• Categories
  • Recent
  • Tags
  • Popular
  • Solved
  • Unsolved
  • Users
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (Darkly)
  • No Skin
Collapse
brainCloud Forums

Web client security

Scheduled Pinned Locked Moved General
securityweb
3 Posts 2 Posters 249 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C Offline
    C Offline
    Chad Elstad
    wrote on last edited by
    #1

    All-
    Can anyone please help me understand on the Javascript library, where/how are the profileId and anonymousId stored so to be secure? The wrapper sounds like it is JavaScript and doesn't have any native code, is that correct? My app is a hybrid web app using Capacitor/Cordova.
    Is there a Cordova/Capacitor plugin for Braincloud? I was not able to find one.
    Also, am I correct in saying that when I have a game configured for Android that the Braincloud API's will restrict access to that specific appId/Package Name? The closest example I can give to explain what I am meaning is in Firebase, you can restrict those API calls in the Google APIs so that only apps with the AppId/Package Name can reach your Firebase API.
    Thanks in advance,
    -Chad

    1 Reply Last reply
    0
  • David St-Louis 0D Offline
    David St-Louis 0D Offline
    David St-Louis 0
    wrote on last edited by
    #2

    Hi Chad,

    The JS library is using localStorage to store "sessions id", "profile id" and "anonymous id". Username/emails/passwords are not stored. Only the information necessary to restore a previous session. As for implementation details about localStorage, it all depends on the app framework/browser you are using.

    There is no native code in our JS library, correct. We do have native versions of the library (C++ and Objective-C). But if you want a web app, those are not useful to you.

    We have an NPM module for it and a minified .js file for webpages. There are many frameworks out there, so there might be minor code change to be done depending on which framework you are using.

    If you are using our JS library, even inside a framework or on any device (You mentioned Android), the platform used by brainCloud is always going to be "WEB".

    Hope this helps. Did I understand your question(s) correctly?
    David

    C 1 Reply Last reply
    0
  • C Offline
    C Offline
    Chad Elstad
    replied to David St-Louis 0 on last edited by
    #3

    @David-St-Louis-0
    On my last question, can you restrict API calls to only be from a specific web domain or mobile app is? Google Api's allowed to restrict calls to firebase to be specifically from an web domain, or the specific app ID's.
    Another way to ask it, is there any way to restrict API calls to from a specific location?
    Thanks again,
    -Chad

    1 Reply Last reply
    0

  • Login

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Solved
  • Unsolved
  • Users