From f1f25c4b783e879e73146bd7f4d2fd666db52a1e Mon Sep 17 00:00:00 2001
From: Matt Bruce <mbrucedogs@gmail.com>
Date: Wed, 14 Jan 2026 13:51:19 -0600
Subject: [PATCH] Update SecureStorageSample

---
 README.md                                        |  8 +++++---
 SecureStorageSample/SecureStorageSampleApp.swift | 15 +++++++++++++++
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index cd9a0f2..cdb17ba 100644
--- a/README.md
+++ b/README.md
@@ -90,9 +90,9 @@ The app demonstrates various storage configurations:
 - 6 access control options (biometry, passcode, etc.)
 
 ### File System
-- Documents directory (persisted, backed up)
-- Caches directory (can be purged)
-- JSON and PropertyList serializers
+- **Documents**: Permanent storage, backed up to iCloud. Use for critical user data.
+- **Caches**: Purgeable storage (iOS may delete when low on space), not backed up. Use for temporary data.
+- JSON and PropertyList serializers supported.
 
 ### App Group Storage
 - Shared UserDefaults via App Group identifier
@@ -117,6 +117,8 @@ The app demonstrates how to configure the `LocalData` library globally during st
 
 - **Encryption**: Customized Keychain service (`SecureStorageSample`) and account (`AppMasterKey`) names to isolate the library's master encryption key from other apps.
 - **Sync**: Set a custom `maxAutoSyncSize` of 50KB to control which data is automatically synchronized to the Apple Watch, overriding the library's 100KB default.
+- **File Storage**: Scoping all library files into a `SecureStorage` sub-directory. This ensures that the library's data (whether in the main sandbox or a shared App Group container) is kept neat and isolated within its own folder, rather than cluttering the root directories.
+- **Storage Defaults**: Pre-configuring the default Keychain service and App Group identifier. This allows common keys in the app to omit these identifiers, reducing boilerplate and making the code more maintainable.
 
 This approach centralizes infrastructure settings and avoids hardcoding environment-specific values within individual storage keys.
 
diff --git a/SecureStorageSample/SecureStorageSampleApp.swift b/SecureStorageSample/SecureStorageSampleApp.swift
index 1a87140..71329d0 100644
--- a/SecureStorageSample/SecureStorageSampleApp.swift
+++ b/SecureStorageSample/SecureStorageSampleApp.swift
@@ -28,6 +28,21 @@ struct SecureStorageSampleApp: App {
             let syncConfig = SyncConfiguration(maxAutoSyncSize: 50_000)
             await StorageRouter.shared.updateSyncConfiguration(syncConfig)
             
+            // 3. Global File Storage Configuration
+            // We scope all our library files into a "SecureStorage" sub-directory 
+            // underneath the standard Documents/Caches folders.
+            let fileConfig = FileStorageConfiguration(subDirectory: "SecureStorage")
+            await StorageRouter.shared.updateFileStorageConfiguration(fileConfig)
+            
+            // 4. Global Storage Defaults
+            // Setting default identifiers for Keychain and App Groups.
+            // This allows keys to be defined more concisely without repeating these IDs.
+            let storageConfig = StorageConfiguration(
+                defaultKeychainService: StorageServiceIdentifiers.bundleIdentifier,
+                defaultAppGroupIdentifier: StorageServiceIdentifiers.appGroupIdentifier
+            )
+            await StorageRouter.shared.updateStorageConfiguration(storageConfig)
+            
             do {
                 try await StorageRouter.shared.registerCatalog(AppStorageCatalog.self)
             } catch {