removed counter because we cannot reliably guarantee that it is incremented

This commit is contained in:
Simon Pirkelmann 2020-06-24 20:52:52 +01:00
parent 75e7e8bf99
commit bc66a3a729
3 changed files with 19 additions and 52 deletions

Binary file not shown.

View File

@ -69,9 +69,9 @@ def select_all_users(conn):
return rows
def increment_counter(conn, id):
def register_access(conn, id):
"""
increment the authentication counter in the database for the given id
increment the authentication counter in the database for the given id and save time of the last access
"""
sql = ''' UPDATE users
SET counter = counter + 1 ,

67
main.py
View File

@ -11,23 +11,10 @@ class DoorLock():
def __init__(self):
# initialize card reader
self.reader = SimpleMFRC522()
self.key = b'Mellon!'
self.key += b' ' * (48 - len(self.key))
def increment(self, counter):
# increment counter and send it to card
counter += 1
data_new = str(counter)
self.reader.write(data_new)
# check if counter was updated successfully
_, text = self.reader.read()
try:
counter_new = int(text)
except ValueError:
return False
return counter == counter_new
def check_authorization(self, reader_id, counter):
def check_authorization(self, reader_id, reader_data):
# open database
conn = create_connection(database)
@ -39,15 +26,14 @@ class DoorLock():
db_id = user[0]
name = user[1]
user_card_id = user[2]
user_counter = user[3]
if reader_id == user_card_id:
# check if use counter on the card matches counter in the database
# if counter is different -> assume the card has been cloned
if counter == user_counter:
print("card id match found")
if reader_data.encode() == self.key:
print("user {} with card_id {} authorized".format(name, hex(reader_id)))
return True, db_id
else:
print("error: counter does not match! please investigate!")
print("incorrect key phrase")
# if no match was found in the database: deny entry
print("You shall not pass!")
@ -70,36 +56,17 @@ class DoorLock():
print("Hold card before reader..")
uid, data = self.reader.read()
print("data = ", data)
#counter = int.from_bytes(data, byteorder='big')
try:
counter = int(data)
except ValueError:
print("error: data on the card could not be converted")
counter = None
print("card read: \n uid = {}\ndata = {}\n".format(hex(uid), data))
authorized, db_id = self.check_authorization(uid, data)
if counter is not None:
print("card read: \n uid = {}\ncounter = {}\n".format(hex(uid), counter))
authorized, db_id = self.check_authorization(uid, counter)
if authorized:
conn = create_connection(database)
register_access(conn, db_id)
if authorized:
# increment use counter on the card
increment_status = self.increment(counter)
if increment_status:
# update the counter and the time of last access in the database
# open database
conn = create_connection(database)
increment_counter(conn, db_id)
self.unlock_door()
else:
# if we cannot increment the counter on the card (e.g. because the card was removed too quickly)
# we do not let the user in even though authentication was correct -> try again
print("increment failed!")
else:
print("authentication failed")
self.release_the_kraken()
self.unlock_door()
else:
print("authentication failed")
self.release_the_kraken()
time.sleep(1.5)
finally:
#GPIO.cleanup()
@ -117,7 +84,7 @@ if __name__ == "__main__":
doors_of_durin = DoorLock()
data = bytearray([0]*16)
#data = '0'
data = 'Mellon!'
#write_success = doors_of_durin.reader.write(data)
doors_of_durin.run_authorization()
pass