Raspberry Pico W Authentication

Hey everyone,

I’m currently working on a project involving RFID authentication using a RFID Reader with a Raspberry Pi Pico. I have two databases set up: “AuthenticatedUsers” and “Logins”. My goal is to authenticate users through the “AuthenticatedUsers” database. However, I’m encountering an issue where the login is allowed regardless of which card is read.

I’m unsure what changes I need to make in order to properly read the data from the database. Below is my code:

from mfrc522 import SimpleMFRC522
from lcd1602 import LCD
import utime
import urequests as requests

reader = SimpleMFRC522(spi_id=0, sck=2, miso=4, mosi=3, cs=5, rst=0)

def write_login_data_to_mongodb(id, text, success=True):
# Clean leading and trailing spaces from text
clean_text = text.strip()

# Get current date and time
timestamp = utime.localtime()
formatted_time = "{year}-{month:02d}-{day:02d} {hour:02d}:{minute:02d}:{second:02d}".format(year=timestamp[0], month=timestamp[1], day=timestamp[2], hour=timestamp[3], minute=timestamp[4], second=timestamp[5])

# Add additional text based on the success of the login attempt
if success:
    status_text = "LOGIN SUCCESSFUL"
else:
    status_text = "LOGIN FAILED"

# Data for MongoDB
document = {
    "timestamp": formatted_time,
    "text": clean_text,
    "id": id,
    "status": status_text
}

# Insert data into the MongoDB database
url = "MongoDBLink"
headers = {"api-key": "APIKEY"}

insert_payload = {
    "dataSource": "Cluster0",
    "database": "Test",
    "collection": "Logins",
    "document": document,
}

try:
    response = requests.post(url, headers=headers, json=insert_payload)
    if response.status_code == 201:
        print("Login data successfully inserted into MongoDB")
    else:
        print("Error inserting login data into MongoDB:", response.text)
    response.close()
except Exception as e:
    print("Error sending login data to MongoDB:", e)

def attempt_login():
lcd = LCD()
lcd.message(“Hello.\nPlease present card.”)

while True:
    id, text = reader.read()
    if id:
        lcd.clear()
        lcd.message("Please wait...")
        
        # Send query to MongoDB to find the record
        url = "MongoDBLink"
        headers = {"api-key": "APIKEY"}

        query_payload = {
            "dataSource": "Cluster0",
            "database": "Users",
            "collection": "AuthorizedUsers",
            "filter": {"$and": [{"id": id}, {"text": text}]}  # Check if both ID and text match
        }

        try:
            response = requests.post(url, headers=headers, json=query_payload)
            if response.status_code == 200:
                data = response.json()
                if data and len(data) > 0:
                    # Record found, login successful
                    lcd.clear()
                    lcd.message("Login \nsuccessful!")
                    utime.sleep(3)
                    write_login_data_to_mongodb(id, text, success=True)
                else:
                    # Record not found, access denied
                    lcd.clear()
                    lcd.message("Access \ndenied")
                    utime.sleep(3)
                    write_login_data_to_mongodb(id, text, success=False)
            else:
                print("Error sending query to MongoDB:", response.text)
            response.close()
        except Exception as e:
            print("Error sending query to MongoDB:", e)
        break  # Exit the loop after completing the login attempt

attempt_login()