Secure Storage for React Native (Android & iOS) - Keychain & Keystore
Facebook RN blog post about v0.60 and AndroidX support: https://facebook.github.io/react-native/blog/2019/07/03/version-60
Go to F.A.Q for more information.
Not your main language ? Check out the translations here
RNSecureStorage is using Keychain for secure storing.
Under API 23 RNSecureStorage is using secure-preferences by @scottyab
Above API 23 RNSecureStorage is using Android Keystore
With NPM
npm install --save rn-secure-storage
With YARN
yarn add rn-secure-storage
Automatic linking
react-native link rn-secure-storage
Manual Linking
Manual Installation (If something went wrong with react-native link)
Note: Don't use any special chars at key like test@key
. This kinda key names can be a problem for IOS/Android
import RNSecureStorage, { ACCESSIBLE } from 'rn-secure-storage'
SET
// {accessible: ACCESSIBLE.WHEN_UNLOCKED} -> This for IOS
RNSecureStorage.set("key1", "this is a value", {accessible: ACCESSIBLE.WHEN_UNLOCKED})
.then((res) => {
console.log(res);
}, (err) => {
console.log(err);
});
GET
RNSecureStorage.get("key1").then((value) => {
console.log(value) // Will return direct value
}).catch((err) => {
console.log(err)
})
REMOVE
RNSecureStorage.remove("key1").then((val) => {
console.log(val)
}).catch((err) => {
console.log(err)
});
EXISTS
// res -> is can be True or False
RNSecureStorage.exists("key1")
.then((res) => {
console.log(res ? "Key exists": "Key not exists")
}, (err) => {
console.log(err);
});
Key | Platform | Description | Default |
---|---|---|---|
accessible |
iOS only | This indicates when a keychain item is accessible, see possible values in Keychain.ACCESSIBLE . |
Keychain.ACCESSIBLE.WHEN_UNLOCKED |
Key | Description |
---|---|
WHEN_UNLOCKED |
The data in the keychain item can be accessed only while the device is unlocked by the user. |
AFTER_FIRST_UNLOCK |
The data in the keychain item cannot be accessed after a restart until the device has been unlocked once by the user. |
ALWAYS |
The data in the keychain item can always be accessed regardless of whether the device is locked. |
WHEN_PASSCODE_SET_THIS_DEVICE_ONLY |
The data in the keychain can only be accessed when the device is unlocked. Only available if a passcode is set on the device. Items with this attribute never migrate to a new device. |
WHEN_UNLOCKED_THIS_DEVICE_ONLY |
The data in the keychain item can be accessed only while the device is unlocked by the user. Items with this attribute do not migrate to a new device. |
AFTER_FIRST_UNLOCK_THIS_DEVICE_ONLY |
The data in the keychain item cannot be accessed after a restart until the device has been unlocked once by the user. Items with this attribute never migrate to a new device. |
ALWAYS_THIS_DEVICE_ONLY |
The data in the keychain item can always be accessed regardless of whether the device is locked. Items with this attribute never migrate to a new device. |
You can find the usage example of the package in the example folder.
git clone https://github.com/talut/rn-secure-package
cd rn-secure-package/example
npm install
react-native run-ios/android
- talut#40 merged.
- When phone default locale including RTL then this workaround is setting English locale before generating a key pair and changing it back after all.
- Update to AndroidX. Make sure to enable it in your project's android/gradle.properties.
- Exists method added. Thanks @kirin-p
- TypeScript support added. Thanks @akiver
- Gradle version updated.
- Log messages updated. (For IOS)
- IOS keychain service name updated right now this package is using main bundle name. If you already using this package in production After this update all IOS user will log out from app automatically.
- google() repo added because Gradle v3.1.4 can't found.
- Android & IOS returing value/messages are updated.
- Issue:1 is solved.
- French by @Vinetos
- Indonesia by @mfaridzia
- German by @msdeibel
- Dutch by @fpkmatthi
- Brazilian Portuguese by @HenryFilho
- Why should I use this package?
- You can use other packages like react-native-keychain I know that package has more options. But you can store only username and password, while with RNSecureStorage you can store a lot of [key,value] pairs
- Why shouldn't I use react-native-secure-key-store
- You can use that package but you can't get any good solution with lowest API of Android. Also that package is set to minSDK:18. Thats means you might encounter some problems ...
- Hey can I trust your code/package?
- You can see all of my code in the repo and can review it. Also if you want, you can easily can fork my repo and change what bothers you. This package is under MIT license. So I can't give you any warranty. But you should know, I'm using this package in my projects.
- Will you maintain this package?
- Yeah, I'm planning to do so. But you know time can change everything. -How can I support you? -If you're using my package that's enough for me
Note: This package is more improved version of react-native-secure-key-store, RNSecureStorage has "under api 23" support
- Thanks to you @cagriyilmaz for IOS part.
- Thanks to you @akiver for TypeScript definitions.
- Thanks to you @kirin-p for exits method.
- Thanks to you @pradeep1991singh for react-native-secure-key-store
This project is licensed under the MIT License - see the LICENSE.md file for details