From b7688b55d110cda9d2e527c03d8223812f407d78 Mon Sep 17 00:00:00 2001 From: saravanakumardb1 Date: Sun, 1 Mar 2026 16:37:39 -0800 Subject: [PATCH] fix(security): move PlatformSyncManager auth token from UserDefaults to Keychain --- ios/ChronoMind/Shared/Cloud/PlatformSyncManager.swift | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ios/ChronoMind/Shared/Cloud/PlatformSyncManager.swift b/ios/ChronoMind/Shared/Cloud/PlatformSyncManager.swift index 6d85b45..dbcfbf3 100644 --- a/ios/ChronoMind/Shared/Cloud/PlatformSyncManager.swift +++ b/ios/ChronoMind/Shared/Cloud/PlatformSyncManager.swift @@ -36,7 +36,7 @@ final class PlatformSyncManager: ObservableObject { static let syncEnabled = "chronomind-platform-sync-enabled" static let lastSync = "chronomind-platform-last-sync" static let offlineQueue = "chronomind-offline-queue" - static let authToken = "chronomind-auth-token" + static let authTokenKeychain = "chronomind-sync-auth-token" } // MARK: - Init @@ -58,7 +58,7 @@ final class PlatformSyncManager: ObservableObject { decoder.dateDecodingStrategy = .iso8601 syncEnabled = UserDefaults.standard.bool(forKey: Keys.syncEnabled) - authToken = UserDefaults.standard.string(forKey: Keys.authToken) + authToken = KeychainHelper.read(key: Keys.authTokenKeychain) if let date = UserDefaults.standard.object(forKey: Keys.lastSync) as? Date { lastSyncDate = date @@ -76,9 +76,9 @@ final class PlatformSyncManager: ObservableObject { func setAuthToken(_ token: String?) { authToken = token if let token = token { - UserDefaults.standard.set(token, forKey: Keys.authToken) + KeychainHelper.save(key: Keys.authTokenKeychain, value: token) } else { - UserDefaults.standard.removeObject(forKey: Keys.authToken) + KeychainHelper.delete(key: Keys.authTokenKeychain) } }