The thing is, I haven't really made a production app. And I guess this is the time!
--
So, we have a RestFul API in place. You make login POST requests to the server in JSON, that are vaguely like this.
{
"user": string,
"password": string,
"uuid": string
}
This is fairly easy to do with flutter and the http package.
The app has been storing the user data from the login JSON request body with the flutter_secure_storagepackage under static key names.
The app is protected by a code screen that uses the local_auth package to use biometrics, if the user requests it. Code is mandatory, biometric auth is not. The logic behind this screens, is, if the user authenticates successfully, it just calls the login function, and passes the data to the function.
Now, the thing is, we've updated our system's way of working and you might need to use more than one account, which was previously possible with the solution I just gave you.
Now, would an encrypted SQLite db serve me well? What are the best practices around this?
I thought about checking values on the flutter_secure_storage and just adding a number in front, but that probably won't be as "scalable" as I want it to be.
Keep in mind that the app is going to be storing user sensitive data, such as passwords and tokens.
I've looked into flavors, but I don't think this requires a solution like that.
--
What would you do?
Thanks in advance.
A personal recommendation I would give you is the flutter package Hive. It’s encrypted by standard and has pretty fast read and write speeds. It can also generate adapters so you can store full class data without having to encode your data to a data string. However, if you only want to store very small keys and values secure storage will do.
I guess you could use the user ID or some user identifier as key and have an array with the different sort of authentication as data, if you have any follow up questions comment thing below!