Store user data in an secure way

In many apps you want to store user data locally on the device, it could, for example, be passwords, credit card numbers etc. Even if the storage is sandboxed to your apps, you don’t want to store it in clear text, you want to store it encrypted.

I have used Xamarin.Auth for many apps while it has an AccountStore class that can be used to store user data encrypted. But while it only supports iOS and Android and needed support for UWP in an app I decided to create my own library. I also felt that I don’t want to install a big library when I just wanted one a little piece of it, and furthermore, the main focus was not storing user data encrypted.

So I decided to create TinyAccountManager, it is an open source project where the source can be found on GitHub, https://github.com/dhindrik/TinyAccountManager. It works together with iOS, Android and UWP. And I will properly add support for Mac apps as well.

The easiest way to install it tou your projects is via NuGet, https://www.nuget.org/packages/TinyAccountManager/.


Install-Package TinyAccountManager

The first you need to do is to initialize the AccountManager per platform.

//iOS
TinyAccountManager.iOS.AccountManager.Initialize();
 
//Android
TinyAccountManager.Droid.AccountManager.Initialize();
 
//UWP
TinyAccountManager.UWP.AccountManager.Initialize();

Save
The only property that are required is ServiceId.

var account = new Account()
{
    ServiceId = "TinyAccountManagerSample",
    Username = "dhindrik"
};
 
account.Properties.Add("Password", "MySecretPassword");
 
await AccountMananger.Current.Save(account);

Get and Exists

It’s recommended that you use Exists before Get, if you using Get and there is no matching account it will throw an exception.

Account account = null;
 
var exists = await AccountManager.Current.Exists("TinyAccountManagerSample")
 
if(exists)
  account = await AccountManager.Current.Get("TinyAccountManagerSample")
Remove
 
await AccountManager.Current.Remove("TinyAccountManagerSample")

IOC

If you want to use IOC instead of the singleton pattern, you just register the implemenation for each platform with the IAccountManager interface. If you select this way you don’t have to run Initialize on each platform

iOS: iOSAccountManager

Android: AndroidAccountManager

UWP: UWPAccountManager

You can find the complete documentation on GitHub, there are also a sample project.
https://github.com/dhindrik/TinyAccountManager

One thought on “Store user data in an secure way

Leave a Reply

Your email address will not be published. Required fields are marked *