Is this secure storage (keystore, etc)?

[westlakem]

I want to store client access / refresh tokens in storage, but I need them to be secure so only my app can access them. Does this implement the secure key store or how does it work?

[NathanaelA]

This plugin has both LocalStorage and SessionStorage support.

1. SessionStorage is memory in the app only (meaning nothing can get access, but of course restarting the app will clear its memory).
2. LocalStorage is to disk, but only saved in the app's storage directory meaning no other apps have access to it.

If the user has a rooted device; then they can access the LocalStorage AND a Secure Key Store, so neither are really secure against someone who is actively attempting to hack your app. (In that case their are other mitigation techniques to make your app virtually unhackable; but Secure Key Store isn't really any more secure than the file in normal cases with JavaScript based applications).

If you are worried about protecting your code/app against hackers, send me an email and we can discuss it.