Update files
This commit is contained in:
glpshchn
parent
f2bedb92e9
commit
7abadaf126
|
|
@ -21,26 +21,52 @@ def validate_telegram_widget(auth_data: Dict[str, Any], bot_token: Optional[str]
|
|||
Raises:
|
||||
ValueError: If validation fails
|
||||
"""
|
||||
print(f"[TelegramWidget] 🔍 Начало валидации виджета")
|
||||
print(f"[TelegramWidget] Полученные данные: {auth_data}")
|
||||
|
||||
token_to_use = bot_token or settings.MODERATION_BOT_TOKEN
|
||||
|
||||
if not token_to_use or not isinstance(token_to_use, str) or not token_to_use.strip():
|
||||
print(f"[TelegramWidget] ❌ Bot token не настроен")
|
||||
raise ValueError('Bot token модерации не настроен (MODERATION_BOT_TOKEN)')
|
||||
|
||||
print(f"[TelegramWidget] Bot token: {token_to_use[:10]}...{token_to_use[-10:]}")
|
||||
|
||||
if not auth_data or 'hash' not in auth_data:
|
||||
print(f"[TelegramWidget] ❌ Отсутствует hash в authData")
|
||||
raise ValueError('Отсутствует hash в authData')
|
||||
|
||||
received_hash = auth_data.pop('hash')
|
||||
# Создаем копию, чтобы не изменять оригинал
|
||||
auth_data_copy = auth_data.copy()
|
||||
received_hash = auth_data_copy.pop('hash')
|
||||
|
||||
print(f"[TelegramWidget] Received hash: {received_hash[:20]}...{received_hash[-20:]}")
|
||||
print(f"[TelegramWidget] Данные для валидации (без hash): {auth_data_copy}")
|
||||
|
||||
# Clean data - remove None, empty strings, and convert all to strings
|
||||
clean_data = {}
|
||||
for key, value in auth_data.items():
|
||||
for key, value in auth_data_copy.items():
|
||||
if value is not None and value != '':
|
||||
clean_data[key] = str(value)
|
||||
# ВАЖНО: auth_date должен быть числом (int), но в строке для валидации
|
||||
if key == 'auth_date':
|
||||
# Преобразуем в int, затем в str для валидации
|
||||
try:
|
||||
auth_date_int = int(value)
|
||||
clean_data[key] = str(auth_date_int)
|
||||
except (ValueError, TypeError):
|
||||
print(f"[TelegramWidget] ⚠️ Неверный формат auth_date: {value} (type: {type(value)})")
|
||||
clean_data[key] = str(value)
|
||||
else:
|
||||
clean_data[key] = str(value)
|
||||
|
||||
print(f"[TelegramWidget] Очищенные данные: {clean_data}")
|
||||
|
||||
# Create data check string (sorted keys)
|
||||
data_check_arr = sorted(clean_data.items())
|
||||
data_check_string = '\n'.join(f'{key}={value}' for key, value in data_check_arr)
|
||||
|
||||
print(f"[TelegramWidget] Data check string: {repr(data_check_string)}")
|
||||
|
||||
# Create secret key
|
||||
secret_key = hmac.new(
|
||||
'WebAppData'.encode('utf-8'),
|
||||
|
|
@ -48,6 +74,8 @@ def validate_telegram_widget(auth_data: Dict[str, Any], bot_token: Optional[str]
|
|||
hashlib.sha256
|
||||
).digest()
|
||||
|
||||
print(f"[TelegramWidget] Secret key (hex): {secret_key.hex()[:40]}...")
|
||||
|
||||
# Calculate hash
|
||||
calculated_hash = hmac.new(
|
||||
secret_key,
|
||||
|
|
@ -55,14 +83,21 @@ def validate_telegram_widget(auth_data: Dict[str, Any], bot_token: Optional[str]
|
|||
hashlib.sha256
|
||||
).hexdigest()
|
||||
|
||||
print(f"[TelegramWidget] Calculated hash: {calculated_hash}")
|
||||
print(f"[TelegramWidget] Received hash: {received_hash}")
|
||||
|
||||
# Compare hashes
|
||||
is_valid = calculated_hash == received_hash
|
||||
|
||||
if not is_valid:
|
||||
print(f"[TelegramWidget] Hash mismatch:")
|
||||
print(f" Calculated: {calculated_hash[:20]}...")
|
||||
print(f" Received: {received_hash[:20]}...")
|
||||
print(f" Data check string: {data_check_string}")
|
||||
print(f"[TelegramWidget] ❌ Hash mismatch:")
|
||||
print(f" Calculated: {calculated_hash}")
|
||||
print(f" Received: {received_hash}")
|
||||
print(f" Data check string: {repr(data_check_string)}")
|
||||
print(f" Clean data keys: {list(clean_data.keys())}")
|
||||
print(f" Clean data values: {list(clean_data.values())}")
|
||||
else:
|
||||
print(f"[TelegramWidget] ✅ Hash совпадает!")
|
||||
|
||||
return is_valid
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue