43 lines
1.1 KiB
Python
43 lines
1.1 KiB
Python
import base64
|
|
import hashlib
|
|
import hmac
|
|
import json
|
|
import time
|
|
from rest_framework.decorators import api_view, schema, permission_classes, authentication_classes
|
|
from rest_framework.response import Response
|
|
from rest_framework.status import HTTP_403_FORBIDDEN
|
|
from django.conf import settings
|
|
from users.models import TGUser
|
|
|
|
|
|
@api_view(['GET'])
|
|
@permission_classes([])
|
|
@authentication_classes([])
|
|
@schema(None)
|
|
def get_token(request, pk):
|
|
auth_date = int(time.time())
|
|
if TGUser.objects.filter(pk=pk).exists():
|
|
user_info = {
|
|
'id': pk,
|
|
'username': TGUser.objects.get(pk=pk).username
|
|
}
|
|
else:
|
|
user_info = {
|
|
'id': pk
|
|
}
|
|
data_check_string = f'auth_date={auth_date}\nuser={json.dumps(user_info)}'
|
|
secret = hmac.new(
|
|
'WebAppData'.encode(),
|
|
settings.TG_TOKEN.encode('utf-8'),
|
|
digestmod=hashlib.sha256
|
|
).digest()
|
|
secret_hash = hmac.new(
|
|
secret,
|
|
msg=data_check_string.encode('utf-8'),
|
|
digestmod=hashlib.sha256
|
|
).hexdigest()
|
|
return Response({'token': base64.b64encode(f'{data_check_string}:{secret_hash}'.encode('utf-8'))})
|
|
|
|
|
|
|