Forked from FabianPastor/telegram_login_widget.class.php
Created
March 27, 2021 14:06
-
-
Save xiaolanchuan/bd9f7c19351617f1c22e0e65847baf6f to your computer and use it in GitHub Desktop.
Telegram Login Widget class derived from official samples
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
Derived work from https://gist.github.com/anonymous/6516521b1fb3b464534fbc30ea3573c2 | |
More info at: https://core.telegram.org/widgets/login | |
*/ | |
class TelegramUserData{ | |
public $auth_data = false; //The data itself | |
private $outdated = 86400; //Secconds to consider some info outdated. | |
private $bottoken = "YOUTBOTTOKEN"; | |
public function __construct($auth_data=false){ | |
if(!$auth_data){ | |
$this->get(); | |
}else{ | |
$this->auth_data = $auth_data; | |
$this->msg("Hello, welcome to the website. This is an automated message."); //Edit and delete if you don't need it | |
} | |
if(!$this->auth_data){ | |
throw new Exception('No UserData Present'); | |
} | |
$this->check(); | |
$this->save(); | |
} | |
//Simple botapi message handler. I encourage to use other methods | |
public function msg($text){ | |
file_get_contents("https://api.telegram.org/bot{$this->bottoken}/sendMessage?". | |
"chat_id={$this->auth_data["id"]}&". | |
"text=".urlencode($text) | |
); | |
} | |
private function check() { | |
$auth_data = $this->auth_data; | |
unset($auth_data['hash']); | |
$data_check_arr = []; | |
foreach ($auth_data as $key => $value) { | |
$data_check_arr[] = $key . '=' . $value; | |
} | |
sort($data_check_arr); | |
$data_check_string = implode("\n", $data_check_arr); | |
$secret_key = hash('sha256', $this->bottoken, true); | |
$hash = hash_hmac('sha256', $data_check_string, $secret_key); | |
if (strcmp($hash, $this->auth_data['hash']) !== 0) { | |
throw new Exception('Data is NOT from Telegram'); | |
} | |
if ((time() - $auth_data['auth_date']) > $this->outdated) { | |
throw new Exception('Data is outdated'); | |
} | |
} | |
private function get() { | |
if (isset($_COOKIE['tg_user'])) { | |
$auth_data_json = urldecode($_COOKIE['tg_user']); | |
$this->auth_data = json_decode($auth_data_json, true); | |
} | |
} | |
public function save() { | |
$auth_data_json = json_encode($this->auth_data); | |
setcookie('tg_user', $auth_data_json); | |
} | |
public function destroy(){ | |
$this->msg("Bye, this is a goodbye message :D"); //Edit and delete if you don't need it | |
setcookie('tg_user', ""); | |
} | |
public function user(){ | |
$user = new stdClass; | |
$user->id = $this->auth_data["id"]; | |
$user->first_name = isset($this->auth_data["first_name"])?htmlspecialchars("{$this->auth_data["first_name"]}"):""; | |
$user->last_name = isset($this->auth_data["last_name"])?htmlspecialchars("{$this->auth_data["last_name"]}"):""; | |
$user->username = isset($this->auth_data["username"])?htmlspecialchars("{$this->auth_data["username"]}"):""; | |
$user->photo_url = isset($this->auth_data["photo_url"])?htmlspecialchars("{$this->auth_data["photo_url"]}"):""; | |
//Miscelaneous Can be editd as your need or deleted | |
if($user->photo_url){ | |
$user->photo_img = "<img style=\"width:45px;\" src=\"{$user->photo_url}\">"; | |
} | |
if($user->username){ | |
$user->username_alink = "<a href=\"https://t.me/{$user->username}\">@{$user->username}</a>"; | |
} | |
return $user; | |
} | |
} | |
/* HowToUse | |
try{ | |
$UserData = new TelegramUserData($_GET); | |
} catch (Exception $e) { | |
die ($e->getMessage()); | |
} | |
$user = $UserData->user(); | |
//Login site file login.php | |
include("telegram_login_widget.class.php"); | |
try{ | |
$UserData = new TelegramUserData(); | |
if($_GET["logout"]){ | |
$UserData->destroy(); | |
}else{ | |
header("Location: telegram_session.php"); | |
} | |
} catch (Exception $e) { | |
//die ($e->getMessage()); | |
} | |
//Started Session files home.php or any other file. | |
include("telegram_login_widget.class.php"); | |
try{ | |
$UserData = new TelegramUserData($_GET); | |
header("Location: telegram_session.php"); | |
} catch (Exception $e) { | |
//die ($e->getMessage()); | |
header("Location: telegram_login.php?error={$e->getMessage()}"); | |
} | |
*/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment