As EV charging infrastructure grows, user-friendly mobile apps and dashboards are essential. But how do you securely authenticate users in your app and link their actions to OCPP-connected chargers?

In this guide, we’ll show you how to build an app authentication system that works hand-in-hand with your OCPP central system (CSMS).

🧩 Architecture Overview

Components:

• Mobile App / Dashboard – Where users sign in and control charging
• Central System API (Flask) – REST API layer for users and admin actions
• OCPP WebSocket Server – Communicates with EVSEs via OCPP 1.6
• MongoDB – Stores users and charge point data

📊 Sequence Diagram: Start Charging via App

sequenceDiagram
    participant User as Mobile App
    participant API as Flask API Server
    participant CSMS as OCPP Central System
    participant EVSE as Charger (EVSE)

    User->>API: POST /api/login (username, password)
    API-->>User: JWT token + idTag

    User->>API: POST /api/start_charging (evse_id, connector_id, token)
    API->>CSMS: RemoteStartTransaction(idTag, connectorId)
    CSMS->>EVSE: RemoteStartTransaction.req
    EVSE-->>CSMS: RemoteStartTransaction.conf
    CSMS-->>API: status = Accepted
    API-->>User: {"status": "Accepted"}

This flow ensures only authenticated users can trigger OCPP commands like RemoteStartTransaction.

🔑 1. User Authentication via JWT

We use Flask-JWT-Extended to handle token-based auth.

Setup

Install:

pip install flask flask-jwt-extended pymongo werkzeug

Flask routes for signup and login:

@flask_app.route("/api/signup", methods=["POST"])
def signup():
    ...
    token = create_access_token(identity=user["username"])
    return jsonify(access_token=token, idTag=user["idTag"])

@flask_app.route("/api/login", methods=["POST"])
def login():
    ...
    token = create_access_token(identity=user["username"])
    return jsonify(access_token=token, idTag=user["idTag"])

⚡ 2. Secure OCPP Action (Remote Start)

@flask_app.route("/api/start_charging", methods=["POST"])
@jwt_required()
def start_charging():
    cp = connected_charge_points.get(evse_id)
    payload = call.RemoteStartTransactionPayload(id_tag=id_tag, connector_id=connector_id)
    future = asyncio.run_coroutine_threadsafe(cp.call(payload), main_loop)
    result = future.result(timeout=10)
    return jsonify({"status": result.status})

🧠 Best Practices

• Hash passwords with werkzeug.security
• Use JWTs and set expiration
• Use idTag consistently across auth + OCPP
• Restrict access by role (user/admin/root)
• Link idTag to vehicles or accounts

🔧 Tools Used

🚀 Going Further

• Add QR-based pairing: ocpp://CP001?connector=1
• Add firmware update + diagnostics features
• Build admin dashboard with user role control

Want the full source code or Postman test collection? Just ask!

Get in Touch with us

Send us an Email

Name *

Email *

Phone

Organization Name/ชื่อหน่วยงาน

Subject *

Services -- Select One -- Wordpress PHP / MySQL HTML5 / CSS3/ JQuery / Angular.js Node.js MongoDB Linux System Configuration/Tuning System Analysis/Design/Delopment/Implementation Graphic Design Online Ads Management SimpliLIB simpliCalCoupon IMCS SimpliExperience: VDO Presentation, Virtual Tour เก๋ๆ ดูดี พร้อมให้คำปรึกษา Social Media Marketing SimpliMedia: Online Digital Media Management System SimpliFactory: ชุดเทคโนโลยีสำหรับโรงงานอุตสาหกรรม

Message *

Send Message    Or    Tel: 0830010222, Line: iiitum1984

Email to Us

hello@simplico.net

Chat with Us on LINE

iiitum1984

Speak to Us or Whatsapp

(+66) 83001 0222

Related Posts

• Carbon Footprint Calculator (Recycling) — Measuring CO₂ Savings in Recycling Operations
• Recycle Factory Tools: A Smarter Way to Track Scrap Operations
• Running Form Coach — Cadence Metronome, Tapper, Drills, Posture Checklist
• How to Build a Carbon Credit Calculator for Your Business
• Transform Your Room with SimRoom: AI-Powered Interior Design
• How to Be Smarter in the AI Era with Science, Math, Coding, and Business
• 🎮 How to Make Projects Fun: Using the Octalysis Framework
• Smart Border Security with Satellites, HALE UAVs, and Cueing Systems
• Fine-Tuning LM Studio for Coding: Mastering `top_p`, `top_k`, and `repeat_penalty`
• A Smarter Way to Manage Scrap: Introducing Our Recycle Management System
• How to Write Use Cases That Really Speak Your Customers’ Language
• After the AI Bubble: Why Gaming Consoles & Local AI Are the Real Promise
• Using the Source–Victim Matrix to Connect RE102 and RS103 in Shipboard EMC
• Rebuilding Trust with Technology After a Crisis
• Digital Beauty: Reimagining Cosmetic Clinics with Mobile Apps
• Smarter Product Discovery with AI: Image Labeling, Translation, and Cross-Selling
• How TAK Systems Transform Flood Disaster Response
• Smarter Shopping: From Photo to Product Recommendations with AI
• Tackling Antenna Coupling Challenges with Our Advanced Simulation Program
• The Future of Work: Open-Source Projects Driving Labor-Saving Automation

Our Products

Simplify Gym Management with SimpliGym

SimpliShop, All-in-One E-Commerce Platform with AI-Driven Features

รับออกแบบและพัฒนา Responsive Website / Web application

สอนพัฒนา website ด้วย Wordpress 5

สอนเขียน Ionic Framework: Cross-Platform Mobile App Development

สอนเขียน Python / Django Web Framework

SimpliLearn ระบบเรียน online ที่มาพร้อมกับ AI

SimpliRun, แอปสำหรับ virtual run และขายของ online

Mobile application สำหรับธุรกิจกีฬาที่ครบวงจร

ระบบแนะนำสินค้าสำหรับขายของ Online

simpliRec , ระบบแนะนำหนังสือที่ชาญฉลาด

Integrated Measurement Communication System ( IMCS )

SimpliFactory ชุดเทคโนโลยีสำหรับโรงงานอุตสาหกรรม , Software/Hardware