Home Explore Help
Sign In
n4u
/
avz
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge branch 'master' of github.com:synrc/avz into HEAD

Namdak Tonpa 6 years ago
parent
c1d9ffe76d b65c6554d1
commit
245c2f7bb0
5 changed files with 101 additions and 8 deletions
Split View Show Diff Stats
  1. 19 1
      README.md
  2. 6 0
      priv/telegram_login.dtl
  3. 6 3
      src/avz.erl
  4. 8 4
      src/email.erl
  5. 62 0
      src/telegram.erl

+ 19 - 1
README.md
View File 

@@ -13,6 +13,7 @@ Supported Methods
 
 * Facebook
 
 * Github
 
 * Microsoft
 
+* Telegram
 
 
 API
 
 ---
 
@@ -60,6 +61,7 @@ Authentication endpoints can be configured in your `sys.config` under avz applic
 
 Available settings listed below with test applications configured for each provider and will
 
 call you back on `http://localhost:8000/login`.
 
 
+
 
 ```erlang
 
 {
 
   ...
 
@@ -92,12 +94,28 @@ call you back on `http://localhost:8000/login`.
 
         % Microsoft Account Login
 
         {ms_client_id, "54385d15-f1e0-4fcf-9bf4-042d740e0df4"},
 
         {ms_client_secret, "jU0tStEzRdDPFwL9NdVGYxo"},
 
-        {ms_redirect_uri, "http://localhost:8000/login"}
 
+        {ms_redirect_uri, "http://localhost:8000/login"},
 
+        
+        % Telegram Login Widget
 
+        {tl_bot, "NYNJA_bot"},
 
+        {tl_bot_token, "548231922:AAHmXMMr38XGtH0tJMDUdiByheT2mZ7qkVI"}
 
+        {tl_auth_url, "http://127.0.0.1/login"},
 
+        {tl_request_access, "write"}
 
+        {tl_btn_size, "large"},
 
+        {tl_btn_radius, "20"},
 
   ]}
 
   ...
 
 }
 
 ```
 
 
+Telegram Notes
 
+---------------
 
+Login widget is displayed within the iframe, so the battle of `CPS` and `x-frame-options` is expected in different browsers.
 
+
 
+When setting a domain in BotFather with `/setdomain`, please note that telegram will cut the port part of your domain in the `X-Frame-Options` and `Content-Security-Policy` response headers. 
+
 
+So in fact you are limited to use 80 and 443 ports only.
 
+
 
 Credits
 
 -------

+ 6 - 0
priv/telegram_login.dtl
View File 

@@ -0,0 +1,6 @@
 
+<script async src="https://telegram.org/js/telegram-widget.js?4" 
+    data-telegram-login = {{bot}}
 
+    data-size           = {{size}}
 
+    data-size           = {{radius}}
 
+    data-auth-url       = {{auth_url}}
 
+    data-request-access = {{request_access}}></script>

+ 6 - 3
src/avz.erl
View File 

@@ -35,12 +35,15 @@ api_event(Name, Args, Term)      -> wf:info(?MODULE,"Unknown API event: ~p ~p ~p
 
 login_user(User) -> wf:user(User), wf:redirect(?AFTER_LOGIN).
 
 login(_Key, [{error, E}|_Rest])-> wf:info(?MODULE,"Auth Error: ~p", [E]);
 
 login(Key, Args) ->
 
-
 
   LoginFun = fun(K) ->
 
     Index = proplists:get_value(Key:index(K), Args),
 
     case kvs:index(user,K,Index) of
 
       [Exists|_] ->
 
-        RegData = Key:registration_data(Args, Key, Exists),
 
+        Diff = tuple_size(Exists) - tuple_size(#user{}),
 
+        {It, UsrExt} = lists:split(tuple_size(#iterator{}), tuple_to_list(Exists)),
 
+        {_,Usr} = lists:split(Diff, UsrExt),
 
+
 
+        RegData = Key:registration_data(Args, Key, list_to_tuple(lists:append([It,Usr]))),
 
         (?CTX#cx.module):event({login, Exists, RegData}),
 
         true;
 
       _ -> false end end,
 
@@ -49,7 +52,7 @@ login(Key, Args) ->
 
 
   LoggedIn = lists:any(LoginFun, Keys),
 
 
-  if (LoggedIn =:= true) -> ok; true -> 
+  if (LoggedIn =:= true) -> true; true -> 
     RegData = Key:registration_data(Args, Key, #user{}),
 
     (?CTX#cx.module):event({register, RegData})
 
   end.

+ 8 - 4
src/email.erl
View File 

@@ -9,18 +9,22 @@
 
 
 registration_data(Props, email, Ori)->
 
   Email = email_prop(Props, email),
 
-  Ori#user{ display_name = Email,
 
+  
+  Ori#user{ display_name = proplists:get_value(<<"display_name">>, Props, Email),
 
             email = Email,
 
+            names    = proplists:get_value(<<"first_name">>, Props,[]),
 
+            surnames = proplists:get_value(<<"last_name">>,  Props,[]),
 
             register_date = os:timestamp(),
 
             tokens = avz:update({email,Email},Ori#user.tokens),
 
-            status = ok,
 
+            status = proplists:get_value(<<"status">>, Props, ok),
 
+            type   = proplists:get_value(<<"type">>, Props,[]),
 
             password = avz:sha(proplists:get_value(<<"password">>,Props))}.
 
 
 index(K) -> wf:to_binary(K).
 
-email_prop(Props, _) -> binary_to_list(proplists:get_value(<<"email">>, Props)).
 
+email_prop(Props, _) -> proplists:get_value(<<"email">>, Props).
 
 
 login_button() -> #button{id=login, body= <<"Sign in">>, postback={email, loginemail}, source=[user,pass]}.
 
-event({email,loginemail}) -> avz:login(email, [{<<"email">>, list_to_binary(wf:q(user))}, {<<"password">>, wf:q(pass)}]);
 
+event({email,loginemail}) -> avz:login(email, [{<<"email">>, wf:q(user)}, {<<"password">>, wf:q(pass)}]);
 
 event(_) -> ok.
 
 api_event(_,_,_) -> ok.
 
 callback() -> ok.

+ 62 - 0
src/telegram.erl
View File 

@@ -0,0 +1,62 @@
 
+-module(telegram).
 
+-include_lib("avz/include/avz.hrl").
 
+-include_lib("nitro/include/nitro.hrl").
 
+-include_lib("kvs/include/user.hrl").
 
+-compile(export_all).
 
+-export(?API).
 
+
 
+-define(TL_BOT_NAME,    application:get_env(avz, tl_bot, [])).
 
+-define(TL_BOT_TOKEN,   application:get_env(avz, tl_bot_token, [])).
 
+-define(TL_AUTH_URL,    application:get_env(avz, tl_auth_url, [])).
 
+-define(TL_ACCESS,      application:get_env(avz, tl_request_access, "write")).
 
+-define(TL_BTN_SIZE,    application:get_env(avz, tl_btn_size, "large")).
 
+-define(TL_BTN_RADIUS,  application:get_env(avz, tl_btn_radius, "20")).
 
+
 
+-define(TL_USER, [<<"id">>, <<"first_name">>, <<"last_name">>,<<"username">>,<<"auth_date">>, <<"photo_url">>]).
 
+-define(ATTS, #{email => <<"id">>}).
 
+
 
+api_event(_,_,_) -> ok.
 
+
 
+registration_data(Props, telegram, Ori) -> 
+    Id = proplists:get_value(<<"id">>, Props),
 
+    UserName = binary_to_list(proplists:get_value(<<"username">>, Props)),
 
+    Email = email_prop(Props,telegram),
 
+    Ori#user{   username = re:replace(UserName, "\\.", "_", [{return, list}]),
 
+                display_name = proplists:get_value(<<"username">>, Props),
 
+                images = avz:update({tl_avatar,proplists:get_value(<<"photo_url">>, Props)},Ori#user.images),
 
+                names = proplists:get_value(<<"first_name">>, Props),
 
+                email = Email,
 
+                surnames = proplists:get_value(<<"last_name">>, Props),
 
+                tokens = avz:update({telegram,Id},Ori#user.tokens),
 
+                register_date = os:timestamp(),
 
+                status = ok }.
 
+
 
+index(K) -> maps:get(K, ?ATTS, wf:to_binary(K)).
 
+email_prop(Props, telegram) -> proplists:get_value(maps:get(email,?ATTS), Props).
 
+
 
+login_button() ->
 
+    #dtl{bind_script=false, file="telegram_login", ext="dtl", bindings=[
 
+        {bot,             ?TL_BOT_NAME},
 
+        {size,            ?TL_BTN_SIZE}, 
+        {radius,          ?TL_BTN_RADIUS},
 
+        {auth_url,        ?TL_AUTH_URL},
 
+        {request_access,  ?TL_ACCESS} ]}.
 
+
 
+event(E) -> ok.
 
+sdk() -> [].
 
+
 
+% HMAC-SHA-256 signature of the data-check-string with the SHA256 hash of the bot's token used as a secret key
 
+callback() ->
 
+    Hash = wf:q(<<"hash">>),
 
+
 
+    Rec  = lists:filter(fun({_, undefined}) -> false; (_) -> true end, [ {T, wf:q(T)} || T <- lists:sort(?TL_USER) ]),
 
+    Data = lists:join(<<"\n">>, [unicode:characters_to_nfkc_binary([K, <<"=">>, V]) || {K, V} <- Rec]),
 
+
 
+    case crypto:hmac(sha256, crypto:hash(sha256, ?TL_BOT_TOKEN), Data) of <<X:256/big-unsigned-integer>> ->
 
+        case list_to_binary(lists:flatten(io_lib:format("~64.16.0b", [X]))) of 
+          Hash ->
 
+              avz:login(telegram, Rec);
 
+          _ -> skip
 
+        end;
 
+        _ -> skip
 
+    end.