Thank you for your information. I was read both of them on gitHub. I think the secure-ls libraries sound good. but I don't have idea to used it for more secured my localStorage because I need to set a key in client application(like js) and it's can read by browser network tab(Edge, Chrome). Thank you for your advice.
Hey Asim, ideally, you can't secure local storage and it is not recommended to store any sensitive data in local storage. You can try and encrypting it, but there is a catch. Encrypting it on the client is possible, but would mean the user has to provide a password and you have to depend on not-so-well-tested javascript implementations of cryptography.
Encrypting on the server side is of course possible, but then the client code cannot read or update it, and so you have reduced localStorage to a glorified cookie.
If it needs to be secure, its best to not send it to the client. What is not in your control can never be secure.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I agree with you about we did not store a sensitive data in localStorage. Actually, It's a place for access_token(public data) that is enough.
What about store user info like email, phone number and name
And his access_token
All of them encrypted
In local storage
How to encrypt all above of them. I have no idea about it.
Although, it's not preferred to store data in localStorage but if you want to encrypt it, you can try the below links:
Thank you for your information. I was read both of them on gitHub. I think the secure-ls libraries sound good. but I don't have idea to used it for more secured my localStorage because I need to set a key in client application(like js) and it's can read by browser network tab(Edge, Chrome). Thank you for your advice.
Hey Asim, ideally, you can't secure local storage and it is not recommended to store any sensitive data in local storage. You can try and encrypting it, but there is a catch. Encrypting it on the client is possible, but would mean the user has to provide a password and you have to depend on not-so-well-tested javascript implementations of cryptography.
Encrypting on the server side is of course possible, but then the client code cannot read or update it, and so you have reduced localStorage to a glorified cookie.
If it needs to be secure, its best to not send it to the client. What is not in your control can never be secure.