Skip to content

Instantly share code, notes, and snippets.

@dotcypress

dotcypress/telegram-login.js

Created February 24, 2018 08:34
Show Gist options
  • Save dotcypress/8fd12d6e886cd74bba8f1aa8dbd346aa to your computer and use it in GitHub Desktop.
Save dotcypress/8fd12d6e886cd74bba8f1aa8dbd346aa to your computer and use it in GitHub Desktop.
Download ZIP
Telegram authorization data checker
Raw
telegram-login.js
const { createHash, createHmac } = require('crypto')
function checkSignature (token, { hash, ...data }) {
const secret = createHash('sha256')
.update(token)
.digest()
const checkString = Object.keys(data)
.sort()
.map(k => `${k}=${data[k]}`)
.join('\n')
const hmac = createHmac('sha256', secret)
.update(checkString)
.digest('hex')
return hmac === hash
}
const payload = {
id: '424242424242',
first_name: 'John',
last_name: 'Doe',
username: 'username',
photo_url: 'https://t.me/i/userpic/320/username.jpg',
auth_date: '1519400000',
hash: '87e5a7e644d0ee362334d92bc8ecc981ca11ffc11eca809505'
}
checkSignature('ABC:12345...', payload)
@anton-razin
Copy link

Great, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment