As I work on developing a Phonegap application that requests data from my server via API, I want to ensure that only authorized users are able to access this data. To achieve this, I have implemented HTTP basic authentication.
This method involves including a username and password with the API request sent by the app. While the user and password details are stored in my JavaScript code, Phonegap's transformation of this into a native app makes it less vulnerable to easy accessibility.
However...
Despite a Cordova application being compiled from HTML and JavaScript assets bundled within a native container, it is important to note that the code may not be completely secure. There is a possibility of reverse engineering a Cordova application.
Given this scenario, I am curious if there are any additional measures that can be taken to enhance the security of requests made through Phonegap or if its limitations make complete security unattainable.