我有一个具有用户名/密码登录的应用程序。登录后,用户应保持登录状态,直到他们注销,即即使用户没有连接,用户也保持登录状态。
当前我正在对用户进行身份验证,但我无法让他们保持登录状态。我应该将用户详细信息存储在 NSUserDefaults 中以便在启动时登录,还是有没有办法仅使用 Realm 保持用户登录?
提前感谢!
SyncUser.logIn(with: userCredentials, server: (url! as URL)) { user, error in
guard user != nil else {
// Handles error
}
DispatchQueue.main.async {
let configuration = Realm.Configuration(
syncConfiguration: SyncConfiguration(user: user!, realmURL: URL(string: "realm://127.0.0.1:9080/~/realmtasks")!)
)
Realm.Configuration.defaultConfiguration = configuration
self.performSegue(withIdentifier: "logInSegue", sender: self)
}
}
更新:也许我的问题的答案是苹果钥匙扣?
您不应该在NSUserDefault内存储密码或任何敏感信息,通过使用简单的文件管理器您可以读取存储在其中的所有数据,这真的很不安全。
你甚至不需要数据库或其他东西。存储敏感信息的正确位置是设备的钥匙串。
github上有很多库可以帮助你使用它。
请注意,即使在删除应用程序后,您保存在钥匙串中的内容也会保留。
您可以考虑在钥匙串中保存凭据。只需要创建一个Objective-c文件并将其导入到项目的桥接头文件中即可。
.h
#import <Foundation/Foundation.h>
@interface KeychainUserPass : NSObject
+ (void)save:(NSString *)service data:(id)data;
+ (id)load:(NSString *)service;
+ (void)delete:(NSString *)service;
@end
.m
#import "KeychainUserPass.h"
@implementation KeychainUserPass
+ (NSMutableDictionary *)getKeychainQuery:(NSString *)service {
return [NSMutableDictionary dictionaryWithObjectsAndKeys:
(__bridge id)kSecClassGenericPassword, (__bridge id)kSecClass,
service, (__bridge id)kSecAttrService,
service, (__bridge id)kSecAttrAccount,
(__bridge id)kSecAttrAccessibleAfterFirstUnlock, (__bridge id)kSecAttrAccessible,
nil];
}
+ (void)save:(NSString *)service data:(id)data {
NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];
SecItemDelete((__bridge CFDictionaryRef)keychainQuery);
[keychainQuery setObject:[NSKeyedArchiver archivedDataWithRootObject:data] forKey:(__bridge id)kSecValueData];
SecItemAdd((__bridge CFDictionaryRef)keychainQuery, NULL);
}
+ (id)load:(NSString *)service {
id ret = nil;
NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];
[keychainQuery setObject:(id)kCFBooleanTrue forKey:(__bridge id)kSecReturnData];
[keychainQuery setObject:(__bridge id)kSecMatchLimitOne forKey:(__bridge id)kSecMatchLimit];
CFDataRef keyData = NULL;
if (SecItemCopyMatching((__bridge CFDictionaryRef)keychainQuery, (CFTypeRef *)&keyData) == noErr) {
@try {
ret = [NSKeyedUnarchiver unarchiveObjectWithData:(__bridge NSData *)keyData];
}
@catch (NSException *e) {
NSLog(@"Unarchive of %@ failed: %@", service, e);
}
@finally {}
}
if (keyData) CFRelease(keyData);
return ret;
}
+ (void)delete:(NSString *)service {
NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];
SecItemDelete((__bridge CFDictionaryRef)keychainQuery);
}
@end
用法:
保存:KeychainUserPass.save("email", data: self.YOUR_TEXT_FIELD.text!)
负载:YOUR_STRING = KeychainUserPass.load("email") as? String
删除:KeychainUserPass.delete("email")