modweb/modules/auth/telegram/main.go

98 lines
2.3 KiB
Go
Raw Normal View History

2021-01-03 04:10:52 +00:00
package telegram
import (
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
2021-01-03 04:10:52 +00:00
"git.ddd.rip/ptrcnull/modweb"
"github.com/gofiber/fiber/v2"
"html/template"
"log"
2021-01-03 04:10:52 +00:00
"net/url"
"strconv"
2021-01-03 04:10:52 +00:00
)
type Module struct {
BotID string
Token string
2021-01-03 04:10:52 +00:00
Origin string
Callback func(data *LoginData)*modweb.User
}
func (m Module) FriendlyName() string {
return "Telegram Login"
}
func (m Module) Name() string {
return "auth-telegram"
}
func (m Module) Init(mm *modweb.ModuleManager) {
secretSum := sha256.Sum256([]byte(m.Token))
2021-01-03 04:10:52 +00:00
app := mm.Fiber()
app.Post("/callback", func(ctx *fiber.Ctx) error {
session := mm.Session(ctx)
defer session.Save()
if session.Get("user") != nil {
return ctx.Status(200).JSON(fiber.Map{"ok": false})
}
var data LoginData
err := ctx.BodyParser(&data)
if err != nil {
return err
}
if data.Event != "auth_result" {
return ctx.Status(200).JSON(fiber.Map{"ok": false})
}
h := hmac.New(sha256.New, secretSum[:])
h.Write([]byte("auth_date=" + strconv.Itoa(data.Result.AuthDate) + "\n"))
h.Write([]byte("first_name=" + data.Result.FirstName + "\n"))
h.Write([]byte("id=" + strconv.Itoa(data.Result.ID) + "\n"))
h.Write([]byte("photo_url=" + data.Result.PhotoURL + "\n"))
h.Write([]byte("username=" + data.Result.Username))
hash := hex.EncodeToString(h.Sum(nil))
if hash != data.Result.Hash {
log.Println("hash mismatch", hash, data.Result.Hash)
return ctx.Status(200).JSON(fiber.Map{"ok": false})
}
2021-01-03 04:10:52 +00:00
user := m.Callback(&data)
if user != nil {
user.Save(session)
}
return ctx.Status(200).JSON(fiber.Map{"ok": true})
})
}
func (m Module) Hidden() bool {
return true
}
func (m Module) MinAccessLevel() int64 {
return -1
}
func (m Module) LoginURL() template.URL {
callback := "fetch('/auth-telegram/callback', { method: 'POST', body: ev.data, headers: { 'Content-Type': 'application/json' }, credentials: 'same-origin' }).then(() => { window.location = '/' }).catch(alert)"
params := url.Values{}
params.Set("bot_id", m.BotID)
params.Set("origin", m.Origin)
destination := "https://oauth.telegram.org/auth?" + params.Encode()
return template.URL("javascript:(()=>{" +
"window.addEventListener('message',(ev)=>{" + callback + "});" +
"window.open('" + destination + "', '_blank')" +
"})()")
}
func (m Module) RegisterURL() template.URL {
return ""
}