I have a web based shopping list program that I've written (clojure, ring, hiccup, friend, ...). It's only used by me and my wife and I'm running the server on a machine at home. Currently, I'm using friend for authentication and using cookie for session store.
My idea now is to use a local file (on the PC, phone and tablet) that contains a UUID that's specific for the user. So when friend requests credentials, a small javascript on the page sends back this UUID, it's compared to the one in the DB for that user and if they match, we're good.
The local file with the UUID would be copied there manually by me on each device. This seems like a pretty secure setup to me and won't require any login procedure by the user. For some reason that I haven't figured out, my phone (Samsung S8 and chrome) deletes my cookie after a few minutes even though I've set it to expire in 10 years! My tablet (Samsung S2 and chrome) and PC (ubuntu with chrome) doesn't do that.
Every way I've tried to read a local file have failed and I'm running out of ideas. I read somewhere that this isn't possible because there have to be user interaction for security reasons.
Any suggestions?
You could use localStorage to store the UUID and load it their by a simple form like:
<input type="text" onchange="localStorage.setItem('UUID',this.value)">
And include the form either hidden somewhere or in on a page nobody goes to normally like /inputuuid.html.