I recently wrote an article with some basic security advice for Ionic and Cordova applications, but I thought it would be worthwhile discussing those concepts in a little more depth. In this video tutorial, I talk through the concepts that I brought up in the security article.
Here's the video:
- You don't need to understand everything about security before building an application, but you should know enough to know when you need to seek help
- Treat your applications source code like you would treat a standard websites source code (assume that the source code can be viewed by others)
- Use HTTPS when communicating with a server
- Be careful when storing sensitive data in local storage and never store a user's login information in local storage (you should never store a user's password anywhere except as a hash on the server you are authenticating against)
- Consider using an authentication service to handle authentication in your application