[−][src]Function telegram_login::check_signature
pub fn check_signature(
bot_token: String,
user: TelegramLogin
) -> Result<(), TelegramLoginError>
Verifies that the hash in the Telegram auth object is valid.
The algorithm from the Telegram docs:
- secret_key = SHA256(<bot_token>)
- hex(HMAC_SHA256(data_check_string, secret_key)) == hash
Examples:
extern crate chrono; extern crate telegram_login; use chrono::NaiveDateTime; use telegram_login::{TelegramLogin, TelegramLoginError, check_signature}; let t_l = TelegramLogin { id: 666666666, username: Some("my_username".to_string()), first_name: Some("Some".to_string()), last_name: Some("Guy".to_string()), photo_url: Some("https://t.me/i/userpic/320/my_username.jpg".to_string()), auth_date: NaiveDateTime::from_timestamp(1543194375, 0), hash: "a9cf12636fb07b54b4c95673d017a72364472c41a760b6850bcd5405da769f80".to_string() }; let bot_token = "777777777:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa".to_string(); match check_signature(bot_token, t_l) { Ok(()) => { // The login is valid, so we can log the user in. } Err(TelegramLoginError::InvalidHash) => { // The login failed, so we need to return an error to the client. } Err(TelegramLoginError::VerificationFailed) => { // The login failed, so we need to return an error to the client. } }