0

We have a app which works offline as the data is stored locally using local storage and HTML5 offline capabilities.

We want a way to authenticate the user when the user tries to launch the app offline (from a security purpose if ipad gets stolen).

We already have the authentication mechanism when the user tries to access the app while online

dazzle
  • 1,346
  • 2
  • 17
  • 29
  • Some more details would be helpful. Authenticate just the single user who's data is stored offline? – jebar8 Aug 23 '12 at 17:59
  • Since the data that is stored locally is confidential, we would need to authenticate the user when he tries to launch the app offline from an ipad. – dazzle Aug 24 '12 at 06:51

2 Answers2

3

Crudely, you can use the person's password as the local storage database name. No password, no database access.

Kernel James
  • 3,752
  • 25
  • 32
  • sorry, I did not get what you meant – dazzle Aug 24 '12 at 06:46
  • I assume you are using the HTML5 Database API? The database needs a database name `window.openDatabase("cool-name",...`. I suppose you could use the username+password and hash it to generate a unique name for the database. So if someone enter in the wrong username or password, then it won't map to the correct database and they can't view their data. – Kernel James Aug 24 '12 at 09:22
  • 2
    Note that in Chrome this wouldn't be secure. The DevTools lists all available dbs. – Raymond Camden Aug 26 '12 at 18:06
  • I'm assuming their data isn't encrypted hence the need to authenticate the user. Since data isn't encrypted, any physical access to the device would already expose user data anyway. So any authentication is by definition already insecure and is only crude authentication. – Kernel James Aug 27 '12 at 04:14
0

One solution is to save the last successful online login into some local storage. Now when user is in offline-mode then compare with the value stored in Local Storage.

Following is the sample snippet for Local Storage in HTML 5 :

if (window.localStorage.getItem('value')) {
    dummy =  window.localStorage.getItem('value');
}

Hope this might solve the problem.

nhahtdh
  • 55,989
  • 15
  • 126
  • 162
Jayprakash Dubey
  • 35,723
  • 18
  • 170
  • 177