Skip to content

Commit

Permalink
doc on security
Browse files Browse the repository at this point in the history
  • Loading branch information
christianmat committed Jan 11, 2024
1 parent 52def4d commit 0d3e8d7
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 0 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -119,3 +119,5 @@ localStorage is a browser API that allows you to store data in the browser. The

Yes. For this reason, we recommend using a non-iterable UUID for your user IDs. This makes it nearly impossible for users to guess other user IDs and access their data unless they know the user ID.

Alternatively, you can create a simple wrapper/proxy API around remoteStorage that uses your own authentication method to verify the user's identity before allowing them to access the data. Then, you can pick a secure and secret Instance ID that is not publicly available to ensure that only your application can access the data.

2 changes: 2 additions & 0 deletions packages/js-client/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -119,3 +119,5 @@ localStorage is a browser API that allows you to store data in the browser. The

Yes. For this reason, we recommend using a non-iterable UUID for your user IDs. This makes it nearly impossible for users to guess other user IDs and access their data unless they know the user ID.

Alternatively, you can create a simple wrapper/proxy API around remoteStorage that uses your own authentication method to verify the user's identity before allowing them to access the data. Then, you can pick a secure and secret Instance ID that is not publicly available to ensure that only your application can access the data.

0 comments on commit 0d3e8d7

Please sign in to comment.