This repository has been archived by the owner on Jun 17, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
login-tg.php
111 lines (85 loc) · 2.73 KB
/
login-tg.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
session_start();
require('config.php');
require('database.php');
require_once('telegram-bot/class.php');
$db = new MyDB();
$TG = new Telegram();
$redir = '/'; # Default value
try {
if (isset($_GET['r'])) {
$redir = $_GET['r'];
unset($_GET['r']);
}
$auth_data = checkTelegramAuthorization($_GET);
} catch (Exception $e) {
exit($e->getMessage());
}
$id = $auth_data['id'];
$USER = $db->getUserByTg($id);
if ($USER) {
try {
$db->updateUserTgProfile($auth_data);
} catch (Exception $e) {
echo ' Database Error ' . $e->getCode() . ': ' . $e->getMessage() . "\n" . $e->lastResponse;
}
if (isset($auth_data['photo_url']) && $USER['tg_photo'] != $auth_data['photo_url']) {
system("php jobs.php tg_photo $id > /dev/null &");
}
if (!isset($_SESSION['stuid'])) {
$_SESSION['stuid'] = $USER['stuid'];
redirect('Login via Telegram success.');
}
if ($_SESSION['stuid'] == $USER['stuid'])
redirect('Already login.');
$TG->sendMsg([
'chat_id' => $auth_data['id'],
'text' => "⚠️ 您已連結過此帳號\n\n" .
"目前無法將不同的 NCTU OAuth 帳號連結至同一個 Telegram 帳號\n\n" .
"NCTU ID from session: {$_SESSION['stuid']}\n" .
"NCTU ID from database: {$USER['stuid']}\n" .
"Telegram UID: {$auth_data['id']}"
]);
redirect('Already linked to another account.');
}
if (!isset($_SESSION['stuid']))
exit('You must login NCTU first. 請先於首頁右上角登入交大帳號');
$db->insertUserTg($_SESSION['stuid'], $auth_data);
if (isset($auth_data['photo_url'])) {
system("php jobs.php tg_photo $id > /dev/null &");
}
$msg = "🎉 連結成功!\n\n將來有新投稿時,您將會收到推播,並可用 Telegram 內的按鈕審核貼文。";
$TG->sendMsg([
'chat_id' => $auth_data['id'],
'text' => $msg
]);
redirect('Login success.');
function redirect(string $msg) {
global $redir;
echo $msg;
header("Location: $redir");
exit;
}
function checkTelegramAuthorization($auth_data) {
if (!isset($auth_data['id']))
throw new Exception('No User ID.');
if (!isset($auth_data['username']))
throw new Exception('No username.');
if (!isset($auth_data['hash']))
throw new Exception('No Telegram hash.');
$check_hash = $auth_data['hash'];
unset($auth_data['hash']);
$data_check_arr = [];
foreach ($auth_data as $key => $value)
$data_check_arr[] = $key . '=' . $value;
sort($data_check_arr);
$data_check_string = implode("\n", $data_check_arr);
$secret_key = hash('sha256', BOT_TOKEN, true);
$hash = hash_hmac('sha256', $data_check_string, $secret_key);
if (!hash_equals($hash, $check_hash))
throw new Exception('Data is NOT from Telegram.');
if ((time() - $auth_data['auth_date']) > 365*24*60*60)
throw new Exception('Session expired.');
$auth_data['hash'] = $check_hash;
return $auth_data;
}