🏠 Overview 🧩 Components 🧩 Secure Token Store

Secure Token Store

Component Detail

Infrastructure low complexity mobile
0
Dependencies
1
Dependents
2
Entities
0
Integrations

Description

Hardware-backed token vault using flutter_secure_storage, which maps to iOS Keychain and Android Keystore with hardware-backed protection. Stores and retrieves the device-bound refresh token used for biometric unlock, ensuring no plaintext token is ever written to unprotected storage.

Feature: Biometric Login (Face ID/Fingerprint)

secure-token-store

Sources & reasoning

flutter_secure_storage backed by iOS Keychain and Android Keystore is the required mechanism for hardware-backed refresh token storage on mobile. Encapsulating it as an infrastructure component prevents secure-storage calls from scattering across the auth layer and makes the storage backend swappable.

No source references — this artifact was included based on reasoning alone (see above).

Responsibilities

  • Store the device-bound refresh token in the platform secure enclave
  • Read the stored token on biometric success for exchange
  • Delete the token on full logout or session revocation

Interfaces

storeToken(key: String, value: String) -> Future<void>
readToken(key: String) -> Future<String?>
deleteToken(key: String) -> Future<void>

Relationships

Dependents (1)

Components that depend on this component

service Biometric Token Exchange Service

Related Data Entities (2)

Data entities managed by this component

Refresh Token 16 fields core Session 21 fields core