README
ws-capacitor-secure-storage
This plugin for Capacitor provides secure key/value storage on the web, iOS, and Android, with an API closely matching that of the Capacitor Storage plugin. If you are using the Storage plugin, this plugin is (more or less) a secure drop-in replacement.
Installation
pnpm install ws-capacitor-secure-storage # 'pnpm add' also works
npm install ws-capacitor-secure-storage
yarn add ws-capacitor-secure-storage
Not using pnpm? You owe it to yourself to give it a try. It’s faster, better with monorepos, and uses way, way less disk space than the alternatives.
Usage
The API is thoroughly documented here. For a complete example of how to use this plugin in practice, see the demo app.
The source of this plugin is also a good example of how to use the @native decorator. Thanks to @native
, TypeScript code is freely mixed with native code, and state can be maintained in the TypeScript class. If you’re a plugin author, you’ll definitely want to check @native
out.
web
On the web, data is stored in localStorage
by default. You may change that to sessionStorage
by setting the storageType
property.
Data is encrypted on the web using Blowfish encryption with no IV. Before modifying storage, you must call setEncryptionKey
to set the “password” used to encrypt/decrypt the data.
iOS
On iOS, data is stored in the encrypted system keychain and is specific to your app. Please note that currently iOS will not delete an app’s keychain data when the app is deleted. But since only an app with the same app id — which is guaranteed by Apple to be unique across all apps — can access that data, this is not a security issue.
Android
On Android, data is encrypted using AES in GCM mode with a secret key generated by the Android KeyStore, then stored in SharedPreferences, which is specific to your app. If the app is deleted, its data is deleted as well.