Hi all
I’d like to have a couchbase lite mobile db that works offline for authentication login to app functionalities.
I mean , if no connection is available, i’d like to propose an authentication login form in my app and check credentials in the couchbase lite database.
Of course I know that ,with connection , gateway syncronize all data consistently to couchbase sever db.
I wonder what kind of side effects could be in this approach? Is it safe to give authentication confirmation using a couchbase lite db with no connection? Can anyone “crack” couchbase lite and force authentication?
Hi
In offline mode, you can store the credentials (user/pass or token) in a local keychain or encrypted / secure keystore on your platform and use that to allow users to access the local CBLite data. That said, I would recommend that the credentials be time bound so users are forced to re-authenticate with the server after a period of time.