https://docs.amplify.aws/lib/auth/manageusers/q/platform/js/#managing-security-tokens
因此,我尝试在从react-native的auth包中获取的react本机代码中实现auth令牌的加密。我写了以下代码:
import React, { Component } from 'react';
import * as Keychain from 'react-native-keychain';
import AsyncStorage from '@react-native-async-storage/async-storage';
import { Auth } from 'aws-amplify';
const MYSTORAGE_KEY_PREFIX = '@ACCESSTOKEN:';
let dataMemory = {};
export default class MyStorage {
static syncPromise = null;
static setItem(key, value) {
Keychain.setGenericPassword(MYSTORAGE_KEY_PREFIX + key, value);
dataMemory[key] = value
return dataMemory[key]
}
static getItem(key) {
return Object.prototype.hasOwnProperty.call(dataMemory, key) ? dataMemory[key] : undefined
}
static removeItem(key) {
Keychain.resetGenericPassword()
return delete dataMemory[key]
}
static clear() {
dataMemory = {}
return dataMemory
}
static sync(){
if (!MyStorage.syncPromise) {
MyStorage.syncPromise = new Promise((res, rej) => {
Auth.currentSession().then(data => {MyStorage.setItem(data.idToken.jwtToken)})
});
}
return MyStorage.syncPromise;
}
}
Auth.configure({
storage: MyStorage
});
现在,这样做正确吗?如何验证令牌是否已加密?我对此完全陌生。
import AsyncStorage from '@react-native-async-storage/async-storage';
import EncryptedStorage from 'react-native-encrypted-storage';
const AUTH_STORAGE_KEY_PREFIX = '@AuthorizationStorage:';
let dataMemory: Record<string, string> = {};
/**
* A class representing the storage for authentication-related data.
* Used by Amplify for secure storage of user data.
* @see https://docs.amplify.aws/lib/auth/manageusers/q/platform/react-native/#managing-security-tokens
*/
export class AuthorizationStorage {
/**
* A promise used for synchronization.
*/
static syncPromise: Promise<void> | null = null;
/**
* Sets an item in the storage.
* @param key - The key of the item to set.
* @param value - The value of the item to set.
* @returns The stored value or null if the value is not provided.
*/
static setItem(key: string, value?: unknown): string | null {
if (value && typeof value === 'string') {
AsyncStorage.setItem(AUTH_STORAGE_KEY_PREFIX + key, 'null');
EncryptedStorage.setItem(AUTH_STORAGE_KEY_PREFIX + key, value);
dataMemory[key] = value;
return dataMemory[key]!;
}
return null;
}
/**
* Gets an item from the storage.
* @param key - The key of the item to get.
* @returns The stored value or null if the item does not exist.
*/
static getItem(key: string): string | null {
return Object.prototype.hasOwnProperty.call(dataMemory, key)
? dataMemory[key]!
: null;
}
/**
* Removes an item from the storage.
* @param key - The key of the item to remove.
* @returns True if the item was removed, false otherwise.
*/
static removeItem(key: string): boolean {
AsyncStorage.removeItem(AUTH_STORAGE_KEY_PREFIX + key);
EncryptedStorage.getItem(AUTH_STORAGE_KEY_PREFIX + key).then((value) => {
if (value) {
EncryptedStorage.removeItem(AUTH_STORAGE_KEY_PREFIX + key);
}
});
return delete dataMemory[key];
}
/**
* Clears the storage.
* @returns An empty record representing the cleared data.
*/
static clear(): Record<string, string> {
dataMemory = {};
return dataMemory;
}
/**
* Synchronizes data from storage.
* @returns A promise that resolves when synchronization is complete or rejects with an error.
*/
static async sync(): Promise<void> {
if (AuthorizationStorage.syncPromise === null) {
AuthorizationStorage.syncPromise = (async () => {
try {
const keys = await AsyncStorage.getAllKeys();
const memoryKeys = (keys || []).filter((key: string) =>
key.startsWith(AUTH_STORAGE_KEY_PREFIX)
);
const promises: Promise<void>[] = [];
for (const key of memoryKeys) {
const value = await EncryptedStorage.getItem(key);
if (value) {
dataMemory[key.replace(AUTH_STORAGE_KEY_PREFIX, '')] = value;
}
}
await Promise.all(promises);
} catch (error: unknown) {
throw error;
}
})();
}
return AuthorizationStorage.syncPromise;
}
}
然后在我的配置中
Amplify.configure({
Auth: {
..., // (user-pool-id, region etc.)
storage: AuthorizationStorage
}
})