A simple server-client pair for authenticating RFID tags
tagServer should be run on a server to manage authorized users and keep log files. tagClient is designed to run on a Raspberry Pi with libnfc and a adafruit PN532 Breakout board.
The executable bin/nfcpoll is compiled statically, so its only dependency should be libusb-dev. However, you'll need to do a bit of configuration for it to run.
- Install dependecies:
sudo apt-get install libusb-dev npm nodejsnpm install
- Configure the raspbery pi to free the serial port
- sudo raspi-config
- advanced
- disable login over serial
- Move lib-nfc config files
- sudo mkdir /etc/nfc
- sudo mkdir /etc/nfc/devices.d
- cp contrib/pn532_uart_on_rpi.conf /etc/nfc/devices.c
- Wire up your breakout board
- Test by running bin/nfcpoll (placing a MiFare card in front of it should result in the card's ID being printed to terminal
- If you wish to have the client activate the door lock, you can modify "allow" and "deny" in the c folder to trigger your relay/mosfet
- Install your certificates (see below) or set config.json to not use https (not recommended).
- Install upstart
- cp ./upstart/tagClient.conf /etc/init/
- You should now be able to start the server with
- Reboot and the tag client should start
Put a list of authenticated users in JSON format in users.json:
{"name":"Carson","code":"11231223"}
{"name":"Ben","code":"789"}
RFID Tag is formatted %0x (i.e. deadbeef instead of DEADBEEF)
users.json is in .gitignore for obvious reasons :)
If you need to generate certificates, try following the directions here. Note that you may need to set up /etc/hosts on your client device(s) and give your server a host name, since ssl seems to have beef with IP addresses. Store your root ca (private-root-ca.crt.pem), server key (server.key.pem) and server certificate (server.csr.pem) in the ./keys folder on your server. The client only needs the root ca (same folder).