contact-hash-util/partner_implementation_example.py at main · pybay/contact-hash-util · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
"""
Partner Verification -- sample code
...to verify attendees against the hashed email list.
CRITICAL: Email normalization (strip + lowercase) MUST match the admin's process.
REQUIRES: text file of hashed emails, and salt token
"""

import hashlib


# ONE-LINER (if you want minimal code, and have salt + hashes loaded already):
# verified = hashlib.sha512((salt + email.strip().lower()).encode('utf-8')).hexdigest() in hashes

# MORE DETAIL
def verify_attendee(user_email_input: str, salt_token: str, known_hashes: set[str]) -> bool:
    """
    Verify if a user's email matches any known attendee hash. in provided file

    Args:
        user_email_input: Raw email from user (e.g., "  User@Example.COM  ") from your website
        salt_token: Secret salt from admin (via secure channel)
        known_hashes: Set of SHA-512 hashes from output_attendee_hashes.txt (via secure channel)

    Returns:
        True if verified attendee, False otherwise
    """
    # Normalize email: strip whitespace and lowercase (THIS matches PyBay admin process!)
    normalized_email = user_email_input.strip().lower()

    # Hash: salt + normalized_email, then SHA-512
    user_hash = hashlib.sha512((salt_token + normalized_email).encode('utf-8')).hexdigest()

    # Check if hash exists in known attendee hashes
    return user_hash in known_hashes


# =============================================================================
# USAGE EXAMPLE
# =============================================================================

if __name__ == "__main__":
    # Load salt (do once at app startup)
    with open("output_salt_value.txt", "r") as f:
        SALT = f.read().strip()

    # Load hashes (do once at startup, use set for fast lookup)
    with open("output_attendee_hashes.txt", "r") as f:
        HASHES = {line.strip() for line in f}

    # Verify user
    user_email = input("Enter your email: ")

    if verify_attendee(user_email, SALT, HASHES):
        print("✅ Verified attendee - access granted")
    else:
        print("❌ Not registered - access denied")