问题
I have an Android app where users have to login to use it, when a request is made (in PHP) a token is needed, the thing is, I need to save the token in Android's shared preferences, I know there are ways to encrypt it, but if someone would go to open the app and see the source code, the would know how it was encrypted.
How do I securely save the token?
Thanks in advance.
回答1:
Android Keystore is a preferred way of storing sensitive information, namely token, password, etc.
However, in case you want to simply store it in SharedPrefs, using one of the existing libraries would come in handy. You can check SecureStorage library and give it a try.
来源:https://stackoverflow.com/questions/57402457/how-to-save-a-token-secretly-in-android