Twilio is our doorman

We’ve been growing in headcount and we found ourselves with an odd problem: we didn’t have enough key fobs to the office. Filepicker.io moved into a nice work live space overlooking AT&T park last October and our landlord has been great; we just kept asking for more key fobs. However, here’s how we got Twilio to open the door for us. [1]

image

The door, like many live/work spaces, has a phone box. There is a list of names and corresponding numbers. Dialing the right code rings the resident and the door opens when they press ‘9’. We’re going to integrate with this existing system to allow our code to interface with the door.

Solution

The system is straightforward. Text a number when you’re about to reach the office. [2] If your number is on the server’s whitelist, it will be expecting you to arrive in the next 5 minutes. Then punch in the number of the office and Twilio will let you in. If the door isn’t expecting one of us, it will simply forward the call to one of us.

There’s also a party mode, where you tell it to let anyone in. No more having the host keep having to answer their phone to make sure everyone gets in.

Security

We considered other security models as well. Taking a look at how people ensure that they aren’t letting random people in is by verifying the name, voice, and if they are expecting them. Mimicking that would be difficult, both due to the voice recognition (had a tough time finding good libraries for voiceprinting) and arrival expectation (based on people’s Google Calendar?).

Our phone system didn’t seem to forward DMTF tones from the phone box so we weren’t able to use a PIN number.

We also considered a location based phone app that would open up the door whenever you got near it. However, given that our offices were right above the door, it’s difficult to distinguish between one of us sitting at our desk and one of us waiting outside.

Infrastructure and Code

Infrastructure-wise, we’re running it on a AWS Micro and an elastic ip, though Heroku works as well. [3] You can set up your own doorman as the source code is here and Twilio is super easy to set up. You’ll just need to ask your landlord to change the phone number to your Twilio number.

We’re open sourcing our code and you can get it here, with relevant setup instructions: https://github.com/Filepicker

It’s pretty simple code, but the configuration management is worth mention. We wanted it to be highly configurable, but didn’t want to write a web or curses interface. Instead we opted for a YAML backed dictionary. Modify the file and the next time the app needs the data, it will reload the config. If you made a typo and the yaml parsing fails, it won’t crash. It will just continue to hum along with the previous configuration.

It’s been rock solid for us (it’s pretty easy to be bug free with <100 lines of code) but pull requests and suggestions welcome.

This probably shouldn’t be used to protect Fort Knox, but it’s a good system that has allowed us to grow and scale out the team here at Filepicker.io. Startups at our stage all have growing pains, both those that you’d expect and those you wouldn’t. Migrating your db to SSD’s is one you’d expect. Migrating your door off of key fobs, not as much.


[1] This was also a flyout interview project. Double bonus.

[2] You can also have Siri send the text message for you, ala https://rumsey.org/blog/2011/11/voice-controlled-garage-door/

[3] I haven’t experimented to see if the single dyno sleeping will serious impact the code. You may need 2 dynos.

Read More →