之前做项目,用户保存账号密码都会保存到NSUserdefault中,每次卸载了app后,数据都会随之清除,而且不安全。后来系统就提供了keychain作为存储账号,密码,网络密码,认证令牌的工具,然后项目中就开始使用keychain来存储敏感信息,这些数据存储之后即使卸载了app也不会被清除。

下面就先来说说keychain的用法。

引入头文件#import

NSString * const KEY_USERNAME_PASSWORD = @"com.company.app.usernamepassword";

+ (void)keyChainSave:(NSString *)string {

NSMutableDictionary *tempDic = [NSMutableDictionary dictionary];

[tempDic setObject:string forKey:kSYDictionaryKey];

// [self save:kSYKeyChainKey data:tempDic];

[self setSaveObject:tempDic forKey:kSYKeyChainKey];

}

+ (NSString *)keyChainLoad{

NSMutableDictionary *tempDic = (NSMutableDictionary *)[self objectForKey:kSYKeyChainKey];

// [self load:kSYKeyChainKey];

return [tempDic objectForKey:kSYDictionaryKey];

}

+ (void)keyChainDelete{

[self removeObjectForKey:kSYKeyChainKey];

}

+ (NSMutableDictionary *)getKeychainQuery:(NSString *)service {

return [NSMutableDictionary dictionaryWithObjectsAndKeys:

(id)kSecClassGenericPassword,(id)kSecClass,

service, (id)kSecAttrService,

service, (id)kSecAttrAccount,

(id)kSecAttrAccessibleAfterFirstUnlock,(id)kSecAttrAccessible,

nil];

}

+ (void)setSaveObject:(id )value forKey:(NSString *)forKey{

//Get search dictionary

NSMutableDictionary *keychainQuery = [self getKeychainQuery:forKey];

//Delete old item before add new item

SecItemDelete((CFDictionaryRef)keychainQuery);

//Add new object to search dictionary(Attention:the data format)

[keychainQuery setObject:[NSKeyedArchiver archivedDataWithRootObject:value] forKey:(id)kSecValueData];

//Add item to keychain with the search dictionary

SecItemAdd((CFDictionaryRef)keychainQuery, NULL);

}

+ (id)objectForKey:(NSString *)service {

id ret = nil;

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

//Configure the search setting

//Since in our simple case we are expecting only a single attribute to be returned (the password) we can set the attribute kSecReturnData to kCFBooleanTrue

[keychainQuery setObject:(id)kCFBooleanTrue forKey:(id)kSecReturnData];

[keychainQuery setObject:(id)kSecMatchLimitOne forKey:(id)kSecMatchLimit];

CFDataRef keyData = NULL;

if (SecItemCopyMatching((CFDictionaryRef)keychainQuery, (CFTypeRef *)&keyData) == noErr) {

@try {

ret = [NSKeyedUnarchiver unarchiveObjectWithData:(__bridge NSData *)keyData];

} @catch (NSException *e) {

NSLog(@"Unarchive of %@ failed: %@", service, e);

} @finally {

}

}

if (keyData)

CFRelease(keyData);

return ret;

}

+ (void)removeObjectForKey:(NSString *)service {

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

SecItemDelete((CFDictionaryRef)keychainQuery);

}

看完这些代码,可以发现keychain类似于数据库,有增删改查功能。

就这样,利用keychain很方便的保存了用户的登录信息,但是我们的项目又要求当用户卸载app重新安装后,不能保留用户信息。所以对于keychain,我百度搜了很多,但是都是不能清除。

最后想到一种办法,就是利用NSUserDefault看是否首次安装或重新安装,移除用户名,用户密码。

if (![[NSUserDefaults standardUserDefaults] objectForKey:@"FirstInstall"]) {

[[NSUserDefaults standardUserDefaults] setValue:@"isFirst" forKey:@"FirstInstall"];

[[NSUserDefaults standardUserDefaults] synchronize];

//首次安装,移除用户名,用户密码

[SYKeyChain removeObjectForKey:SYSaveAuthTokenKey_account];

[SYKeyChain removeObjectForKey:SYSaveAuthTokenKey_passwordTF];

}

注意,在.m中定义KEY_USERNAME_PASSWORD以上数据,如果要在其他页面用,要在.h中

UIKIT_EXTERN NSString *const KEY_USERNAME_PASSWORD;这样定义,然后在其他页面导入此控制器才行。

Logo

华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。

更多推荐