[Question] Alternative approach to store access tokens

[suho]

Issue

Currently, the access token is saved in UserDefaults, which is not secure and encrypted.

https://github.com/SchwartzLizer/NimbleSurvey/blob/ddfb80dcf8bc3a802aa6cc46158444bf75e38101/NimbleSurvey/NimbleSurvey/Scene/Login/LoginViewModel.swift#L41-L64

We could improve this with a better approach, could you suggest another approach for saving access token?

[SchwartzLizer]

@suho I apologize for my misunderstanding. I chose UserDefault as I saw that the token will expire in 7200 units (I'm not sure exactly), but we can do better by storing it in the keychain. and erase saved data each time the application is opened, then we will always receive a fresh token key.

[suho]

@SchwartzLizer I think you don't need to erase the access token when the app is opened, you can reuse it to call APIs and check if it's existed to go to the survey lists screen directly (without open the login screen)

[SchwartzLizer]

@suho, I see, May I review my tasks for this issue?

1. I need to change the store access token from UserDefault to Keychain.
2. If the token exists (and does not expire), we can run the service login to run Home screen directly.

[suho]

If the token exists (and does not expire), we can run the service login to run Home screen directly.

@SchwartzLizer Not sure I'm understanding correctly, but when checking if the token is exists in keychain, you don't need to run the service login, just open the home screen