This system provides secure identity verification for visitors using HMAC token generation. It offers a reliable way to authenticate visitors through unique identifiers, email addresses, or phone numbers.
- Secure Authentication - Uses HMAC-SHA256 for robust token generation
- Flexible Identification - Supports multiple identification methods
- Error Handling - Comprehensive error management throughout the process
- API Endpoint - Simple RESTful interface for easy integration
┌──────────────┐ ┌──────────────┐ ┌──────────────────┐ ┌────────────────┐
│ User Visit │────▶│ Request │───▶ │ Your Server │────▶│ Your Frontend │
│ your Frontend│ │ received by │ │ creates HMAC │ │ gets the token │
└──────────────┘ │ your server │ │ token │ └───────┬────────┘
└──────────────┘ └──────────────────┘ │
│
┌──────────────────┐
│ Your Frontend │
│ sends HMAC token │
│ + Email or Phone │
│using YourGPT SDK │
└────────┬─────────┘
│
│
┌──────────────┐ ┌──────────────┐ ┌──────────────────┐ │
│ User contact │◀────│ YourGPT │◀────│ YourGPT receives │◀─────────────┘
│ created │ │ validates │ │ Token + contact │
└──────────────┘ │ token │ │ details │
└──────────────┘ └──────────────────┘
- User visits your frontend application
- Your server receives the request
- Your server generates an HMAC token
- The frontend receives the token
- Your frontend sends the HMAC token along with Email or Phone number using the YourGPT SDK
- YourGPT receives the token and contact details
- YourGPT validates the token
- User contact is created upon successful validation
- Node.js environment
- Express.js framework
- Crypto module
- Clone the repository
- Install dependencies:
npm install - Set environment variable:
HMAC_SECRET_KEY - Start the server:
npm start
Endpoint: /identity
Method: POST
Request Body:
{
"visitorUniqueId": "visitor-123",
"visitorEmail": "[email protected]",
"visitorPhone": "1234567890"
}Successful Response:
{
"hmacToken": "5f4dcc3b5aa765d6145d8327deb882cf99..."
}Error Response:
{
"message": "An error occurred during identity verification."
}- The secret key should be stored securely in environment variables
- Token generation prioritizes unique ID over email and phone
- All input data is validated before processing
The IndetificationController handles the verification process:
- Extracts visitor data from request
- Accesses the secret key
- Delegates token generation to the helper
- Returns appropriate responses
The generateHmacToken function:
- Validates input parameters
- Creates HMAC using SHA256 algorithm
- Returns hexadecimal token string
- Handles errors gracefully
- Client sends identification data
- Router directs to controller
- Controller extracts data and secret key
- Helper generates HMAC token
- Token is returned to client
- Any errors are caught and handled
For questions or support, please contact the system administrator.
© 2025 Visitor Verification System / YourGPT