tgauth

package module

v1.1.0 Latest Latest Go to latest Published: Dec 2, 2024 License: GPL-3.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Richtermnd/tgauth

Links

Open Source Insights

README ¶

tgAuth

Package provide structure, methods and functions for telegram login widget and imitate his work for non browser clients.

Installation

go get github.com/Richtermnd/tgAuth

Usage

How it works?

Telegram widget send data to server
Server check data and return token
Client send requests with token in Authorization header
MiddlewareTelegramAuth check token.

Package provides a handler for login. You can just use this handler or wrap it in your own handler.

package main

import (
	"log"
	"net/http"
	"time"

	"github.com/Richtermnd/tgauth"
)

const token = "your token"

var ttl = time.Hour * 12

func main() {
	loginHandler := tgauth.LoginHandler(tgauth.FromURL, token, ttl)
	// Simple use
	http.HandleFunc("/login", loginHandler)
	// Wrapped
	http.HandleFunc("/login2", func(w http.ResponseWriter, r *http.Request) {
		log.Println("Wrapped")
		loginHandler(w, r)
	})
	http.ListenAndServe(":8080", nil)
}

Middleware

Package also provides a middleware for telegram auth. Middleware check token in header of request and add user to context if token is valid.

package main

import (
	"encoding/json"
	"net/http"
	"time"

	"github.com/Richtermnd/tgauth"
)

const token = "your token"

var ttl = time.Hour * 12

func main() {
	middleware := tgauth.LoginRequiredMiddleware(token, ttl)
	http.Handle("/me", middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		user, err := tgauth.FromContext(r)
		if err != nil {
			http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
			return
		}
		json.NewEncoder(w).Encode(user)
        w.WriteHeader(http.StatusOK)
	})))

	http.ListenAndServe(":8080", nil)
}

Documentation ¶

Index ¶

Constants
Variables
func LoginHandler(loginWay TokenExtractor, sendWay TokenSender, token string, ttl time.Duration) http.Handler
func LoginRequiredMiddleware(extractor TokenExtractor, token string, ttl time.Duration) func(next http.Handler) http.Handler
func SendCookie(data TelegramUserData, w http.ResponseWriter)
func SendJson(data TelegramUserData, w http.ResponseWriter)
func SendPlainText(data TelegramUserData, w http.ResponseWriter)
type ContextKey
type TelegramUserData
type TokenExtractor
type TokenSender

Constants ¶

View Source

const CookieTokenName string = "tgauth-token"

View Source

const TokenSeparator string = "$" // Fields separator for token string

Variables ¶

View Source

var (
	ErrNoData   = errors.New("no telegram data")
	ErrBadToken = errors.New("bad token")
)

Functions ¶

func LoginHandler ¶

func LoginHandler(loginWay TokenExtractor, sendWay TokenSender, token string, ttl time.Duration) http.Handler

func LoginRequiredMiddleware ¶

func LoginRequiredMiddleware(extractor TokenExtractor, token string, ttl time.Duration) func(next http.Handler) http.Handler

func SendCookie ¶ added in v1.1.0

func SendCookie(data TelegramUserData, w http.ResponseWriter)

SendCookie set cookie with name CookieTokenName and value token

func SendJson ¶ added in v1.1.0

func SendJson(data TelegramUserData, w http.ResponseWriter)

SendJson send token as a json {"token": "<token>"}

func SendPlainText ¶ added in v1.1.0

func SendPlainText(data TelegramUserData, w http.ResponseWriter)

SendPlainText send token as a plain text in response body

Types ¶

type ContextKey ¶

type ContextKey string

ContextKey used for avoid collision in context

const ContextUserKey ContextKey = "tgauth-user-data" // key for storing user in context

type TelegramUserData ¶

type TelegramUserData struct {
	TGID      int64  `json:"id"`         // telegram id
	FirstName string `json:"first_name"` // first name
	LastName  string `json:"last_name"`  // last name
	Username  string `json:"username"`   // username
	PhotoURL  string `json:"photo_url"`  // photo url
	AuthDate  int64  `json:"auth_date"`  // auth date UNIX timestamp
	Hash      string `json:"hash"`       // hash
}

TelegramUserData - https://core.telegram.org/widgets/login#receiving-authorization-data

func FromAuthorizationHeader ¶ added in v1.1.0

func FromAuthorizationHeader(r *http.Request) (TelegramUserData, error)

FromCookie extract TelegramUserData from cookie with name CookieTokenName

func FromContext ¶

func FromContext(r *http.Request) (TelegramUserData, error)

FromContext Get TelegramUserData that middleware put in context.

func FromCookie ¶ added in v1.1.0

func FromCookie(r *http.Request) (TelegramUserData, error)

FromCookie extract TelegramUserData from cookie with name CookieTokenName

func FromJSON ¶

func FromJSON(r *http.Request) (TelegramUserData, error)

FromJSON TelegramUserData from body of request.

It doesn't check is data valid, all invalid/empty fields will be ignored. If data is invalid, user will not pass authorisation check.

func FromTokenString ¶

func FromTokenString(token string) (TelegramUserData, error)

FromTokenString parse a TelegramUserData struct from a token string.

The token string is expected to be in the format:

{tg_id}{sep}{first_name}{sep}{last_name}{sep}{username}{sep}{photo_url}{sep}{auth_date}{sep}{hash}

Where {sep} is the TokenSeparator constant.

func FromURL ¶

func FromURL(r *http.Request) (TelegramUserData, error)

FromURL TelegramUserData from query of request

It doesn't check is data valid, all invalid/empty fields will be ignored. If data is invalid, user will not pass authorisation check.

func (*TelegramUserData) GenerateHash ¶

func (u *TelegramUserData) GenerateHash(token string) string

Generate hash from TelegramUserData.

Use this for send TelegramUserData not from telegram widget. Telegram bots for example.

func (*TelegramUserData) IsExpiredData ¶

func (u *TelegramUserData) IsExpiredData(ttl time.Duration) bool

IsExpiredDate Check ttl of telegram data. Return true if data is expired.

func (*TelegramUserData) IsTelegramAuthorization ¶

func (u *TelegramUserData) IsTelegramAuthorization(token string) bool

IsTelegramAuthorization

https://core.telegram.org/widgets/login#checking-authorization

func (*TelegramUserData) TokenString ¶

func (u *TelegramUserData) TokenString() string

type TokenExtractor ¶ added in v1.1.0

type TokenExtractor func(r *http.Request) (TelegramUserData, error)

TokenExtractor func that can extract TelegramUserData from request

type TokenSender ¶ added in v1.1.0

type TokenSender func(data TelegramUserData, w http.ResponseWriter)

TokenSender func that write token in response

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
example
full_example
login
middleware

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

README ¶

tgAuth

Go package for work telegram login widget

Content

Installation

Usage

Login

Middleware

Documentation ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

func LoginHandler ¶

func LoginRequiredMiddleware ¶

func SendCookie ¶ added in v1.1.0

func SendJson ¶ added in v1.1.0

func SendPlainText ¶ added in v1.1.0

Types ¶

type ContextKey ¶

type TelegramUserData ¶

func FromAuthorizationHeader ¶ added in v1.1.0

func FromContext ¶

func FromCookie ¶ added in v1.1.0

func FromJSON ¶

func FromTokenString ¶

func FromURL ¶

func (*TelegramUserData) GenerateHash ¶

func (*TelegramUserData) IsExpiredData ¶

func (*TelegramUserData) IsTelegramAuthorization ¶

func (*TelegramUserData) TokenString ¶

type TokenExtractor ¶ added in v1.1.0

type TokenSender ¶ added in v1.1.0

Source Files ¶

Directories ¶