2.5 KiB
Gatekeeper - Door access system
Status: WIP - getting there o.o
Start prod server nix run
Start dev server nix run .#dev or nix run .#dev -- {args}
Interactive dev with nix develop, then sync deps with uv sync
Swagger UI @ http://127.0.0.1:8000/api/v1/docs
OpenApi @ http://127.0.0.1:8000/api/v1/openapi.json
Config:
Nixos config for the card reader:
services.pcscd = {
enable = true;
plugins = [ pkgs.acsccid ]; #<-- Needed for the ACE1552U
};
This application is configured using env vars. You can use cp .env.example .env and then edit .env to change the keys to something else.
A note on keycard scanners
I have tried two scanners while developing this project, the TWN4 MultiTech 2 from elatec and the ACR1552U from acs.
TWN4
From the factory the TWN4 comes with firmware that emulates a HID and just inputs the serial of any scanned card. To be usable with pcscd it had to be flashed with the TWN4_xPx520_S1SC161_Multi_CCID_1Slot_Standard.bix firmware found in the TWN4DevPack520 which can be downloaded under https://www.elatec-rfid.com/int/elatec-software (They send you a download link via email).
This software seems to not work under wine. I had to setup a win10 vm and pass the usb to be able to flash.
Range: In my testing the TWN4 has a range of about 22mm when interfacing with our Mifare DESFire v2 cards. This is not enough for our idea of mounting the scanner on the inside of a glass window.
ACR1552U
The ACR1552U comes preloaded with PC/SC firmware. You need to install the acsccid package with your package-manager of choice (Nixos user see above) for the scanner to work but after that I had no problems with the hardware interfacing.
Range: The range of the ACR1552U was much better at over 60mm (almost 70mm if you take of the face plate)
Issues:
- documentation missing
- raspberry pi image not working
- no door state
- no door operations
- hardcoded secret key in auth.py -> centralise env var loading
- i don't like the error handling in the scanner - doesn't pass errors correctly
- cors for frontend: https://fastapi.tiangolo.com/tutorial/cors
- Load cors from env var or something
- BackgroundScanner shouldn't get a single session for the whole lifecycle
- input validation maybe
- too many imports
- inconsistent logging (request logging?)
- rate limiting maybe
- pretty sure the controllers are doing too much stuff
- hardware call tests or sth