I am designing a makerspace.
It will have dangerous machinery and restricted rooms.
I'll have a membership database as a Wordpress plugin.
Some of the member data will determine their rights to open doors and turn on machinery.
I am going to use NFC tags to authenticate.
I'll use NFC card readers attached to a project board (Raspberry Pi/Arduino) and a relay to turn on the machines.
The project boards will be connected to the network via ethernet (maybe wifi).
An admin computer will be used to read new NFC cards/tags and register them against the user in the database.
Can anyone give me a high-level overview of how I might use Node-RED to interface between the Wordpress database and the development boards?
I have done a fair amount with Node-RED, but haven't connected it to databases or NFC devices yet.
There is a risk here. Assuming that WP is connected to the Internet and you have the MySQL DB on the same device, you are then connecting your internal "security" to an Internet-facing service with some very common security issues.
You may wish to think about that.
Certainly you should have a good firewall set up between anything facing the Internet and anything internal.
Also, if your membership db contains personal information (e.g. addresses, phone numbers, credit card info), I would strongly recommend that you keep all of that on a separate, secured system and not directly connected to the Internet facing system (and not connected to the IoT facing systems either).
That is especially true if you are in the UK, EU or certain states in the USA where a leak of personal information could end with some serious consequences both personally and corporately.
Not too difficult to keep things separate and secure but it does require a bit of thought and planning. Always think twice (and then twice more) about connecting things together, especially if some of the connections involve the Internet.
Thanks for the responses. Both useful.
I'm going to modify my approach so that the Membership database updates a completely different database to present MemberID, NFC tag, Access Control Permissions only. That will allow access control without any need to expose personally identifiable information.
I was tasked with access separation by personnel to the ammonia refrigeration compressor room. As its a dangerous area that people can kill them selves in real quick. ( Kinda place a real smart accountant with no situational awareness will die but a hard knock life grunt worker knows better. )
I decided on magnetic plate door locks so the if the power goes out anyone can get in or out of the room. Also put door override buttons that if you press loud alarms sound until a admin resets the alarm. but the door is overridden.
Only 1 person in the last year have ever pushed the dang button, Proper Education and Title, but he just had to know what happens when you pressed PUSH!!!!! But not one of the yard dogs, fork drivers, or janitors ever decided to press that dang button. Some of the dumbest people I know are the smartest on paper.
