Raspberry Pi Door Strike Access Control System With Android Tablet

Hi everyone,

In this Instructable, we will show you how we created our Raspberry Pi-based electric door strike access control system, which is comprised of four main parts:

1. A hardware subsystem consisting of an electric door strike, a RFID and magnetic card stripe reader, and a Raspberry Pi along with some simple electronics to wire everything together.
2. A backend subsystem consisting of PHP code with a MySQL database and a JavaScript-based admin interface that mediates access to the Hackerspace
3. A frontend subsystem consisting of an Android Tablet that provides instantaneous feedback to door strike users about their access swipe and allows new users to request access
4. A set of 3D printed mounts for the Android Tablet, card reader, and Raspberry Pi.

Our door strike system was designed, implemented, and installed at the Human-Computer Interaction Laboratory (HCIL) Hackerspace at the University of Maryland (UMD). We had three primary design goals:

1. First, we wanted to allow anyone with a magnetic stripe card--like a school id, library card, or even old hotel card--to be able to access the space (or at least request access).
2. Second, too often we’ve used magnetic stripe readers in the past that provide little-or-no feedback to the user. So, we wanted to have a co-located touchscreen that would guide the user through their access swipe. This is provided by the Android Tablet.
3. Finally, and most importantly, we wanted new students and others interested in the Hackerspace to be able to easily request access. We do this via the co-located Android Tablet as well.

Led by Professor Jon Froehlich, this system was created by high school research assistants: Ji Hyuk Bae, Sean Bae, Jamie Gilkeson, Michael Holachek, and Ben Holland as well as by undergraduate research assistant Weishin Chen.

Quick Links to Artifacts

• The source code for both the frontend and backend subsystem can be found in a GIT repository here:
  https://github.com/jonfroehlich/HCILHackerspaceDoo...
• The custom 3D-model for the Nexus 7 Tablet wall mount/frame: http://www.thingiverse.com/thing:424300
• The custom 3D-model for the ZCS100 card reader mount: http://www.thingiverse.com/thing:424273
• The custom 3D-model for the Raspberry Pi:
  https://www.thingiverse.com/thing:1757106

You need the following materials for this project:

• Door Strike Circuit
  • 1 Common 12 V Power Supply
  • 1 Solenoid
  • 1 Nidec 24V .09A Fan
  • 1 Raspberry PI
  • 2 Resistors
    • 1k Ohm 5%
    • 10k Ohm 5%
  • 1 Diode
  • 1 Mosfet IRLB8721
  • 1 Card Reader ZCS100 from Zhenzhen ZCS Technology Co.
  • Wires/Solder/Perf board/Cardboard/Nails/Glue
    
• Front End:
  • 1 Android Nexus 7 1st Gen tablet
  • 1 Android Power cable (Tablet)
  • Custom Javascript/PHP code

  • Kiosk Browser Lockdown from ProCo App

• Back End:
  • 1 Monitor (For setup only)
  • 1 Keyboard (For setup only)
  • 1 Mouse (For setup only)
  • 1 HDMI Cable (For setup only)
  • 1 Ethernet Cable
  • 1 Power Cable for PI (Micro USB cable)
  • Custom Javascript/PHP code
• Power:
  • 2 AC-USB adapters (one for pi and one for tablet)
• Tools:
  • Wire Strippers
  • Soldering Gun
  • Drill/Drill bits
  • 3D Printer

The Mosfet is necessary to protect our Raspberry Pi from and to provide sufficient power for the solenoid in the electric door strike. You can read more about this type of scenario here: http://www.embeddedrelated.com/showarticle/77.php

The Mosfet that we have selected has three pins: G - Gate, D - Drain, and S - Source.

To wire parts of the Mosfet follow these steps

1. First, connect G to S with a 10k Ohm 5% resistor (Brown, Black, Orange, Gold)
2. Second, connect the 1k Ohm 5% resistor (Brown, Black, Red, Gold) to the G as well leaving the other end free
3. Next, connect a wire from S to a common ground location (This will be used for all grounds)
4. Finally, connect the anode of the diode to the D of the Mosfet
5. Connecting the fan: we again need to expose the end of the wires for the fan
   • Attaching the ground to the common ground and the positive end to the cathode end of the diode

The door strike contains a magnetic solenoid (similar to an electro magnet) which pulls back a pin inside the door strike allowing the strike itself to move freely and thus the door to swing open.

The door strike that we have chosen, is an unmarked brand. The one that we are using has one wire that splits into four different colored wires (Red/Yellow/Green/Black). The two wires that we will be using will be Green (Power) and Black (Ground).

If the door strike that you have chosen does not split into different colored wires at the end, cut and strip the end and find the power and ground wires.

To connect your door strike to the circuit, connect the power end (Green with ours) to the cathode side and the ground to the anode side.

This will allow us to trip the door strike when a good card is registered and thus to allow entry to the door on a card swipe.

Because we did not want the circuit to overheat we decided to add a fan in to the circuit. The fan that we have chosen is the Nidec 24V .09A Fan.

This fan has 2 wires red (power) and black (ground). In order to attach it to the circuit, we cut and stripped the ends of the wires.

To connect the fan we attached the black wire to the common ground while connected the red wire to the cathode.

NOTE: We did this to allow current to pass through the fan constantly, thus keeping it on.

To power this circuit, we need to connect it to a power source. The power supply that we selected is a common power supply that supplies 12 V.

Finally, grab the power supply, making sure that it is not plugged in, cut the ends off and strip the wires. Make note of which wire is positive and which is negative Plug the negative end into the common ground and the positive end to the cathode.

Now that you have completed the circuit, you need to connect the rest of the hardware for the Raspberry Pi. Our code uses pin 12 as the GPIO pin controlling the door strike but you may modify this to use any pin you wish.

Your Raspberry Pi will need to run a web server as well as watching the card swipe for incoming data. Our implementation uses a LAMP server for the RPi, and a python script to watch incoming data. LAMP is a linux server running apache as a web host, mysql for database management, and php as a server side scripting language (we use it to communicate between our webserver and our mysql database without exposing details of the database to the user)

You can download the most recent raspbian image here http://www.raspbian.org/. This image should be written to a new SD card of (at least 8GB). Details on writing an SD card for raspberry pi can be found here, http://www.raspberrypi.org/documentation/installa....

Now we need to set up our webserver. This involves installing PHP, Mysql, and Apache. In depth instructions can be found here: http://www.raspberrypi.org/documentation/installa... This will allow you to run a small web server to control access to your door, as well as to store information needed by the door access control system. Confirm that the directory /var/www exists, this is where your web server files will be located.

Now we will set up Mysql. You should have created a root account and password when you installed mysql. Log into mysql using the command mysql -u root -p, followed by your password when queried for it. We can now set up our database and tables, our is called doorMaster and all the files are currently set up to use the doorMaster database. A change of name will necessitate a number of files being changed (not a big deal as these files will also require updated passwords usernames and ip addresses.) Here is an example of how to get started with a Mysql database:http://www.raspberrypi.org/documentation/installa... Our Database uses 5 tables, acceptedCards, accessRequests, log, adminLogin, and status. To implement our code exactly it is important that all of these tables are identical to ours.

• acceptedCards
  
  • card | text
  • name | text
  • email | text
  • admin | tinyint(1)
• accessRequests
  • card | text
  • name | text
  • email | text
• adminLogin
  
  • Username | text
  • Password | text
  • Salt | text
• log
  • accessRequest | text
  • action | text
  • timestamp | text
• status
  • status | text
  • timestamp | text

You should now have an RPi Lamp server with a complete doorMaster Mysql database. You are ready to begin writing your control code, or implementing ours.

This instruction assumes that you would like to copy the code from our git repository onto your raspberry pi. If this is the case you can use the instructions here to install git on your RPi: http://frustrateditengineer.wordpress.com/2013/01/...

If instead you would like to build you own system from scratch, our code has a number of comments which you might find useful in your own development.

The www directory here will replace the /var/www/ directory on the pi. The door control directory should be placed in the /home/pi/ directory.

To have the door control program start when the pi boots simply modify the file /etc/rc.local (you will need to use the root user to do this (e.g. sudo nano /etc/rc.local). At the bottom of this file, just before the last line which reads exit 0, add a bash call to your door control file including the full address. For us this was: sudo python /home/pi/doorControl/doorWatchDog.py. The door control program must be run as root because the GPIO pin library requires root access.

Now you will need to update the passwords and IPs to reflect your systems information. The python files doorIB.py and doorWatchDog.py in the directory /home/pi/doorControl/ require access to mysql, and will need to have your mysql password updated at the top of both files. The watch dog (doorWatchDog.py) also requires an email account which is used to alert administrators when the doorIB program crashes. The file is currently set up to use gmail, and the position of log in information is commented in the files. This email account can be set up specifically for the door, or it can be an existing email.

All the PHP files in /var/www need access to the Mysql database, this requires you to update username, password, and the local ip of your pi in each of these files. You may also have to update the database name as needed. Finally in /var/www/Testing2, there is one python file, alertAdmins.py, which requires Mysql access to be updated, and will also use the email account you set up earlier for the watch dog. The final step is to updated the /var/www/Testing2/testing2 to your own google+ photo account. You will need the user id and user name to draw photos from a public photo stream to be displayed in the background of your front end web interface.

Please note, you don't need to update any of the files if you set the root Mysql password to password, and give your RPi the static IP address of 192.168.1.10. This is however not secure or recommended, but it can be used initally to quickly put up a system and updated for security later.

You will now need to reboot your pi. Make sure that your card reader is plugged into your RPi, and that the solenoid control circuit is in place. You should be able to see your admin page over your local network (just type your RPi's IP address into your browser's address bar) and should be able to log in with the user name and password you added to the adminLogin table in Mysql. The front end pages can be reached at the url http://192.168.1.###/Testing2/testing2.html.

The admin page is a simple webtool which allows administrators to view the log and accept/remove/etc. users without having to interact with the database. If you correctly assembled the /www/ code from our git, you should be able to access the admin page by typing your RPi's IP into your browser. This works well, but the issue with this setup is that the admin page can only be accessed locally.

If you want to be able to access your admin page from outside the RPi's local network you will need a static external IP address (this will be different from the static IP you set up for your RPi, usually you have to pay your ISP for a static external IP. You could also look into using a dynamic DNS service such as https://www.duckdns.org/) and you will need access to your router settings.

You will need to set up port forwarding to your RPi via your router (on our rotuer this is under the gaming options) and set your router to forward traffic from port 80 (this is the default port for a webserver) to forward to your RPi's local IP address. If your ISP blocks incoming port 80 traffic, which is common, you will need to set up your RPi to watch a different port. Instructions can be found here: http://www.noveldevices.co.uk/rp-webserverport

The interactive front end, which is a website, allows the user to not only see the status of the door (whether access has been granted), but also request access to the door if necessary. This front end will allow users to request access even when an admin is not currently on site.

The entire code can be found here: https://github.com/jonfroehlich/HCILHackerspaceDoorStrike, however note that you have already set up this portion of the code in the above steps (the /var/www/ directory)

The website contains three layers. Listed below are the basic functions of each layer. See Steps 10-12 for more detail.

• Back layer: contains a slideshow of photos pulled down from Google Plus. As more photos are uploaded to the photo stream, they are automatically pulled down and added to the slideshow.
• Middle layer: a translucent color layer that switches color based on the status of the door. If access is granted, the layer turns green, or red if denied. When idle, this layer is kept black.
• Front layer: displays a welcome message, the logo, and the status of the door. This layer is refreshed constantly at an interval of 0.5 seconds.

When access is granted, the user is given 5 seconds to enter the door.

When access is denied, the user is given 2 minutes to either re-swipe or enter their name and email to request access to the door. After filling out each input field, the user can simply hit the "Go" button to proceed. If he is on the name field, he will be taken to the email field. If he is already on the email field, the form will be submitted. When the form is submitted,

In both cases, after the amount of time indicated has passed, the page times out and refreshes.

Note: the positions of the elements will likely need to be changed according to your

Refer to the images to get a better idea.

To make our interface more visually appealing we are using it as a digital picture frame when it's not being used. The slideshow layer is what controls this.

This layer contains a slideshow that pulls pictures from a Google Plus album.

When pictures are uploaded, the website will automatically add them to the slideshow.

Note: The website takes a few seconds to pull down photos from Google Plus. It is recommended that you initialize the source of rotatingImage (see code) so that you will not see an image-less screen for a few seconds every time the website times out and refreshes.

On top of the slideshow is a translucent color layer. It indicates the status of the door as the following:

• Black: Idle/Home

• Green: Access Granted

• Red: Access Denied

Along with the front layer, this layer is refreshed constantly at an interval of 0.5 seconds to obtain the current status and change accordingly.

The front layer displays information for the user. It gives some instruction as to how to use the system and also displays more in depth status messages as needed.

This layer, along with the middle layer, is constantly refreshed at an interval of 0.5 seconds and is changed according to the current status of the door. The title/logo is kept regardless of the status.

Information is displayed below the title/logo as the following:

• Idle/Home: "Please swipe your card for access..."
• Access Granted: "Access Granted! Welcome [user's name]!"
• Access Denied: "Access Denied! Reswipe or request access by filling out..." and input fields below for name and email

The form for requesting access is initially set to be invisible. It is set to be visible only when access is denied.

Refer to the images to get a better idea.

Because this front end is a web application, to ensure that a user cannot use other applications on the device, we used an application called Kiosk Browser Lockdown from ProCo Apps. The application can be found here: https://play.google.com/store/apps/details?id=com....

The full screen mode can be enabled in Settings by using the Demo of the Pro features. However, in this case, a message indicating that the browser is using the demo is displayed every time the website refreshes, which may not be ideal for many. Purchasing the pro version, which costs £5 GBP (approximately $8.35 USD), will stop this.

For the 3D parts we printed, we used Tinkercad (tinkercad.com).

The website itself has many tutorials, but the general idea of the tool is to start with a basic shape and use other shapes as subtractive “cutters” to indent, make a hole through or even write on your design, and other additive shapes to expand your design in different directions.

a. The most important thing to do, before anything else is to measure all dimensions of the card swipe, even those that may not at first seem important may come in handy later.

b. In the picture, is the preliminary measurements made on the card swipe device using a caliper in order to get measurements to the most precise degree, you want to have to resize this a few times as possible

Brainstorm ways of connecting the two pieces of technology to the wall. Sketch it all out on paper before you start to use Tinkercad.

Feel free to come up with your own design, follow the steps of mine, or simply use mine, the designs are posted to Thingiverse at the links provided.

a. Card Swipe Mount: http://www.thingiverse.com/thing:424273

i. Start with a rectangular base, from that build up wedge and rectangular shapes to fit the shape of the card swipe.

ii. Be sure to leave a space where the slot of the card swipe remains exposed and accessible.

iii. Create four beveled, circular cuts out of the base of the mount for screw holes.

iv. Note that all dimensions in this design that directly relate to the size of the card swipe should be a few millimeters larger than the actual dimensions of the card swipe in order to allow the card swipe to be inserted.

b. Tablet Mount: http://www.thingiverse.com/thing:424300

i. Start with a pyramid shape, then cut off the head, this creates a base that slants on the sides and increases sturdiness.

ii. Subtract two rectangular shapes from the middle of the base, a larger one to fit the tablet, and a smaller one to display the screen.

iii. Cut holes in the sides on the base as necessary to create access to required buttons and functions.

iv. Add an area to the interior adjacent to the tablet space to allow for a power cord within the mount.

v. Create four holes, one in each corner, with a step pattern to allow for the screws.

vi. Bevel the edges for aesthetic appeal.

Print your designs on a 3D printer capable of fitting the size (Makerbot Replicator 2 and 2X work well). When asked for the layer size, the highest I suggest you use is 0.2mm, in my opinion though, 0.1mm looks the best.

Once you have finished printing:

a. Check to make sure the tablet and card swipe fit into their respective mounts. Also verify that your Pi will fit into the Pi case in addition to any additional wires or boards.

b. If mounting the devices into drywall, be sure to use drywall screws to secure the mounts to a wall, other wise, regular screws are acceptable. Ensure that the mounts are level, and close-by each other so that it is evident that the two are related.

c. Drill holes through the wall to pass cables (power to the tablet, data from the card reader, and the power for the door strike.) such that they will exit in the Raspberry Pi's case.