fix(security): move PlatformSyncManager auth token from UserDefaults to Keychain

2026-03-01 16:37:39 -08:00 · 2026-03-01 16:37:39 -08:00 · b7688b55d1
commit b7688b55d1
parent e0c7f24954
1 changed files with 4 additions and 4 deletions
--- a/ios/ChronoMind/Shared/Cloud/PlatformSyncManager.swift
+++ b/ios/ChronoMind/Shared/Cloud/PlatformSyncManager.swift
@ -36,7 +36,7 @@ final class PlatformSyncManager: ObservableObject {
        static let syncEnabled = "chronomind-platform-sync-enabled"
        static let lastSync = "chronomind-platform-last-sync"
        static let offlineQueue = "chronomind-offline-queue"
-        static let authToken = "chronomind-auth-token"
+        static let authTokenKeychain = "chronomind-sync-auth-token"
    }

    // MARK: - Init
@ -58,7 +58,7 @@ final class PlatformSyncManager: ObservableObject {
        decoder.dateDecodingStrategy = .iso8601

        syncEnabled = UserDefaults.standard.bool(forKey: Keys.syncEnabled)
-        authToken = UserDefaults.standard.string(forKey: Keys.authToken)
+        authToken = KeychainHelper.read(key: Keys.authTokenKeychain)

        if let date = UserDefaults.standard.object(forKey: Keys.lastSync) as? Date {
            lastSyncDate = date
@ -76,9 +76,9 @@ final class PlatformSyncManager: ObservableObject {
    func setAuthToken(_ token: String?) {
        authToken = token
        if let token = token {
-            UserDefaults.standard.set(token, forKey: Keys.authToken)
+            KeychainHelper.save(key: Keys.authTokenKeychain, value: token)
        } else {
-            UserDefaults.standard.removeObject(forKey: Keys.authToken)
+            KeychainHelper.delete(key: Keys.authTokenKeychain)
        }
    }