-
-
Save anonymous/6516521b1fb3b464534fbc30ea3573c2 to your computer and use it in GitHub Desktop.
<?php | |
define('BOT_USERNAME', 'XXXXXXXXXX'); // place username of your bot here | |
function getTelegramUserData() { | |
if (isset($_COOKIE['tg_user'])) { | |
$auth_data_json = urldecode($_COOKIE['tg_user']); | |
$auth_data = json_decode($auth_data_json, true); | |
return $auth_data; | |
} | |
return false; | |
} | |
if ($_GET['logout']) { | |
setcookie('tg_user', ''); | |
header('Location: login_example.php'); | |
} | |
$tg_user = getTelegramUserData(); | |
if ($tg_user !== false) { | |
$first_name = htmlspecialchars($tg_user['first_name']); | |
$last_name = htmlspecialchars($tg_user['last_name']); | |
if (isset($tg_user['username'])) { | |
$username = htmlspecialchars($tg_user['username']); | |
$html = "<h1>Hello, <a href=\"https://t.me/{$username}\">{$first_name} {$last_name}</a>!</h1>"; | |
} else { | |
$html = "<h1>Hello, {$first_name} {$last_name}!</h1>"; | |
} | |
if (isset($tg_user['photo_url'])) { | |
$photo_url = htmlspecialchars($tg_user['photo_url']); | |
$html .= "<img src=\"{$photo_url}\">"; | |
} | |
$html .= "<p><a href=\"?logout=1\">Log out</a></p>"; | |
} else { | |
$bot_username = BOT_USERNAME; | |
$html = <<<HTML | |
<h1>Hello, anonymous!</h1> | |
<script async src="https://telegram.org/js/telegram-widget.js?2" data-telegram-login="{$bot_username}" data-size="large" data-auth-url="check_authorization.php"></script> | |
HTML; | |
} | |
echo <<<HTML | |
<!DOCTYPE html> | |
<html> | |
<head> | |
<meta charset="utf-8"> | |
<title>Login Widget Example</title> | |
</head> | |
<body><center>{$html}</center></body> | |
</html> | |
HTML; | |
?> |
I have the same problem. How did you manage to solve the hash mismatch issue?
If you write code in PHP, I advise you to use the library tgWebValid to verify the user. It is light, simple and will do everything for you
bot token is not necessary. Bot name is enough. see https://github.dev/manzoorwanijk/telegram-auth
for a simple TS implementation. It's in React but you can just copy the files and use in any framework
To verify the hash only the bot token's hash is needed, which can be public
Does anybody know how I can LOGOUT (or terminate session) in my browser tab via js?
If something, the "id" value can be used as a "chat_id" to send a message via a bot
i got a error Bot domain invalid
i got a error
Bot domain invalid
Check if you are using https
#k
رمز ضروري. اسم بوت كافي انظر
https://github.dev/manzoorwanijk/telegram-auth
TS البسيط. إنه موجود في React ولكن يمكنك فقط نسخ الملفات الموجودة في أي إطار عمللأن من المبلغ، لا يتطلب سوى سوى تجزئة الرمز المميز للروبوت، والذي يمكن أن يكون كاملاً
مرحبا. عزي. هل يمكتكي صنع واحد مثاله. اريد اذالك. ان تقوم بمساعدتي. ونشاء واحد خاص فين
رمز ضروري. اسم بوت كافي انظر
https://github.dev/manzoorwanijk/telegram-auth
TS البسيط. إنه موجود في React ولكن يمكنك فقط نسخ الملفات الموجودة في أي إطار عمل
لأن من المبلغ، لا يتطلب سوى سوى تجزئة الرمز المميز للروبوت، والذي يمكن أن يكون كاملاًمرحبا. عزي. هل يمكتكي صنع واحد مثاله. اريد اذالك. ان تقوم بمساعدتي. ونشاء واحد خاص فين
Telegram oauth does not have open link to redirect to consent screen for requesting access and the script provide by telegram document can not be rendered as component in front-end(keep return Bot domain is invalid), but when i get /auth/telegram/test from backend which return the html that has the script it works. And I do not want to use the default design button from that render from the script because it does not meet my ui design is there any solution you can suggest me?
Thanks you for code!
Does anyone know why telegram login widget doesn't work on .xyz TLD ?
Thanks
Does anybody know how I can LOGOUT (or terminate session) in my browser tab via js?
I am also looking for logout process. Please someone help me in this regard.
I'll just leave a link to the TgWebValid library here, maybe someone will need a full-fledged way to check the user and get all the possible data about him in a convenient way and with a modern approach
menda xatolik bor
Bot domain invalid
Foydalanayotganingizni tekshiring
https
QobilZamonov
Salom
Telegram login widget is not working on my web site and i don't understand why. It's just stuck when Telegram must send confirmation message. If i already logged in on telegram.org its working as needed, but i can't receive confirmation via my web site. Enabling cross site cookies does not resolve the problem
@rekkisomo @Comrade19632 if you find any solution, please ping
Telegram login widget is not working on my web site and i don't understand why. It's just stuck when Telegram must send confirmation message. If i already logged in on telegram.org its working as needed, but i can't receive confirmation via my web site. Enabling cross site cookies does not resolve the problem
@rekkisomo @Comrade19632 if you find any solution, please ping
@rekkisomo @Comrade19632 + anyone with same problem, here is the solution: https://stackoverflow.com/a/74193012/15090151
quote: "I fixed it by changing the domain. I don’t know why, but the telegram login widget does not want to work with the tgmm.xyz domain."
xyz ltd or maybe some other are rejected by Telegram for some reason.
I couldn't receive code through number.why?
Plz help me
I couldn't receive code through number.why? Plz help me
What is domain zone of your app, .xyz?
How to use profile picture?
mwjira@gmail.com 0944747844
34832
Can I receive code just by this email-Abukimuhamad7@gmail.com cause my number 0936248150 is deactivated due to my sim is lost
Can I receive code just by this email-Abukimuhamad7@gmail.com cause my number 0936248150 is deactivated due to my sim is lost
i got a error
Bot domain invalid
Check if you are using
https
i also getting the same error,
i'm using https
@meysamsaz
@mrsaz7
+----+----+----+----...----+
|tlen|FFFF|abcd| padding |
+----+----+----+----...----+
Hello, I want to integrate my mobile game into Telegram. Does anyone know how I can do it?
the right check auth as blow
<?php
define('BOT_TOKEN', 'XXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXX'); // place bot token of your bot here
function checkTelegramAuthorization($auth_data) {
echo('<br/>auth_data:'.$auth_data);
echo("<br/>####");
$check_hash = $auth_data['hash'];
unset($auth_data['hash']);
$data_check_arr = [];
foreach ($auth_data as $key => $value) {
$data_check_arr[] = $key . '=' . $value;
}
sort($data_check_arr);
$data_check_string = implode("\n", $data_check_arr);
echo('<br/>hash:'.$data_check_string);
////////the bigest reason zzzzzz no need ret hex string, is bytes....
$secret_key = hash_hmac('sha256', BOT_TOKEN,"WebAppData",true);
echo('<br/>secret_key:'.$secret_key);
$hash = hash_hmac('sha256',$data_check_string, $secret_key);
echo('<br/>hash:'.$check_hash);
echo('<br/>hashString:'.$hash);
if (strcmp($hash, $check_hash) !== 0) {
throw new Exception('<br/>Data is NOT from Telegram');
}
if ((time() - $auth_data['auth_date']) > 86400) {
throw new Exception('<br/>Data is outdated');
}
return $auth_data;
}
function saveTelegramUserData($auth_data) {
$auth_data_json = json_encode($auth_data);
setcookie('tg_user', $auth_data_json);
}
try {
$auth_data = checkTelegramAuthorization($_GET);
saveTelegramUserData($auth_data);
} catch (Exception $e) {
die ($e->getMessage());
}
header('Location: login_example.php');
?>
Ok
I have the same problem. How did you manage to solve the hash mismatch issue?