HTTP POST and return body handle

Hi All! I need a starting point for the following project I have in mind;

I have seen a lot of sample code but nothing really helped me or was what I was looking for.

My project is to have a MF RC522 module (using the lib) to create an access verification on a door. When the user presents his token to the reader, the reader send an HTTP Post to a webserver which returns a json string. Based on the contents of the json an action is taken by the core. (actions like: close, open, alarm, whatever else)

I can successfully read and write rfid tokens using the mfrc522 lib.

But I’m stuck at the http post+return part. Could some please give me an example in the way of: sending post + handle return body

Any helpful reactie will be more than appreciated!
Regards, Bart

1 Like

Does it have to be HTTP request? If your server can handle SSE you can use those to trigger certain actions. If validation is succesful, you could call a “open door” function.
Webhooks might also be of interest, since those can make certains requests for you.
What kind of server setup are you using? LAMP stack, or some fancy Node.js perhaps?

Also, check out this awesome project as well, since it sounds (very) similar:

There’s a video of it in action on the bottom. Seeing as you’re dutch, you should be able to understand the German :wink:

Thanks for the reply @Moors7! I have seen the “bouncer” project but this depends on the local DB from the core itself. in my project the core must check with a webserver+DB to verify the presented RFID token.

Jep, I have a LAMP stack where also my domotica is running. So just standard HTTP POST back and forth are preferred. No fancy node.js stuff :wink:

There is also a HTTPCLIENT lib available but i do not yet get to understand how this could handle any returned data.

the http client library is perfect for returning the data, it will give you a status code… which will be something like 200 or 400 maybe 500 (if your php code is anything like mine). but it will also give you the body in “response.body”. the library is available in the libraries in the webIDE, I made an update to the library last week to make it work a little faster, though i haven’t had a chance to test it thoroughly yet. you can find the updated code in this thread

once you have the response.body you can pass the json and get keys and values so your code can then unlock doors or whatever

the required bits are the URL or IP, and the port number, the type - POST as you said above, any other headers your server needs. but im sure you know all these! then there is content length… we can calculate that once we know what else we are sending. so what does the server require in the post request… will it be anything besides reading a tag and sending it to the server with a single “tag”:“2138378394789123”

and what are the responses?

One thing you will have to be careful of is mySQL injections, the core can only do http so you will have to do lots of your own security checking and filtering to make sure your DB stays secure… i guess for one offs closed source security through obscurity stuff its ok… I dont know much about it myself but i’m paranoid

to parse the json you can have a look at this awesome piece of code… actually it has the tcp stuff too… so a great place to start.

1 Like

Great work @Hootie81!
But HttpClient could indeed be the best solution! i’m not afraid for SQL injections. My PHP code will deny this plus it will all be internal HTTP traffic.

Do you maybe have a little peace of example code where I can work with? Where a please of JSON string is used in the response body?

i dont have an example with json, but with a few changes to the bitcoin example above you should be able to talk to your own server and get the json response.

in BitcoinPrice.ino just change the lines at the top in the defines, the hostname and number of tokens your server will return. then there is a couple more…

  int statusCode = client.get("/v1/bpi/currentprice/USD.json", &response);

to something like this (im not sure what body your server needs… but you can see where im going)

char body[30];
sprintf(body, "\"tag\":\"%d.%d.%d.%d.%d\"", RC522.serNum[0], RC522.serNum[1], RC522.serNum[2], RC522.serNum[3], RC522.serNum[4]); //this creates a body "tag":"12.34.56.78.90" 
int statusCode = client.post("/yourphpfile.php", body, &response); // and i changed this to post and include the body we just creaed. change the yourphpfile.php to whatever yours is called with directory structure etc.

that should get you started, athough you will probably get rate not found in the serial output unless your server gives it one…

Hey @Hootie81, I’m using the “Bitcoin index” example that @BDub shared. This works much better than the HTTPClient lib.

I’m now writing my PHP code on the server side which will handle the Webhooks and gives the core its feedback on what to do when a RFID token is presented.

After that I will write the code which will integrate the RC522 RFID together with the Webhooks (rest client). When I have cleaned up my work I will publish my code :slight_smile:

But for now, thanks for getting me started!

I have some code I use for webhooks written in php. Tomorrow morning I’ll fire up my laptop and share it. I ended up not using the webhooks and just did a http post to the server instead, cutting out the middle man so to speak. The code is the same either way you go… unless you use https which is where the webhooks wins.

I just made the decision to step-down from webhooks an go further on HTTP POST :smile:
It will integrate better with my domotics which I already have running.

Its working! Using the “Bitcoin price index” as the example i have now successfully running an core which is able to verify the presented RFID token to an MySQL DB.

  1. Token is presented to the core
  2. Core does an HTTP POST request to my webserver with in the body an json sting containing token ID and device ID
  3. PHP script handels the request and based on the json it returns an json string (token and user info are verified with info that is in an MySQL DB.)
  4. Core receives an json string in the body from the return on the POST is had send.
  5. The returned json is processed and based on the information the user gets feedback which is now flashing red when the token is unknown and flashing green when the token is known.
1 Like

awesome news! glad you got it going.

Did it take many changes to get the client working? or the json section of code?

Handling the json string which returns from the server was an good learning path. Since this is an string object and you want to parse it through some IFs or create variables from it.

For example; the json string is like this; {“status”:“SUCCESS”}

    if ( TOKEN_STRING(response.c_str(), tok[i], "status") ) {
    i++;
	strlcpy(obj, &response.c_str()[tok[i].start], (tok[i].end - tok[i].start + 1));
	Serial.print("Token["); Serial.print(i); Serial.print("]: ");
	Serial.println(obj);
	if (strcmp (obj,"SUCCESS") == 0) {
        //Do something when json key "status" is value "SUCCESS"
	} else if (strcmp (obj,"ERROR") == 0){
        //Do something when json key "status" is value "ERROR"
    }
}

And also creating the right variables that returned from reading the RFID token took some creative fiddling to “turn” them into usable variables;

//make String current_key_full into CharArray key
char key[10];
strcpy(key,current_key_full.c_str());

But i promises to post the full code when finished :smiley:

Have you thought about security? Maybe making use of the AES on the core already…

Good idea! In this project the core only connects to a local webserver to verify the token which is presented to the core. Encryption is not a big thing when using inside my home LAN :wink:

But fair enough its good to have it implemented for the purpose of securing an home.
I’ll look into it!

If someone in your street has managed to get onto your wifi… they may sniff for data too. If they see you scan the tag and see an unencrypted success message it becomes clear what they need to do to get in…

At least if it’s all mumbo jumbo then they don’t know what’s going on…

I can only agree to that!