in the client app?或者从不将用户密码存储在客户端应用程序中? I already searching from Google but no one talk about it.我已经从谷歌搜索但没有人谈论它。 And this is the SecureStorageUtil :这是SecureStorageUtil

import 'package:flutter_secure_storage/flutter_secure_storage.dart';

class SecureStorageUtil{

  static FlutterSecureStorage _preferences = FlutterSecureStorage();

  static Future<String?> getString (String key, {String defValue = ''}) {
    return _preferences.read(key:key) ;
  }

  static Future<void> putString(String key, String value) {
    return _preferences.write(key:key, value:value);
  }

  static Future<void> delString(String key) {
    return _preferences.delete(key:key);
  }
}

2 个解决方案

解决方案1
 2 已采纳  2022-03-17 16:56:44

As the docs say正如文档所说

  • Keychain is used for iOS钥匙扣用于iOS
  • AES encryption is used for Android. AES secret key is encrypted with RSA and RSA key is stored in KeyStore Android采用AES加密,AES秘钥用RSA加密,RSA密钥保存在KeyStore中

Keystore is managed by the system, and the will be secure. Keystore由系统管理,安全。 You may use this if saving the password is important.如果保存密码很重要,您可以使用它。 However, its always recommended not to store passwords on the client-side, instead, save some Auth keys like JWT token, etc. to authenticate users.但是,始终建议不要在客户端存储密码,而是保存一些 Auth 密钥,如 JWT token 等来对用户进行身份验证。

解决方案2
 -1  2022-03-17 18:15:54

There is a package named SharePreferences that will allow you to store anything on both platforms ios and android and it did not have any kind of issue.有一个名为SharePreferences的 package 允许您在两个平台 ios 和 android 上存储任何内容,它没有任何问题。 I recommend that package. I hope that will work.我推荐 package。我希望它能起作用。 And the second thing is storing password.第二件事是存储密码。 If the user have an option in the app like Remember Me then it is useful to store the username and the password.如果用户在应用程序中有像Remember Me这样的选项,那么存储用户名和密码会很有用。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 颤振安全存储如何存储不记名令牌? - flutter secure storage how to store bearer token? flutter_secure_storage中可以存储多少数据? - How much data can store in flutter_secure_storage? 将 model 数据存储到 Flutter 安全存储中 - Store model data into Flutter Secure Storage 如何在Flutter中加密用户名和密码 - How to encypt username and password in flutter Flutter - 为什么/flutter_secure_storage 是安全的? - Flutter - Why/How is flutter_secure_storage secure? 如何在 flutter 存储中存储阵列 - How to store an Array in flutter storage 如何在 Dio flutter 中传递密码和用户名加密? - How pass password and username encrypt in Dio flutter? Flutter安全存储 - Flutter Secure Storage 显示存储在 Flutter 安全存储中的用户详细信息时出错 - Error displaying user details stored in Flutter Secure Storage 如何在 Flutter 中创建新用户后将默认用户名、主题模式和主题颜色存储到 Cloud Firestore? - How to store default userName, themeMode and themeColor to Cloud Firestore after creating new user in Flutter?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM