Home > OS >  React-Native: Can I store JWT in AsyncStorage because the tokens expire anyway?
React-Native: Can I store JWT in AsyncStorage because the tokens expire anyway?

Time:06-28

In my server I can set the JWT tokens to expire after a given period of time.

Can I simply have this in my app?

async function getUserDetails() {
    const token = await AsyncStorage.getItem('token') //got this token from successful login
    const data = await axios.get(apiurl '&JWT=' token)
    console.log(data)
}

By the time the attacker physically gets a hold of the phone, jailbreak it and connect it to her computer, the JWT must have expired? Or am I not understanding something here?

CodePudding user response:

AsyncStorage can not expire data. you have to use a trick. when you are setting your token. just set another key as date equal to new Date(). then in the root of your project setup a function which get date from AsyncStorage and checks the time passed from now to the time you saved token. if its bigger than your desired time just remve token from AsyncStorage

CodePudding user response:

By the way AsyncStorage is not secure. for saving your sensetive information you can use react-native-keychain

  • Related