README
¶
kiosk
In-space kiosk for binding RFID key fobs to member accounts.
Routes
GET /kiosk- Kiosk UI. Listens for keypress input (HID-style fob reader); buffered keys are submitted asfobidafter Enter or 1s of inactivity. With afobid, renders a QR code containing a signed JWT linking to/keyfob/bind.GET /keyfob/bind- Authenticated. Verifies the JWT from the QR and setsmembers.fob_idfor the current user.GET /keyfob/status/{id}- Returns JSONtrue/falseindicating whether any member already has that fob ID. Polled by the kiosk page to auto-redirect once the bind completes.
Behavioral notes
/kioskand/keyfob/status/{id}are gated byatPhysicalSpace: the request's IP (preferring theCF-Connecting-IPheader, falling back toRemoteAddr) must equal the resolved IP oftrustedHostname. The trusted IP is refreshed every minute via a UDP dial (no packet sent; just used to discover the outbound route's resolved address)./keyfob/bindis not IP-gated - the QR is scanned on the member's phone, which is typically on cellular. Trust comes from the short-lived JWT (5 minute TTL, seeqrTTL) signed byengine.TokenIssuer.- The bind UPDATE is a no-op when the fob is already assigned to that member (
fob_id != $1guard). It does not prevent reassigning a fob already bound to a different member; the kiosk JS uses/keyfob/status/{id}only to detect completion, not to block conflicts. - The kiosk page auto-redirects back to
/kiosk5 minutes after a QR is shown, and full-reloads hourly to pick up template changes. kiosk_templ.gois generated fromkiosk.templviago generate(templ).
Documentation
¶
Overview ¶
templ: version: v0.3.1001
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Module ¶
type Module struct {
// contains filtered or unexported fields
}
func (*Module) AttachRoutes ¶
func (*Module) AttachWorkers ¶
Source Files
Click to show internal directories.
Click to hide internal directories.