March 29, 2019 at 1:44 pm #65042
First, I would like to thank you for the PassNinja demo, it is clearly a solution we would like to investigate for our project.
However, I am not sure if I have got a correct understanding of how the validation of the users identifier will be done by PassNinja.
Could you please confirm if I understood the validation process
1- The PassNinja reader is running on a Raspberry device, equiped with an NFC interface.
2- The Raspberry will validate the passes, either online (using a server in AWS) or
offline (using a secure module).
3- Then we will have some of our code running in the Raspberry
that will check the validated identifier against our user database (on our servers), and
JulienMarch 29, 2019 at 1:54 pm #65052
forum seems buggy, please see the rest of my question here : https://gist.github.com/jeyries/165b13f96537d6821836c5491b510d13
April 1, 2019 at 11:39 pm #65088
- This reply was modified 2 months, 4 weeks ago by Julien.
Thanks for taking the time to reach out. To answer your questions above
1) You are correct. The reader is running on a RaspberryPi device with our proprietary NFC interface.
2) You are correct again. The reader hardware is linked directly to our infrastructure and can validate passes over an internet connection. We are working hard to bring offline validation to the system and will be rolling that out in the future. It will be possible, in the future, to download passes from an internet connected device, like an android cell phone running our application. That device can then securely connect to the non-internet connected RaspberryPi to transfer access tokens that can be expected to be presented.
3) There should be no need to run any validation on the RaspberryPi at all actually! Our proprietary hardware connects to our cloud infrastructure and there are a number of ways that our cloud infrastructure can validate your end users. All of this happens on our servers and before the customer knows it there validation is complete. This federated identity, and validating against existing auth providers helps makes life easy. Depending on your exact use case this make require some further discussion.
– MattApril 3, 2019 at 8:56 am #65097
Thanks for the answer. I have some more questions about the last point:
4) After validation of a pass, our server will need to get notified (we plan to do some analytics and reporting for our customer). How will that happen ?
5) Also, some action should be triggered locally by the reader (for example enabling an external device, opening a door lock etc.. ). I guess we could use some of the GPIO on the RaspberryPI for that purpose ?
April 3, 2019 at 3:24 pm #65098
4) After validation of a pass on our servers, we will make a POST request to a URL defined by your engineering team. Once we get to the point of secured validation, without an internet connection, we will be able to sync logs whenever a controlling android device is in range.
5) Our Node.js client on the Flomio RPi runs a daemon that provides this functionality. We can coordinate technical requirements and circumstances to confirm, but we have designed our system for flexibility to meet the most rigorous demands. We also have an in-house mechanical engineer that can assist with discussion about interactions with external relays and such.
– MattApril 5, 2019 at 10:40 am #65105
Thanks Matthew for these useful answers .
You must be logged in to reply to this topic.