I am using wix studio, and I want to share some string securely, I use wix storage api (local) and it works but people with more tech knowledge know how to bypass it. Can someone help
wixStorage is used for client-side storage (local, session and cookies)
It is fully accessible from the client, so it is only made for tokens your clients are allowed to know, such as their authentication token
In case you’re looking for a site-wide secret to be used internally by your server, wixStorage is not what you’re looking for
As for sharing secrets between two sites, either with local storage or with wix-secrets-backend, I do not know myself and will be waiting alongside you for an answer
Hi, lukajekic913 !!
For sharing a secret string between two sites, one of the simplest approaches is to encrypt the secret string and use wix-storage to share it. You can install a standard encryption tool like crypto-js via npm to create encrypted text on the backend environment, and then use wix-storage on the frontend to share it. You can decrypt the encrypted string using crypto-js to revert it to its original form. Don’t forget to use the key string stored in Wix Secrets when encrypting with tools like crypto-js.However, this method is limited to using both sites within the same browser.
If you want to share strings between two sites in a more general way, you would need to use http-functions and HMAC to securely exchange information on the backend.