Function telegram_login::check_signature
source · pub fn check_signature(
bot_token: String,
user: TelegramLogin
) -> Result<(), TelegramLoginError>
Expand description
Verifies that the hash in the Telegram auth object is valid.
The algorithm from the Telegram docs:
- secret_key = SHA256(<bot_token>)
- hex(HMAC_SHA256(data_check_string, secret_key)) == hash
Examples:
extern crate chrono;
extern crate telegram_login;
use chrono::NaiveDateTime;
use telegram_login::{TelegramLogin, TelegramLoginError, check_signature};
let t_l = TelegramLogin {
id: 666666666,
username: Some("my_username".to_string()),
first_name: Some("Some".to_string()),
last_name: Some("Guy".to_string()),
photo_url: Some("https://t.me/i/userpic/320/my_username.jpg".to_string()),
auth_date: NaiveDateTime::from_timestamp(1543194375, 0),
hash: "a9cf12636fb07b54b4c95673d017a72364472c41a760b6850bcd5405da769f80".to_string()
};
let bot_token = "777777777:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa".to_string();
match check_signature(bot_token, t_l) {
Ok(()) => {
// The login is valid, so we can log the user in.
}
Err(TelegramLoginError::InvalidHash) => {
// The login failed, so we need to return an error to the client.
}
Err(TelegramLoginError::VerificationFailed) => {
// The login failed, so we need to return an error to the client.
}
}