airsoftFreak airsoftFreak - 1 year ago 129
Swift Question

Authentication with IOS/Swift

I have a very simple question, I have a node.js/express server that will handle backend authentication part, it is using token not cookies, the server part is working correctly, whenever someone register/login it would return with a json web token.

For example


I'm using Alamofire to handle the HTTP request from IOS itself. The real question lies is how do I persist the token in the IOS/Swift itself?

What is the simplest way to do this?

Answer Source

You should use the iOS Keychain to save sensitive information.

You should not use NSUserDefaults to store an authentication token or any other potentially sensitive information. It's unencrypted and easily accessible on a rooted device.

How would you like someone getting your authentication token and making requests to your private API at will (e.g. on the command line using curl)?

I've used the KeychainAccess CocoaPod and its usage is simple:

static let keychain = Keychain(service: "com.example.myapp")
keychain["secret_code"] = secretCode     // Save something
let secretCode = keychain["secret_code"] // Retrieve something
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download