Access Control
Implement
Server Side
- OTP Issuer
- BLE Advertiser
- GPIO Controller
- HTTP Server
- Service Broadcast
- Slack Incoming Hook
Server Architecture
Issue OTP
GPIO
Wired
HTTP Hook
Handle Request
Service Broadcast
Bluetooth Advertiser
const bleno = require('@abandonware/bleno');
const authenticator = require('authenticator');
const OTP_SECRET = process.env.OTP_SECRET || 'vi7g 2dk6 ckdq w6of m6bq bng6 a5wv nmhk';
const PROFILE_NAME = 'RytassProfile';
const RYTASS_UUID = '1101a98bbc854d679c862fd9a6bd0c3c';
const OTP_UUID = '2f151c41713748f6a6b2feb9dd1d2c51';
const OTPCharacteristic = new bleno.Characteristic({
uuid: OTP_UUID,
properties: ['read'],
onReadRequest: (offset, callback) => {
const code = authenticator.generateToken(OTP_SECRET);
console.log('On Read', code);
callback(bleno.Characteristic.RESULT_SUCCESS, Buffer.from(code));
},
onSubscribe: (maxValueSize, callback) => {
console.log('On Subscribe', maxValueSize);
},
});
const RytassService = new bleno.PrimaryService({
uuid: RYTASS_UUID,
characteristics: [OTPCharacteristic],
});
bleno.on('stateChange', (state) => {
console.log('State Changed:', state);
bleno.startAdvertising(PROFILE_NAME, [RYTASS_UUID]);
});
bleno.on('advertisingStart', () => {
console.log('Advertising Start');
bleno.setServices([RytassService]);
});
HTTP Server
const Koa = require('koa');
const koaBody = require('koa-body');
const Router = require('@koa/router');
const PORT = Number(process.env.PORT || '9051');
const app = new Koa();
const router = new Router({ prefix: '/gates' });
router.post('/:action', async (ctx) => {
const action = ctx.params.action;
const code = ctx.request.body.code;
if (!~['open', 'close'].indexOf(action)) return;
if (!authenticator.verifyToken(OTP_SECRET, code)) {
ctx.status = 400;
ctx.body = { message: 'Invalid Request' };
return;
}
// Open or Close Door
ctx.status = 204;
});
app.use(koaBody({
urlencoded: false,
text: false,
}));
app.use(router.routes());
app.use(router.allowedMethods());
app.listen(PORT, () => {
console.log(`Gate Server Listen on ${PORT}`);
});GPIO Handler
const { Gpio } = require('onoff');
const OPEN_PIN = process.env.OPENPIN || '23';
const CLOSE_PIN = process.env.CLOSEPIN || '22';
function gpioHandler(action) {
const pinCode = action === 'open' ? OPEN_PIN : CLOSE_PIN;
const pin = new Gpio(pinCode, 'out');
pin.writeSync(0);
setTimeout(() => pin.writeSync(1), 1000);
}Service Broadcast
const bonjour = require('bonjour')();
const PORT = Number(process.env.PORT || '9051');
bonjour.publish({
name: 'RytassGateController',
type: 'http',
protocol: 'tcp',
port: PORT,
});Slack Integration
const axios = require('axios');
const SLACK_HOOK = process.env.SLACK_HOOK_URL || 'https://hooks.slack.com/services/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';
function notifySlack(action) {
axios(SLACK_HOOK, {
method: 'POST',
headers: {
'content-type': 'application/json',
},
data: JSON.stringify({
text: `Rytass HQ Door ${action === 'open' ? 'Opened' : 'Closed'}`,
}),
});
}Client Side
- BLE Peripherals Scanner
- Service Discover
- Characteristic Discover
- Characteristic Reader
- HTTP Request
- Network Service Finder
Story
BLE Scanner
import CoreBluetooth
let MDNS_NAME = "RytassGateController";
let GATE_SERVICE_UUID = CBUUID(string: "1101A98B-BC85-4D67-9C86-2FD9A6BD0C3C");
let OTP_CHAR_UUID = CBUUID(string: "2F151C41-7137-48F6-A6B2-FEB9DD1D2C51");
class ViewController: UIViewController, CBCentralManagerDelegate, CBPeripheralDelegate {
var centralManager: CBCentralManager?;
var gatePeripheral: CBPeripheral?;
func centralManagerDidUpdateState(_ central: CBCentralManager) {
switch central.state {
case .unknown:
print("State Unknown");
case .resetting:
print("Staet Resetting");
case .unsupported:
print("Unsupport");
case .unauthorized:
print("Unauthorized");
case .poweredOff:
print("Power Off");
openBtn.isEnabled = false;
closeBtn.isEnabled = false;
case .poweredOn:
print("Power On");
openBtn.isEnabled = true;
closeBtn.isEnabled = true;
@unknown default:
print("Invalid State");
}
}
}BLE Scanner
override func viewDidLoad() {
super.viewDidLoad()
centralManager = CBCentralManager(delegate: self, queue: nil);
}
@IBAction func onOpenClick(_ sender: Any) {
print("Click Open");
requestAction = "open";
centralManager?.scanForPeripherals(withServices: [GATE_SERVICE_UUID], options: nil);
openBtn.isEnabled = false;
closeBtn.isEnabled = false;
}
func centralManager(
_ central: CBCentralManager,
didDiscover peripheral: CBPeripheral,
advertisementData: [String : Any],
rssi RSSI: NSNumber
) {
print(advertisementData);
gatePeripheral = peripheral;
centralManager?.stopScan();
centralManager?.connect(gatePeripheral!, options: nil);
}
func centralManager(_ central: CBCentralManager, didConnect peripheral: CBPeripheral) {
print("Connected!");
gatePeripheral?.delegate = self;
gatePeripheral?.discoverServices([GATE_SERVICE_UUID]);
}BLE Scanner
func peripheral(_ peripheral: CBPeripheral, didDiscoverServices error: Error?) {
let targetService = peripheral.services?.first(where: { $0.uuid.uuidString == GATE_SERVICE_UUID.uuidString });
print("Services Responsed!");
if (targetService != nil) {
print("Found Service:", targetService!);
gatePeripheral?.discoverCharacteristics(nil, for: targetService!);
}
}
func peripheral(_ peripheral: CBPeripheral, didDiscoverCharacteristicsFor service: CBService, error: Error?) {
let otpCharacteristic = service.characteristics?.first(where: { $0.uuid.uuidString == OTP_CHAR_UUID.uuidString });
print("Characteristics Responsed!")
if (otpCharacteristic != nil) {
print("Found Characteristics", otpCharacteristic!);
peripheral.readValue(for: otpCharacteristic!);
}
}Discover services and characteristics
BLE Scanner
let TARGET_HOST = "http://192.168.2.159:9051";
var requestAction: String = "open";
func peripheral(_ peripheral: CBPeripheral, didUpdateValueFor characteristic: CBCharacteristic, error: Error?) {
print("Read Value", characteristic);
let otpCode = String(bytes: characteristic.value!, encoding: .utf8);
if (otpCode != nil) {
print("Got OTP", otpCode!, "Action:", requestAction);
var request = URLRequest(url: URL(string: "\(TARGET_HOST)/gates/\(requestAction)")!);
request.httpMethod = "POST";
request.setValue("application/json", forHTTPHeaderField: "Content-Type");
request.httpBody = try? JSONSerialization.data(withJSONObject: ["code": otpCode], options: []);
URLSession.shared.dataTask(with: request) { (data, response, error) in
if response != nil {
print(response!);
}
}.resume();
}
centralManager?.cancelPeripheralConnection(gatePeripheral!);
}
Open / Close Request
BLE Scanner
func centralManager(_ central: CBCentralManager, didDisconnectPeripheral peripheral: CBPeripheral, error: Error?) {
print("Disconnected!");
gatePeripheral = nil;
openBtn.isEnabled = true;
closeBtn.isEnabled = true;
}
func centralManager(_ central: CBCentralManager, didFailToConnect peripheral: CBPeripheral, error: Error?) {
print("Connect Failed");
gatePeripheral = nil;
openBtn.isEnabled = true;
closeBtn.isEnabled = true;
}
Error Handler
Service Checker
let browser = NetServiceBrowser.init();
let monitor = NWPathMonitor();
func netServiceBrowser(_ browser: NetServiceBrowser, didFind service: NetService, moreComing: Bool) {
if (service.name == MDNS_NAME) {
print("LAN found!");
openBtn.isEnabled = true;
closeBtn.isEnabled = true;
warningLabel.isHidden = true;
browser.stop();
}
}
override func viewDidLoad() {
super.viewDidLoad()
monitor.pathUpdateHandler = { path in
print("Network changed");
self.browser.stop();
DispatchQueue.main.async {
self.openBtn.isEnabled = false;
self.closeBtn.isEnabled = false;
self.warningLabel.isHidden = false;
self.browser.searchForServices(ofType: "_http._tcp.", inDomain: "local.");
}
}
monitor.start(queue: DispatchQueue.global());
}ขอบคุณ
Rytass Authenticator
By Chia Yu Pai
