kjb3lw
Last Updated: July 25, 2018
·
22.37K
· autresphere
Cf64e3b3cc99cda97e6ea966cc893806

Storing password in keychain the smart way

NSURLCredential is the perfect class to store username and password in the keychain. No need to bother with NSUserDefaults nor any keychain wrapper.

Once the user is logged in, you can store his username and password to the keychain:

NSURLCredential *credential;

credential = [NSURLCredential credentialWithUser:username password:password persistence:NSURLCredentialPersistencePermanent];
[[NSURLCredentialStorage sharedCredentialStorage] setCredential:credential forProtectionSpace:self.loginProtectionSpace];

As stated in Apple Doc, NSURLCredentialPersistencePermanent must be used to store in the keychain.

Then, each time the app is launched, you can check whether your user was already logged in by searching for any credential in order to automatically log back your user (if need be):

NSURLCredential *credential;
NSDictionary *credentials;

credentials = [[NSURLCredentialStorage sharedCredentialStorage] credentialsForProtectionSpace:self.loginProtectionSpace];
credential = [credentials.objectEnumerator nextObject];
NSLog(@"User %@ already connected with password %@", credential.user, credential.password);

You also need to clean the credential when the user wants to log out:

NSURLCredential *credential;
NSDictionary *credentials;

credentials = [[NSURLCredentialStorage sharedCredentialStorage] credentialsForProtectionSpace:self.loginProtectionSpace];
credential = [credentials.objectEnumerator nextObject];
[[NSURLCredentialStorage sharedCredentialStorage] removeCredential:obj forProtectionSpace:self.loginProtectionSpace];

loginProtectionSpace is created once for all.

Please, note this sample code assumes there is only one credential in this space, which is usually the case unless you manage several accounts.

Say Thanks
Respond

5 Responses
Add your response

15406
Ebb4042a9f29dc8711ee9168e9fc6286

Hi Philip,

Can you also post a sample concerning the self.loginProtectionSpace? I'm a bit lost on how to go about it.

Best,
Sidney

over 1 year ago ·
15407
Cf64e3b3cc99cda97e6ea966cc893806

Hi Sidney,

You can create an NSURLProtectionSpace like that:
NSURL *url = [NSURL URLWithString:@"http://www.example.com"];
protectionSpace = [[NSURLProtectionSpace alloc] initWithHost:url.host
port:[url.port integerValue]
protocol:url.scheme
realm:nil
authenticationMethod:NSURLAuthenticationMethodHTTPDigest];

Please have a look at a more detailed explanation on http://stackoverflow.com/questions/8565087/afnetworking-and-cookies/17997943#17997943

Phil

over 1 year ago ·
15408
Ebb4042a9f29dc8711ee9168e9fc6286

Great stuff! Thanks for this,

Sidney

over 1 year ago ·
30126

hello,
iCloud Keychain stores your usernames, passwords, and app sign-on information and syncs it between your devices using Apple's iCloud services. The Keychain keeps your information secured using a two-factor authentication mechanism: First, you need to be signed into your iCloud account on the device, and then another trusted device must be used to approve the newly connected device to be used with iCloud Keychain. This is separate from the iCloud two-factor authentication, which is also recommended.https://www.ucbrowser.vip/ https://shareit.onl/ https://mxplayer.pro/

3 months ago ·
30230

thank you for sharing information
http://slitherio-o.com

about 2 months ago ·