Windows Phone local storage with Azure cloud sync'ing - sqlite

I'm writing a WP8 app that needs local storage on the phone itself (due to poor internet connectivity) but also the ability to push to the Azure cloud when there is internet available.
I'm just looking to see what everyone thinks is the best method for local storage?
SQLite? JSON string saved to local storage? Or maybe I'm missing something. Ideally I'd like something that mirrored/used the classes I need that represent the tables in the cloud.
Hope this makes sense.
Cheers

You can use the local database for Windows Phone, which allows you to mark up your classes with attributes to define the tables, columns, relationships, etc. You can use SQLite, but I prefer this approach since it's straightforward and easy to implement.
Here's the information on MSDN about it: http://msdn.microsoft.com/en-us/library/windowsphone/develop/hh202860(v=vs.105).aspx
And this walk through example: http://msdn.microsoft.com/en-us/library/windowsphone/develop/hh202860(v=vs.105).aspx

Related

Possible to Host Firestore Onsite?

I'm using firestore for a project in a developing country with intermittent internet access. The internet may go down for up to a day. The client has other systems that use an onsite instance (ie a server they have that runs SQLServer) - that way the systems are still operational if the internet access goes down.
Is it possible to set up Firestore similarly - so that apps that use Firestore can still access it without internet access? If not, what could be a recommended workaround?
No. Cloud Firestore is only available as a cloud-hosted database. There are no "on prem" solutions to run it outside of Google's cloud.
Firebase provides a local emulator, but that's only suitable for running local tests.
Please take a look at this video https://www.youtube.com/watch?v=oDvdAFP6OhQ
Firestore is not designed to work as a standalone database. However, it's designed to withstand longer periods of downtime, hours and even days. But if it's days - you should already consider a different solution.
In your case, I suspect what you'd like to have various clients synchronized even if the Internet is down. This will not work in Firestore as each client would have its own copy of the cache. Thus I wouldn't recommend using Firestore in your scenario.

Securely store access token in Cordova

Edit: see my answer for the solution
Currently working on a Hybrid App with Ionic where there is a requirement to store an authentication Token in order to keep the user logged in, and also guarantee that this data cannot be accessed outside the App context.
There is of course plenty of solutions for this task, each one with different pros-and-cons so it's confusing (for me) to locate the one technology that fits.
I've been looking at angular-localForage and other candidates:
LocalStorage
Obvious choice for small data.
Data gets wiped in iOS when the system is low on memory.
IndexedDB
Buggy support in iOS (IndexedDB support)
WebSQL (SQLite)
Apparently a good option for small data and decent support (WebSQL suppport) but it's deprecated.
SQLite
There are related issues with Cordova in iOS.
LokiJS
Looks like an overkill for this scenario but is definitely a strong candidate. Is the any security concerns I should be aware of (as I read it locally persist data to JSON files)?
PouchDB + SQLite
Well, it's a JS client to work with CouchDB or Couchbase databases wich can also work with SQLite but again I only need to store a Token..
So apparently the best option for Android/iOS cross-compatibility should ironically be WebSQL, but is no longer being developed and I have to guarantee long-term support.
So my question is: are there any other options I'm missing to securely store an access Token? If don't, wich of the above ones should be the best choice for this task?
After doing some research I will share my conclusion.
Funny enough, none of the above candidates are suitable for securely storing an access Token. The approach should be using a native solution for both Android (Shared Preferences) and iOS (Keychain).
In the particular case of Ionic, a broadcaster plugin for Cordova could be used to communicate JS with Native so you can access the stored data.
The only secure way is using "httponly cookie". However, since april 2020 Apple uses wkwebview which has cookie problem.
SQLite is the best option to go with as the content of DB will be encrypted and saved. Also native apps rely on SQLite to save data.
To make CRUD easier with SQLite, I have created a wrapper library. Please check it here
Go for LocalStorage, it is the best way to store

Protecting local proprietary data in an Xamarin app

I have a Xamarin.Forms app that uses a local SqLite database as its source for data. The data is proprietary, so I want to protect it so that if someone gets access to the database file, they would have to decrypt it to access the data.
I also want to limit the number of queries users can make against the database so that at a certain point they have to purchase the ability to use more of the data (in-app purchase).
I want to avoid making network calls as much as possible to minimize impact to the user's data plan and allow the app to work well in conditions where there is poor or no connectivity. So, I want the data stored in a local database (perhaps in SqLite).
I'm curious how different people would approach this problem to protect the data and at the same time minimize network usage.
Here is kind of what I was thinking (if it's possible):
1) Let the user download/install the app.
2) On first load, the app will upload a key based on the device id and the user's current purchase information. Then it will download a SqLite database file that has been encrypted using the uploaded key.
3) When the user reaches their limit of queries, the database file is deleted. If they purchase more data, then a new key is uploaded and a new encrypted database is downloaded to be used.
Thoughts? Is there a better way?
I would suggest SQLCipher! It is a Component within Xamarin (http://components.xamarin.com/view/sqlcipher-for-xamarin-ios) but can also be built from source as it is Open Source (https://www.zetetic.net/sqlcipher/open-source/)
That will totally secure your database :)
UPDATE 8/2/2018 - SQL Cipher is now free and easy to implement thanks to the greatness of Frank Krueger. sqlite-net (https://github.com/praeclarum/sqlite-net) is the defacto sqlite library for Xamarin now (if you're still using the Sqlite.Net fork I recommend going back to sqlite-net as soon as possible as Sqlite.Net has been abandoned) and it now includes SQL Cipher support completely free of charge.
As clb mentioned, SQLCipher is open source. So if you don't want to pay for the component you can download and build the source yourself, then wrap it for use in Xamarin. This is, admittedly, a technically challenging task.
If that's not an option, I would recommend two other options:
Reevaluate your need to store data locally. It's extremely unlikely that you need to transfer enough data to even cause a blip on a user's data plan. And between cellular and wifi, it's not that common anymore for users to be without a connection. It certainly does happen, and there are certain apps where this is very important, but you may have to make concessions if the data is that sensitive.
If you absolutely have to store the data locally, and you can't use SQLCipher, your last real option is to use a cryptography library and encrypt the data itself, rather than the database file. This is less than ideal, typically, for a variety of reasons, but it may be your last resort. PCL Crypt is a PCL capable crypto library that you can look into.
https://github.com/aarnott/pclcrypto

Can SQLite be accessed from another machine?

Is it possible to access a SQLite database running on a WP8 app from a Windows 8/Store/"Metro" app?
If yes, how - is there any trick to it? Is it easy, tricky, or impossible?
If impossible, is it possible with any other DB? AFAIK, SQLite is the only DB that can be used with the new Windows Store style sandboxed apps.
Have a look at this article. It explains that:
sqlite is only used for storing data locally (i.e. cache something from a remote data source)
you cannot connect to remote databases because that involves distributing your database connection string (i.e. username and password) to potentially millions of users
the correct way to provide data to your app is through some sort of service. Think about the different APIs major website have now.
So to answer your question: no, this is a bad idea.

SQLite and Cloud applications

i was wondering if there is a way to enable cloud features for a SQLite database application.
Should i save the whole database to the cloud each time ? For example when i quit the application is it required to save the whole database to the cloud.
What do you suggest ?
Should i drop SQLite and use another database for cloud programming .
iCloud supports SQLite databases.
When properly setup it will only sync change logs instead of the entire database. In theory it's pretty nice. I haven't however had the best of luck using it yet, it seems to be a little too buggy to actually use in ios 5, hopefully it's better in 6.
To be most efficient you could manage a changelog of objects that are modified by the app. Then when its time to sync (while closing the app for instance), you can make operational requests to the Cloud. For add and update you can send the entire object, while for delete just the oid should suffice.
This is a very simple sync scenario. Things can get complicated fast if you are looking to send changes that happen in the Cloud down to the device. That is a scenario for a different thread.
Based on your question, you just need to sync from the device to the Cloud.

Resources