As EV charging infrastructure grows, user-friendly mobile apps and dashboards are essential. But how do you securely authenticate users in your app and link their actions to OCPP-connected chargers?

In this guide, we’ll show you how to build an app authentication system that works hand-in-hand with your OCPP central system (CSMS).

🧩 Architecture Overview

Components:

• Mobile App / Dashboard – Where users sign in and control charging
• Central System API (Flask) – REST API layer for users and admin actions
• OCPP WebSocket Server – Communicates with EVSEs via OCPP 1.6
• MongoDB – Stores users and charge point data

📊 Sequence Diagram: Start Charging via App

sequenceDiagram
    participant User as Mobile App
    participant API as Flask API Server
    participant CSMS as OCPP Central System
    participant EVSE as Charger (EVSE)

    User->>API: POST /api/login (username, password)
    API-->>User: JWT token + idTag

    User->>API: POST /api/start_charging (evse_id, connector_id, token)
    API->>CSMS: RemoteStartTransaction(idTag, connectorId)
    CSMS->>EVSE: RemoteStartTransaction.req
    EVSE-->>CSMS: RemoteStartTransaction.conf
    CSMS-->>API: status = Accepted
    API-->>User: {"status": "Accepted"}

This flow ensures only authenticated users can trigger OCPP commands like RemoteStartTransaction.

🔑 1. User Authentication via JWT

We use Flask-JWT-Extended to handle token-based auth.

Setup

Install:

pip install flask flask-jwt-extended pymongo werkzeug

Flask routes for signup and login:

@flask_app.route("/api/signup", methods=["POST"])
def signup():
    ...
    token = create_access_token(identity=user["username"])
    return jsonify(access_token=token, idTag=user["idTag"])

@flask_app.route("/api/login", methods=["POST"])
def login():
    ...
    token = create_access_token(identity=user["username"])
    return jsonify(access_token=token, idTag=user["idTag"])

⚡ 2. Secure OCPP Action (Remote Start)

@flask_app.route("/api/start_charging", methods=["POST"])
@jwt_required()
def start_charging():
    cp = connected_charge_points.get(evse_id)
    payload = call.RemoteStartTransactionPayload(id_tag=id_tag, connector_id=connector_id)
    future = asyncio.run_coroutine_threadsafe(cp.call(payload), main_loop)
    result = future.result(timeout=10)
    return jsonify({"status": result.status})

🧠 Best Practices

• Hash passwords with werkzeug.security
• Use JWTs and set expiration
• Use idTag consistently across auth + OCPP
• Restrict access by role (user/admin/root)
• Link idTag to vehicles or accounts

🔧 Tools Used

🚀 Going Further

• Add QR-based pairing: ocpp://CP001?connector=1
• Add firmware update + diagnostics features
• Build admin dashboard with user role control

Want the full source code or Postman test collection? Just ask!

Get in Touch with us

Send us an Email

Name *

Email *

Phone

Organization Name/ชื่อหน่วยงาน

Subject *

Services -- Select One -- Wordpress PHP / MySQL HTML5 / CSS3/ JQuery / Angular.js Node.js MongoDB Linux System Configuration/Tuning System Analysis/Design/Delopment/Implementation Graphic Design Online Ads Management SimpliLIB simpliCalCoupon IMCS SimpliExperience: VDO Presentation, Virtual Tour เก๋ๆ ดูดี พร้อมให้คำปรึกษา Social Media Marketing SimpliMedia: Online Digital Media Management System SimpliFactory: ชุดเทคโนโลยีสำหรับโรงงานอุตสาหกรรม

Message *

Send Message    Or    Tel: 0830010222, Line: iiitum1984

Email to Us

hello@simplico.net

Chat with Us on LINE

iiitum1984

Speak to Us or Whatsapp

(+66) 83001 0222

Related Posts

• SimpliMES Lite — 面向中国中小型制造企业的轻量化 MES 解决方案
• SimpliMES Lite — Lightweight MES for Small & Mid-Sized Manufacturers
• Nursing-Care Robots: How Open-Source Technology Is Powering the Future of Elderly Care
• 为什么中国大模型正在成为电商系统的新引擎？
• 为什么成功的线上卖家都选择 SimpliShop：打造、成长、并持续领先你的市场
• Why Successful Online Sellers Choose SimpliShop: Build, Grow, and Win Your Market
• AI 垂直整合：未来企业竞争力的核心引擎
• Vertical Integration of AI: The Next Breakthrough in Modern Business
• AI 预测系统 —— 让你的决策拥有「超级力量」
• AI Prediction Systems — Turn Your Decisions Into Superpowers
• 如果 AI 泡沫破裂，会发生什么？（现实、理性、不夸张的深度分析）
• If the AI Bubble Ends, What Will Actually Happen? (A Realistic, No-Hype Analysis)
• 深度学习 + 新闻情绪分析进行股票价格预测（完整实战指南）
• Using Deep Learning + News Sentiment to Predict Stock Prices (A Practical Guide)
• 用 AI 改造 COI 管理：真实工厂案例解析（Hybrid Rasa + LangChain）
• How AI Transforms COI Management: A Real Factory Use Case (Hybrid Rasa + LangChain)
• SimpliAgentic —— 新一代自律智能工厂，从这里开始
• SimpliAgentic — The Future of Autonomous Factory Automation Has Arrived
• 为什么理解 Android Internals（安卓内部机制）如此重要？——帮助企业打造高价值系统级服务
• Why Android Internals Matter — And the High-Value Services Your Business Can Build With Them

Our Products

Simplify Gym Management with SimpliGym

SimpliShop, All-in-One E-Commerce Platform with AI-Driven Features

รับออกแบบและพัฒนา Responsive Website / Web application

สอนพัฒนา website ด้วย Wordpress 5

สอนเขียน Ionic Framework: Cross-Platform Mobile App Development

สอนเขียน Python / Django Web Framework

SimpliLearn ระบบเรียน online ที่มาพร้อมกับ AI

SimpliRun, แอปสำหรับ virtual run และขายของ online

Mobile application สำหรับธุรกิจกีฬาที่ครบวงจร

ระบบแนะนำสินค้าสำหรับขายของ Online

simpliRec , ระบบแนะนำหนังสือที่ชาญฉลาด

Integrated Measurement Communication System ( IMCS )

SimpliFactory ชุดเทคโนโลยีสำหรับโรงงานอุตสาหกรรม , Software/Hardware