Implementation and Security Considerations for Self-Registration and QR Code Integration in Server Deployment

Gerald_Thomas · 19 March 2024 05:52

Good morning everyone,

I am currently in the process of deploying an instance that incorporates self-registration capabilities along with QR code functionality to capture the server’s URL. I am seeking insights from individuals knowledgeable in this area regarding the implementation process and any potential security considerations associated with such a setup.

Thank you.

moses_mwale · 19 March 2024 07:36

Concerning QR_code, You want the QR_code to display in the URL end for easy scanning? A little bit more detail is required on the use case. But from my understanding. As you know @Gerald_Thomas DHIS2 itself doesn’t have built-in functionalities for QR code generation or scanning. However, you can achieve this through external libraries depending on your chosen implementation method. Here’s a breakdown of possible approaches:

DHIS2 API with External Libraries:

If you’re implementing self-registration using the DHIS2 API, you can leverage libraries in your chosen programming language to generate QR codes. I have tried to explore the following options:
- Python: Pillow (PIL Fork) library offers QR code generation capabilities: Generate QR code image with Python, Pillow, qrcode | note.nkmk.me
- Java: ZXing library is a popular option for QR code generation and scanning in Java: zxing-qrcode · GitHub Topics · GitHub
- JavaScript: Several JavaScript libraries like qrcode.js can be used for QR code generation in web-based DHIS2 implementations: qrcode.js
After successful user registration through the DHIS2 API, you would generate a QR code containing the server URL using the chosen library and provide it to the user (e.g., displaying it on a webpage).

I have heard of DHIS2 Extensions though not really sure:

I am keen to see this work.

Regards,
Moses

Gerald_Thomas · 20 March 2024 13:37

@moses_mwale
The QR code should incorporate the URL, enabling users to scan it during self-registration and input their profile details effortlessly. It’s important to emphasize that the National Identification Number (NIN) will serve as the reference communication throughout this process.

Previously, I assumed that DHIS2 had begun encrypting URLs. Your clarification is appreciated. Given that the QR code is integrated into the capture app, I had presumed that DHIS2 could autonomously generate its QR codes.

moses_mwale · 21 March 2024 07:43

Is this a feature request?

Gerald_Thomas · 21 March 2024 08:37

I am of the opinion that it is important to recognize that we have Community Health Information Systems (CHIS) in place, and we are working with Community Health Workers (CHWs) who may have difficulty remembering passwords, especially given the challenges of distance and limited coverage for providing support to them.