richardperryman
commented
7 years ago I think it is a good idea to try this out if we are still stuck after the weekend. But I think the problem may remain, as the only real difference is the character restriction. While that may solve all of our problems, we still will basically have all the same steps, and we still don't really know what's going on between some of them.
Anyway right now I think the problem was that the NFC shield wasn't sending the message after it got it from the card. This will obviously bottleneck both approaches, so I think we need to get that fixed first.
jessicamorris
Surerocks
Since this encoding issue is proving to be challenging to fix, I was thinking of some other ways we could get around it. We originally decided to do the nfc auth value the way we are currently doing it because it seemed like a quick and easy solution, and it is not quick or easy anymore.
My thought is that we could have the nfc value be a generated string of numbers and characters, that way the encoding shouldn't give us the same problems. However, this value will need to be generated and stored a bit differently to keep it secure. I think it would work like this:
When the App logs in, it will also generate this string to be the nfc password. It will then use PUT or POST to either create or update the appropriate nfc authenticator on the server. Then it can send that nfc password to the pi, and it should all work nicely.
The extra work with this would be in doing the PUT/POST to update the value, since it will require two separate calls to the server (one to check if there is an existing nfc authenticator, one to set it).
I think this solution has benefits overall, since the nfc value is not as susceptible to attacks, but it also requires more calls to the server on each login. What do you guys think about this?