Geek Answers Handbook

How to work with localStorage for multiple users?

In case you want to save user-specific data in localStorage (for example, since many users can use the same browser for your site), how do you usually deal with this scenario?

Imagine that I can identify a user with something like a unique userId on the interface side. I would probably do something like the following:

 // retrieve the data data = JSON.parse( window.localStorage.getItem( userId ) ) || {}; // persist the data window.localStorage.setItem( userId, JSON.stringify( data ) );

Is this a naive way to do something?

EDIT: After he gave a little more thought on @ MDB Ξ“ BDL and other comments, let's say the data is sensitive. In this case, the above example is really naive. Any ideas on how to deal with sensitive data in this case? Or maybe the answer is: do not do this, save it in the background?

+7
source share
1 answer

Sensitive data will almost never be stored on the client. If you cannot guarantee the physical security of the computer and / or guarantee that the registered user on this computer will only ever use the computer (both of which are usually NOT true), then do not store confidential information on the client if you can avoid this.

It is much safer to store confidential information on the server and require the appropriate credentials before providing this information to the browser. You can then control the physical security of the data on your server and prevent users from accessing data that does not belong to them. In addition, you can protect it in flight using SSL.

If you really want to store something locally, accessible only to one user and one computer and one browser on this computer, you can request a password and use this password to encrypt / decrypt data stored in local storage. With the exception of temporary offline action, I currently don’t know why it would be better than on a server where it can be accessed by this user, regardless of how they access the Internet. These days of mobile access, access to tablets, access to a laptop, etc ... it seems that the tendency is to store things in the cloud so that a given user can access his data through any means of accessing the Internet that they can use, rather than requiring them to use the same computer.

+4
source

More articles:


All Articles