Hey everyone, you must know by the time, that storing cookies on a capacitor app is a really big challenge, so I need to know if this is a bad practice or not.
I saw on this community some post about it but doesn’t refeer about the security spects
The problem:
I can’t store cookies on a capacitor app, of course I’ll still trying, but it’s a stressful thing.
If we minimize the app, the user identity still there, but if we close the app, the identity disappear.
A workaround:
On creating a user record we store a UUID as a token on the db, and when the user login on the app the token is stored on local storage which remains even when the app is closed.
On the app we run a flow: identity=false & token=true
- Call a server connect with https which makes a login and renew the token too (on db and local storage of the app).
Can I ask for some opinions about this?
I’ll like to handle by the thoughts of this community
Thanks for reading.
PS: I know I can use jwt for this and it’s very secure, but I want to know about the risks of the method I described above