From bc66a3a729f6ca60b1c94904bedda38140ed6e6e Mon Sep 17 00:00:00 2001
From: Simon <simon.pirkelmann@gmail.com>
Date: Wed, 24 Jun 2020 20:52:52 +0100
Subject: [PATCH] removed counter because we cannot reliably guarantee that it
 is incremented

---
 authorized_cards.db | Bin 8192 -> 8192 bytes
 database.py         |   4 +--
 main.py             |  67 +++++++++++---------------------------------
 3 files changed, 19 insertions(+), 52 deletions(-)

diff --git a/authorized_cards.db b/authorized_cards.db
index 95d7145c1147dceeb64c27c56f92593659bc0924..e2b60737ee14e4343dad10f14cdc221a1457485c 100644
GIT binary patch
delta 136
zcmZp0XmFSy&1gGO#+lJ}W5ObSu6zb2el-SuHU6!e1qDR;CkC)iR+Hyv`~6@#cf0xI
zdGcaP=0-+lMg~R(x&~&tMkWe|mR6>QRwfpDhQ?;*=Ee*R3~mz(oy0wv*coJ5IUOCt
l5_3}XN;2~pIIUlX^#V;0pFCThpAW3d)KJgF(8$oh5&%OoA|C(%

delta 113
zcmZp0XmFSy&1gPR#+lK4W5ObSt{n_a{AvvRYW(?|1qDR;CkC)iR+Hyv<FtMm)@w4^
zT3$`r%*xo@%Fsa1#Ms=(+{B%Uok5m`!_hG;F();zBr^}Ba`G8@H6c?g6EiC#3q2D<
P3rkB=1_lO?iG?lzO2Hft

diff --git a/database.py b/database.py
index a3ebc34..adbc12f 100644
--- a/database.py
+++ b/database.py
@@ -69,9 +69,9 @@ def select_all_users(conn):
 
     return rows
 
-def increment_counter(conn, id):
+def register_access(conn, id):
     """
-    increment the authentication counter in the database for the given id
+    increment the authentication counter in the database for the given id and save time of the last access
     """
     sql = ''' UPDATE users
               SET counter = counter + 1 ,
diff --git a/main.py b/main.py
index 8f2b02e..411d3b3 100644
--- a/main.py
+++ b/main.py
@@ -11,23 +11,10 @@ class DoorLock():
     def __init__(self):
         # initialize card reader
         self.reader = SimpleMFRC522()
+        self.key = b'Mellon!'
+        self.key += b' ' * (48 - len(self.key))
 
-    def increment(self, counter):
-        # increment counter and send it to card
-        counter += 1
-        data_new = str(counter)
-
-        self.reader.write(data_new)
-
-        # check if counter was updated successfully
-        _, text = self.reader.read()
-        try:
-            counter_new = int(text)
-        except ValueError:
-            return False
-        return counter == counter_new
-
-    def check_authorization(self, reader_id, counter):
+    def check_authorization(self, reader_id, reader_data):
         # open database
         conn = create_connection(database)
 
@@ -39,15 +26,14 @@ class DoorLock():
                 db_id = user[0]
                 name = user[1]
                 user_card_id = user[2]
-                user_counter = user[3]
+
                 if reader_id == user_card_id:
-                    # check if use counter on the card matches counter in the database
-                    # if counter is different -> assume the card has been cloned
-                    if counter == user_counter:
+                    print("card id match found")
+                    if reader_data.encode() == self.key:
                         print("user {} with card_id {} authorized".format(name, hex(reader_id)))
                         return True, db_id
                     else:
-                        print("error: counter does not match! please investigate!")
+                        print("incorrect key phrase")
 
             # if no match was found in the database: deny entry
             print("You shall not pass!")
@@ -70,36 +56,17 @@ class DoorLock():
                 print("Hold card before reader..")
                 uid, data = self.reader.read()
 
-                print("data = ", data)
-                #counter = int.from_bytes(data, byteorder='big')
-                try:
-                    counter = int(data)
-                except ValueError:
-                    print("error: data on the card could not be converted")
-                    counter = None
+                print("card read: \n  uid = {}\ndata = {}\n".format(hex(uid), data))
+                authorized, db_id = self.check_authorization(uid, data)
 
-                if counter is not None:
-                    print("card read: \n  uid = {}\ncounter = {}\n".format(hex(uid), counter))
-                    authorized, db_id = self.check_authorization(uid, counter)
+                if authorized:
+                    conn = create_connection(database)
+                    register_access(conn, db_id)
 
-                    if authorized:
-                        # increment use counter on the card
-                        increment_status = self.increment(counter)
-
-                        if increment_status:
-                            # update the counter and the time of last access in the database
-                            # open database
-                            conn = create_connection(database)
-                            increment_counter(conn, db_id)
-
-                            self.unlock_door()
-                        else:
-                            # if we cannot increment the counter on the card (e.g. because the card was removed too quickly)
-                            # we do not let the user in even though authentication was correct -> try again
-                            print("increment failed!")
-                    else:
-                        print("authentication failed")
-                        self.release_the_kraken()
+                    self.unlock_door()
+                else:
+                    print("authentication failed")
+                    self.release_the_kraken()
                 time.sleep(1.5)
         finally:
             #GPIO.cleanup()
@@ -117,7 +84,7 @@ if __name__ == "__main__":
     doors_of_durin = DoorLock()
 
     data = bytearray([0]*16)
-    #data  = '0'
+    data  = 'Mellon!'
     #write_success = doors_of_durin.reader.write(data)
     doors_of_durin.run_authorization()
     pass
\ No newline at end of file