Answer the question
In order to leave comments, you need to log in
M
M
MrOnatsky2018-07-02 18:36:00
MrOnatsky, 2018-07-02 18:36:00
Does telegram oauth work in Russia?
I can't check it myself, but maybe someone knows? Thanks in advance!
2 answer(s)
@MrOnatsky
N
neatsoft, 2018-07-03 @MrOnatsky
Telegram login widget does not work in Russia, but authorization via Telegram is simply implemented using a bot. When the command is sent, the bot calls the webhook, passing the username, in response, a one-time login link is sent to the site. The bot needs to be run on a foreign hosting, because api.telegram.org must be accessible from it, the user can be anywhere.
Here is an example on Django 2.0 (as simplified as possible):
.
...
TELEGRAM_BOT_ACCESS_TOKEN = <bot_token>
TELEGRAM_BOT_WEBHOOK_TOKEN = <webhook_token>
TELEGRAM_BOT_OTP_TIMEOUT = 120
USE_X_FORWARDED_HOST = True
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.db.DatabaseCache',
'LOCATION': 'django_cache',
}
}
......
from .views import BotView, LoginView
urlpatterns = [
...
path('bot/<uuid:token>/', BotView.as_view()),
path('login/<uuid:otp>/', LoginView.as_view(), name='login'),
]import json
import requests
import uuid
from django.conf import settings
from django.contrib.auth import login
from django.contrib.auth.models import User
from django.core.cache import cache
from django.http import HttpResponse, HttpResponseNotFound, HttpResponseRedirect
from django.urls import reverse
from django.utils.decorators import method_decorator
from django.views import View
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import TemplateView
...
@method_decorator(csrf_exempt, name='dispatch')
class BotView(View):
def post(self, request, token):
if str(token) != settings.TELEGRAM_BOT_WEBHOOK_TOKEN:
return HttpResponseNotFound()
params = json.loads(request.body)
message = params['message']
if message.get('text') == '/login':
user = message['from']
chat_id = user['id']
data = {
'username': user['username'],
'first_name': user.get('first_name', ''),
'last_name': user.get('last_name', ''),
}
otp = uuid.uuid4()
cache.set(otp, data, settings.TELEGRAM_BOT_OTP_TIMEOUT)
path = reverse('login', args=[otp])
login_url = request.build_absolute_uri(path)
url = 'https://api.telegram.org/bot{}/sendMessage?chat_id={}&text={}'.format(
settings.TELEGRAM_BOT_ACCESS_TOKEN,
chat_id,
login_url,
)
requests.get(url, timeout=10)
return HttpResponse('')
class LoginView(TemplateView):
template_name = 'login.html'
def dispatch(self, request, otp):
self.data = cache.get(otp, {})
return super().dispatch(request, otp)
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['data'] = self.data
return context
def post(self, request, otp):
cache.delete(otp)
username = self.data.get('username')
if not username:
return HttpResponseRedirect(request.path)
user, created = User.objects.update_or_create(
username=username,
defaults={
'first_name': self.data.get('first_name', ''),
'last_name': self.data.get('last_name', ''),
},
)
login(request, user)
path = reverse('home')
return HttpResponseRedirect(path){% extends 'bootstrap4/bootstrap4.html' %}
{% block bootstrap4_content %}
<div class="container">
<div style="padding:5rem; text-align:center;">
{% if not data %}
<h1>This url invalid or expired.</h1>
{% else %}
<h1>Login as {{ data.username }}</h1>
<form action="" method="post">
{% csrf_token %}
<button type="submit" class="btn btn-primary btn-lg btn-block">
Login
</button>
</form>
{% endif %}
</div>
</div>
{% endblock %}
Similar questions
C
cybervito212014-10-22 00:48:23
On what framework (or technology) to write a fast OAuth 2.0 server?
3Reply
R
S
A
B
bohdan-shulha2014-12-22 19:05:12
Is it possible to implement Facebook OAuth2 within Meraki Garden?
1Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question