On Tue, Sep 22, 2015 at 9:48 AM, Corinne Krych <corinnekrych(a)gmail.com>
wrote:
Hello Guys,
Revisiting OTP demo for iOS client, I've seen some improvements that could
be done in the OTP lib itself.
1. storage of secret is done at cordova- layer [1] and [2]. It would be
better to store them in a safe storage (ie: Keychain for iOS, KeyStore for
Android etc...) or at least leave the option for end user.
I'm not against to have a complete example and storing the secret in the
database, but I'd prefer only scan QRCode and show the code on screen. I
think it make the example easily to our community
debug/play/understand/focus on OTP
2. extracting secret from URL (read from QRCode) is done on each
native
client demos or in Corodva layer. See [3] for iOS and [4] for Android and
[5] for Cordova. What about moving this code snippet in the library itself.
For ex, add a new initialiser of OTP which takes an URL.
+1 I like it.
Thoughts?
--
-- Passos