def test_outdatet_data(self):
"""
Outdated data.
"""
request_data = self.request_data.copy()
request_data['auth_date'] = '10'
with self.assertRaises(TelegramDataIsOutdatedError):
verify_telegram_authentication(self.bot_token, request_data)
def test_wrong_token(self, mock_time):
"""
Wrong token.
"""
# auth_date and time now in unix datetime format are the same
mock_time.return_value = 1518392724
request_data = self.request_data.copy()
request_data[
'hash'] = '92ee8156a1482919843bfbaed2a91839f6594b2b98d884046c48ff58fa3a13c29'
with self.assertRaises(NotTelegramDataError):
verify_telegram_authentication(self.bot_token, request_data)
def test_ok_data(self, mock_time):
"""
Received data is correct.
"""
# auth_date and time now in unix datetime format are the same
mock_time.return_value = 1518392724
expected = self.request_data.copy()
expected.pop('hash', None)
result = verify_telegram_authentication(self.bot_token,
self.request_data)
self.assertEqual(expected, result)
def index(request):
# Initially, the index page may have no get params in URL
# For example, if it is a home page, a user should be redirected from the widget
if not request.GET.get('hash'):
return HttpResponse('Stuff when have no Telegram data.')
try:
result = verify_telegram_authentication(bot_token=bot_token,
request_data=request.GET)
except TelegramDataIsOutdatedError:
return HttpResponse('Authentication was received more than day ago.')
except NotTelegramDataError:
return HttpResponse('Data is not relates to Telegram!')
# Or handle it like you want. For example, save to DB. :)
return HttpResponse('Hello, ' + result['first_name'] + '!')
def index(request):
# Initially, the index page may have no get params in URL
# For example, if it is a home page, a user should be redirected from the widget
if not request.GET.get('hash'):
return HttpResponse(
'Handle the missing Telegram data in the response.')
try:
result = verify_telegram_authentication(bot_token=bot_token,
request_data=request.GET)
except TelegramDataIsOutdatedError:
return HttpResponse('Authentication was received more than a day ago.')
except NotTelegramDataError:
return HttpResponse('The data is not related to Telegram!')
# Or handle it as you wish. For instance, save to the database.
return HttpResponse('Hello, ' + result['first_name'] + '!')
def login(request):
if request.user.is_authenticated:
return redirect('accounts:index')
else:
if not request.GET.get('hash'):
print("hash 못 찾음")
context = {
'telegram_login_widget': get_wiget(),
}
return render(request, 'accounts/login.html', context)
else:
print("hash 찾았음")
result = verify_telegram_authentication(bot_token=bot_token,
request_data=request.GET)
tel_id = result['id']
first_name = result['first_name']
last_name = result['last_name']
user = User.objects.filter(tel_id=tel_id)
if user.exists():
user = user.first()
user.first_name = first_name
user.last_name = last_name
user.save()
auth_login(request, user)
text = f'{user}님께서 접속하셨습니다.'
else:
print(tel_id, ', ', first_name)
user = User(username=f'{tel_id}',
tel_id=tel_id,
first_name=first_name,
last_name=last_name)
user.save()
auth_login(request, user)
text = f'{user}님 가입을 환영합니다.'
requests.get(
f'https://api.telegram.org/bot{bot_token}/sendMessage?chat_id={user.tel_id}&text={text}'
)
return redirect('accounts:index')
def get(self, request):
if request.GET['username'] not in [
'hectopka', 'phunkault', 'vanchilla'
]:
return HttpResponseRedirect(reverse('home_url'))
if not request.GET.get('hash'):
# print("no hash")
# return HttpResponse("not ok")
return HttpResponseRedirect(reverse('home_url'))
try:
result = verify_telegram_authentication(bot_token=TG_BOT_TOKEN,
request_data=request.GET)
except TelegramDataIsOutdatedError:
# print(TelegramDataIsOutdatedError)
# return HttpResponse("not ok")
return HttpResponseRedirect(reverse('home_url'))
except NotTelegramDataError:
# print(NotTelegramDataError)
# return HttpResponse("not ok")
return HttpResponseRedirect(reverse('home_url'))
user = None
try:
user = User.objects.get(username=result['id'])
except Exception as e:
user = User.objects.create_user(username=result["id"])
user.first_name = result['first_name']
user.last_name = result['last_name']
user.save()
if user != None:
login(request, user)
return HttpResponseRedirect(reverse('admin_shop_url'))
else:
return HttpResponseRedirect(reverse('home_url'))