Kegberry User Auth


I’ve got a kegberry powered two tap system running, and I’d like to implement user auth. I’ve got a USB badge reader that is compatible with our company’s badges, is it possible to use this for authentication?



Add in another person interested in how to do this. I have a PN532-based NFC reader hooked up to a usb-to-serial cable, can talk to it fine, and have nfc-eventd monitoring tag add/remove. I took a stab at making a python application to be called from nfc-eventd to send data to pycore (be kind, it’s my first try at python):

import sys
import gflags
import logging
import os
import time

from kegbot.pycore import common_defs
from kegbot.pycore import kegnet
from kegbot.util import app
from kegbot.util import util

if len(sys.argv) == 3:
if sys.argv[1] == “add”:
client = kegnet.KegnetClient()
client.SendAuthTokenAdd(common_defs.ALIAS_ALL_TAPS, ‘core.nfc’, sys.argv[2]);
if sys.argv[1] == “remove”:
client = kegnet.KegnetClient()
client.SendAuthTokenRemove(common_defs.ALIAS_ALL_TAPS, ‘core.nfc’, sys.argv[2]);

Something is happening, because in the logs:

GET /api/auth-tokens/core.nfc/850c706f
Sept. 26, 2014, 4:17 p.m. (pykeg.web.api.util) NoTokenError:
Traceback (most recent call last):
File “/home/kegbot/kegbot-server.venv/local/lib/python2.7/site-packages/django/core/handlers/”, line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File “/home/kegbot/kegbot-server.venv/local/lib/python2.7/site-packages/pykeg/web/api/”, line 60, in wrapped_view
return view_func(*args, **kwargs)
File “/home/kegbot/kegbot-server.venv/local/lib/python2.7/site-packages/pykeg/web/api/”, line 425, in get_auth_token
tok = request.backend.get_auth_token(auth_device, token_value)
File “/home/kegbot/kegbot-server.venv/local/lib/python2.7/site-packages/django/db/”, line 371, in inner
return func(*args, **kwargs)
File “/home/kegbot/kegbot-server.venv/local/lib/python2.7/site-packages/pykeg/backend/”, line 418, in get_auth_token
raise exceptions.NoTokenError

Any ideas? I’m guessing part of it is due to lack of an api key? Is there an easier way to do this with curl and the REST API? Looking to be able to add non-tablet, non-kegboard auth. Thanks!

@johnpdowling is on the right track. (I’m sorry for the state of the “kegnet” protocol/docs, it’s one of the more ancient areas of the kegbot set of software as a whole).

You do need an API key to GET a token, but that’s OK. This error is typical for a GET on a token which does not exist in the backend. Have you tried creating the token first?

You can create the token manually, or using the REST api by POSTing to /api/tokens/<auth device>/<token>/assign/ with username as a parameter. Unfortunately there’s not a corresponding kegnet method for this… yet. Feel free to open up a FR or even extend it yourself.

I did manually enter it the other day when I began testing. Is it entered in wrong? As in, does “nfc” only work on tablets and I should have tried one of the other device types?

I can try deleting the token in the server and then POSTing it to see what happens.

Well, my sd card took a dive so I had to do a rebuild. But now I’ve got a fresh db. I modified on /api/tokens/<auth device>/<token>/ to just add the tag with no username if there’s a NoTokenError. After adding the tag via a curl, I associated it to my user on the web. So now there’s a correct response to GET with my username and my python script above doesn’t log an error… but nothing else seems to happen. No logs, no user checkins, nothing.

Does SendTokenAdd/Remove not kick off a user session (log user in, hit the toggles, etc.)? If not, what does?