Transitioning a Cordova app to RN/ Expo... and keeping a user logged in

#1

We have an existing Cordova app that we’re looking to replace with an Expo app. The new app will have the same bundle identifier, same distribution keys, etc. as the old one. We would like to carry over the session key from the old version of the app to the new version, so users remain logged in.

My gut instinct is that the most likely way to do this would be to use SecureStore (https://docs.expo.io/versions/v27.0.0/sdk/securestore). In the Cordova app, we would save the session key to the keychain/ Android keystore, and in the new one we would load it using SecureStore. Since the app would be a true “upgrade” (same bundle ID, etc. - just a new version with different bits), I’m hoping it would work.

Is there anything about SecureStore / keychain that would make this a total no-go? Or is there another approach that is recommended? My gut feeling is that there’s no practical way to carry over cookies, as the JavaScript would be run in entirely different contexts, and it’s not clear how I would get AsyncStorage (https://facebook.github.io/react-native/docs/asyncstorage.html) to point to the same storage as the Cordova app. I guess SQLite could also be an option, since I could provide a path to the database (https://docs.expo.io/versions/v27.0.0/sdk/sqlite).

0 Likes

#2

SecureStore uses keys in the Android keystore to encrypt/decrypt data stored in Shared Preferences, so you would need to mimic that format exactly. On iOS the values are simply stored in the keychain, and again you would need to mimic that format exactly.

These are implementation details, so the code is the place to look at how data is read:

Your SQLite is probably simpler and less error-prone, especially on Android where the Secure Store implementation is finicky due to Android fragmentation.

1 Like

#3

Great points! Thanks for the advice. I think we’ll down the SQLite route.

0 Likes

closed #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

0 Likes