From 572e6375a199bf917c9b34e230af698968f78ce0 Mon Sep 17 00:00:00 2001
From: Naufal-Nalendra <16521240@std.stei.itb.ac.id>
Date: Fri, 15 Mar 2024 22:00:30 +0700
Subject: [PATCH] feat: encrypted shared preferences for token

---
 app/build.gradle.kts                          |  1 +
 .../java/itb/bos/bondoman/LoginActivity.kt    |  3 ++
 .../bos/bondoman/viewModel/LoginViewModel.kt  | 31 ++++++++++++++++---
 gradle/libs.versions.toml                     |  2 ++
 4 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/app/build.gradle.kts b/app/build.gradle.kts
index 98666f8..9253460 100644
--- a/app/build.gradle.kts
+++ b/app/build.gradle.kts
@@ -51,6 +51,7 @@ dependencies {
     implementation(libs.androidx.navigation.ui.ktx)
     implementation("com.squareup.retrofit2:retrofit:2.9.0")
     implementation("com.squareup.retrofit2:converter-gson:2.9.0")
+    implementation("androidx.security:security-crypto:1.0.0")
     testImplementation(libs.junit)
     androidTestImplementation(libs.androidx.junit)
     androidTestImplementation(libs.androidx.espresso.core)
diff --git a/app/src/main/java/itb/bos/bondoman/LoginActivity.kt b/app/src/main/java/itb/bos/bondoman/LoginActivity.kt
index 725995b..669050c 100644
--- a/app/src/main/java/itb/bos/bondoman/LoginActivity.kt
+++ b/app/src/main/java/itb/bos/bondoman/LoginActivity.kt
@@ -34,6 +34,9 @@ class LoginActivity : AppCompatActivity() {
             val email = findViewById<EditText>(R.id.email).text.toString()
             val password = findViewById<EditText>(R.id.password).text.toString()
             loginViewModel.login(email, password)
+            // After successful login
+            // loginViewModel.checkToken()
+
         }
     }
 }
diff --git a/app/src/main/java/itb/bos/bondoman/viewModel/LoginViewModel.kt b/app/src/main/java/itb/bos/bondoman/viewModel/LoginViewModel.kt
index 6eea4e9..1d2ab23 100644
--- a/app/src/main/java/itb/bos/bondoman/viewModel/LoginViewModel.kt
+++ b/app/src/main/java/itb/bos/bondoman/viewModel/LoginViewModel.kt
@@ -1,8 +1,11 @@
 package itb.bos.bondoman.viewModel
+
 import android.annotation.SuppressLint
 import android.content.Context
 import android.util.Log
 import android.widget.Toast
+import androidx.security.crypto.EncryptedSharedPreferences
+import androidx.security.crypto.MasterKeys
 import androidx.lifecycle.ViewModel
 import itb.bos.bondoman.helper.performLogin
 import kotlinx.coroutines.CoroutineScope
@@ -11,10 +14,22 @@ import kotlinx.coroutines.launch
 
 class LoginViewModel : ViewModel() {
 
+    private lateinit var encryptedSharedPreferences: EncryptedSharedPreferences
+
     @SuppressLint("StaticFieldLeak")
     private lateinit var context: Context
 
     fun init(context: Context) {
+        val masterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
+        encryptedSharedPreferences = EncryptedSharedPreferences.create(
+            "login",
+            masterKeyAlias,
+            context.applicationContext,
+            EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+            EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
+        ) as EncryptedSharedPreferences
+        Log.d("EncryptedSharedPreferences", encryptedSharedPreferences.toString())
+
         this.context = context
     }
 
@@ -47,8 +62,7 @@ class LoginViewModel : ViewModel() {
     }
 
     private fun storeToken(token: String) {
-        val sharedPreferences = context.getSharedPreferences("login", Context.MODE_PRIVATE)
-        sharedPreferences.edit().putString("token", token).apply()
+        encryptedSharedPreferences.edit().putString("token", token).apply()
     }
 
     private fun handleLoginFailure(e: Exception) {
@@ -57,8 +71,15 @@ class LoginViewModel : ViewModel() {
     }
 
     fun getToken(): String? {
-        val sharedPreferences = context.getSharedPreferences("login", Context.MODE_PRIVATE)
-        return sharedPreferences.getString("token", null)
+        return encryptedSharedPreferences.getString("token", null)
     }
-}
 
+    fun checkToken() {
+        val token = getToken()
+        if (token != null) {
+            Log.d("Token", "Token retrieved successfully: $token")
+        } else {
+            Log.d("Token", "No token found")
+        }
+    }
+}
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index dcb3008..4ffc98f 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -13,6 +13,7 @@ lifecycleLivedataKtx = "2.6.1"
 lifecycleViewmodelKtx = "2.6.1"
 navigationFragmentKtx = "2.6.0"
 navigationUiKtx = "2.6.0"
+securityCryptoKtx = "1.0.0"
 
 [libraries]
 androidx-core-ktx = { group = "androidx.core", name = "core-ktx", version.ref = "coreKtx" }
@@ -27,6 +28,7 @@ androidx-lifecycle-livedata-ktx = { group = "androidx.lifecycle", name = "lifecy
 androidx-lifecycle-viewmodel-ktx = { group = "androidx.lifecycle", name = "lifecycle-viewmodel-ktx", version.ref = "lifecycleViewmodelKtx" }
 androidx-navigation-fragment-ktx = { group = "androidx.navigation", name = "navigation-fragment-ktx", version.ref = "navigationFragmentKtx" }
 androidx-navigation-ui-ktx = { group = "androidx.navigation", name = "navigation-ui-ktx", version.ref = "navigationUiKtx" }
+androidx-security-crypto-ktx = { group = "androidx.security", name = "security-crypto-ktx", version.ref = "securityCryptoKtx" }
 
 [plugins]
 androidApplication = { id = "com.android.application", version.ref = "agp" }
-- 
GitLab