mirror of
https://github.com/Steffo99/festa.git
synced 2024-12-22 22:54:22 +00:00
133 lines
4.4 KiB
TypeScript
133 lines
4.4 KiB
TypeScript
import nodecrypto from "crypto"
|
|
import { ParsedUrlQuery } from "querystring"
|
|
import * as QueryString from "./querystring"
|
|
|
|
/**
|
|
* Serializable Telegram user data without any technical information.
|
|
*/
|
|
export interface UserData {
|
|
id: number
|
|
first_name: string
|
|
last_name?: string
|
|
username?: string
|
|
photo_url?: string
|
|
lang?: string
|
|
}
|
|
|
|
/**
|
|
* Serializable Telegram login data with technical information.
|
|
*
|
|
* Can be turned in a {@link LoginResponse} for additional methods.
|
|
*/
|
|
export interface LoginData extends UserData {
|
|
auth_date: number
|
|
hash: string
|
|
}
|
|
|
|
|
|
/**
|
|
* Create a {@link LoginData} object from a {@link ParsedUrlQuery}.
|
|
*
|
|
* @param queryObj The source object.
|
|
* @returns The created object.
|
|
*/
|
|
export function queryStringToLoginData(queryObj: ParsedUrlQuery): LoginData {
|
|
return {
|
|
id: parseInt(QueryString.getSingle(queryObj, "id")),
|
|
first_name: QueryString.getSingle(queryObj, "first_name"),
|
|
last_name: QueryString.getSingle(queryObj, "last_name"),
|
|
username: QueryString.getSingle(queryObj, "username"),
|
|
photo_url: QueryString.getSingle(queryObj, "photo_url"),
|
|
lang: QueryString.getSingle(queryObj, "lang"),
|
|
auth_date: parseInt(QueryString.getSingle(queryObj, "auth_date")),
|
|
hash: QueryString.getSingle(queryObj, "hash"),
|
|
}
|
|
}
|
|
|
|
|
|
/**
|
|
* The response sent by Telegram after a login.
|
|
*/
|
|
export class LoginResponse implements LoginData {
|
|
id: number
|
|
first_name: string
|
|
last_name?: string
|
|
username?: string
|
|
photo_url?: string
|
|
auth_date: number
|
|
hash: string
|
|
lang?: string
|
|
|
|
/**
|
|
* Construct a new {@link LoginResponse} from a query string object as returned by Next.js.
|
|
*
|
|
* @param queryObj The query string object, from `context.query`.
|
|
*/
|
|
constructor(ld: LoginData) {
|
|
this.id = ld.id
|
|
this.first_name = ld.first_name
|
|
this.last_name = ld.last_name
|
|
this.username = ld.username
|
|
this.photo_url = ld.photo_url
|
|
this.auth_date = ld.auth_date
|
|
this.hash = ld.hash
|
|
this.lang = ld.lang
|
|
}
|
|
|
|
/**
|
|
* Stringify a {@link LoginResponse} in [the format required to verify a Telegram Login](https://core.telegram.org/widgets/login#checking-authorization).
|
|
*
|
|
* @param data The data to encode.
|
|
* @returns The stringified data.
|
|
*/
|
|
stringify(): string {
|
|
const string = Object.entries(this)
|
|
.filter(([key, _]) => key !== "hash")
|
|
.filter(([_, value]) => value !== undefined)
|
|
.map(([key, value]) => `${key}=${value}`)
|
|
.sort()
|
|
.join("\n")
|
|
return string
|
|
}
|
|
|
|
/**
|
|
* Check if the `auth_date` of the response is recent: it must be in the past, but within `maxSeconds` from the current date.
|
|
*
|
|
* @param maxSeconds The maximum number of milliseconds that may pass after authentication for the response to be considered valid; defaults to `864_000_000`, 1 day.
|
|
* @returns `true` if the response can be considered recent, `false` otherwise.
|
|
*/
|
|
isRecent(maxSeconds: number = 864_000_000): boolean {
|
|
const diff = new Date().getTime() - new Date(this.auth_date * 1000).getTime()
|
|
return 0 < diff && diff <= maxSeconds
|
|
}
|
|
|
|
/**
|
|
* Calculate the "`hash`" of a Telegram Login using [this procedure](https://core.telegram.org/widgets/login#checking-authorization).
|
|
*
|
|
* _Only works on Node.js, due to usage of the `crypto` module._
|
|
*
|
|
* @param token The bot token used to validate the signature.
|
|
* @returns The calculated value of the `hash` {@link LoginResponse} parameter.
|
|
*/
|
|
hmac(token: string): string {
|
|
const hash = nodecrypto.createHash("sha256")
|
|
hash.update(token)
|
|
const hmac = nodecrypto.createHmac("sha256", hash.digest())
|
|
hmac.update(this.stringify())
|
|
return hmac.digest("hex")
|
|
}
|
|
|
|
/**
|
|
* Validate a Telegram Login using [this procedure](https://core.telegram.org/widgets/login#checking-authorization).
|
|
*
|
|
* _Only works on Node.js, due to usage of the `crypto` module._
|
|
*
|
|
* @param token The bot token used to validate the signature.
|
|
* @returns `true` if the validation is successful, `false` otherwise.
|
|
*/
|
|
isValid(token: string): boolean {
|
|
const client = this.hmac(token)
|
|
const server = this.hash
|
|
return client === server
|
|
}
|
|
}
|