Permalink
Browse files

Merge pull request #162 from wtimme/bugfix/160-Dont-store-credentials…

…-in-NSUserDefaults

Stop storing user credentials in `NSUserDefaults`
  • Loading branch information...
bryceco committed Oct 18, 2018
2 parents f6623ce + 4d71c37 commit e4182e64662869aedc4c5e2d1fe37ebeb3b7e24f
Showing with 8 additions and 16 deletions.
  1. +8 −16 src/iOS/AppDelegate.m
@@ -53,18 +53,7 @@ - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(
self.userName = [KeyChain getStringForIdentifier:@"username"];
self.userPassword = [KeyChain getStringForIdentifier:@"password"];
if ( self.userName.length == 0 ) {
self.userName = [defaults objectForKey:@"username"];
self.userPassword = [defaults objectForKey:@"password"];
if ( self.userName.length )
[KeyChain setString:self.userName forIdentifier:@"username"];
if ( self.userPassword.length )
[KeyChain setString:self.userPassword forIdentifier:@"password"];
[[NSUserDefaults standardUserDefaults] removeObjectForKey:@"username"];
[[NSUserDefaults standardUserDefaults] removeObjectForKey:@"password"];
}
[self removePlaintextCredentialsFromUserDefaults];
[DownloadThreadPool setUserAgent:[NSString stringWithFormat:@"%@/%@", self.appName, self.appVersion]];
@@ -79,6 +68,13 @@ - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(
return YES;
}
/**
Makes sure that the user defaults do not contain plaintext credentials from previous app versions.
*/
- (void)removePlaintextCredentialsFromUserDefaults {
[[NSUserDefaults standardUserDefaults] removeObjectForKey:@"username"];
[[NSUserDefaults standardUserDefaults] removeObjectForKey:@"password"];
}
-(void)setMapLatitude:(double)lat longitude:(double)lon zoom:(double)zoom view:(MapViewState)view
{
@@ -220,10 +216,6 @@ - (void)applicationWillResignActive:(UIApplication *)application
- (void)applicationDidEnterBackground:(UIApplication *)application
{
NSUserDefaults * defaults = [NSUserDefaults standardUserDefaults];
[defaults setObject:self.userName forKey:@"username"];
[defaults setObject:self.userPassword forKey:@"password"];
// set app badge if edits are pending
NSInteger pendingEdits = [self.mapView.editorLayer.mapData modificationCount];
if ( pendingEdits ) {

0 comments on commit e4182e6

Please sign in to comment.