| package controller | |
| import ( | |
| "crypto/hmac" | |
| "crypto/sha256" | |
| "encoding/hex" | |
| "io" | |
| "net/http" | |
| "sort" | |
| "github.com/QuantumNous/new-api/common" | |
| "github.com/QuantumNous/new-api/model" | |
| "github.com/gin-contrib/sessions" | |
| "github.com/gin-gonic/gin" | |
| ) | |
| func TelegramBind(c *gin.Context) { | |
| if !common.TelegramOAuthEnabled { | |
| c.JSON(200, gin.H{ | |
| "message": "管理员未开启通过 Telegram 登录以及注册", | |
| "success": false, | |
| }) | |
| return | |
| } | |
| params := c.Request.URL.Query() | |
| if !checkTelegramAuthorization(params, common.TelegramBotToken) { | |
| c.JSON(200, gin.H{ | |
| "message": "无效的请求", | |
| "success": false, | |
| }) | |
| return | |
| } | |
| telegramId := params["id"][0] | |
| if model.IsTelegramIdAlreadyTaken(telegramId) { | |
| c.JSON(200, gin.H{ | |
| "message": "该 Telegram 账户已被绑定", | |
| "success": false, | |
| }) | |
| return | |
| } | |
| session := sessions.Default(c) | |
| id := session.Get("id") | |
| user := model.User{Id: id.(int)} | |
| if err := user.FillUserById(); err != nil { | |
| c.JSON(200, gin.H{ | |
| "message": err.Error(), | |
| "success": false, | |
| }) | |
| return | |
| } | |
| if user.Id == 0 { | |
| c.JSON(http.StatusOK, gin.H{ | |
| "success": false, | |
| "message": "用户已注销", | |
| }) | |
| return | |
| } | |
| user.TelegramId = telegramId | |
| if err := user.Update(false); err != nil { | |
| c.JSON(200, gin.H{ | |
| "message": err.Error(), | |
| "success": false, | |
| }) | |
| return | |
| } | |
| c.Redirect(302, "/console/personal") | |
| } | |
| func TelegramLogin(c *gin.Context) { | |
| if !common.TelegramOAuthEnabled { | |
| c.JSON(200, gin.H{ | |
| "message": "管理员未开启通过 Telegram 登录以及注册", | |
| "success": false, | |
| }) | |
| return | |
| } | |
| params := c.Request.URL.Query() | |
| if !checkTelegramAuthorization(params, common.TelegramBotToken) { | |
| c.JSON(200, gin.H{ | |
| "message": "无效的请求", | |
| "success": false, | |
| }) | |
| return | |
| } | |
| telegramId := params["id"][0] | |
| user := model.User{TelegramId: telegramId} | |
| if err := user.FillUserByTelegramId(); err != nil { | |
| c.JSON(200, gin.H{ | |
| "message": err.Error(), | |
| "success": false, | |
| }) | |
| return | |
| } | |
| setupLogin(&user, c) | |
| } | |
| func checkTelegramAuthorization(params map[string][]string, token string) bool { | |
| strs := []string{} | |
| var hash = "" | |
| for k, v := range params { | |
| if k == "hash" { | |
| hash = v[0] | |
| continue | |
| } | |
| strs = append(strs, k+"="+v[0]) | |
| } | |
| sort.Strings(strs) | |
| var imploded = "" | |
| for _, s := range strs { | |
| if imploded != "" { | |
| imploded += "\n" | |
| } | |
| imploded += s | |
| } | |
| sha256hash := sha256.New() | |
| io.WriteString(sha256hash, token) | |
| hmachash := hmac.New(sha256.New, sha256hash.Sum(nil)) | |
| io.WriteString(hmachash, imploded) | |
| ss := hex.EncodeToString(hmachash.Sum(nil)) | |
| return hash == ss | |
| } | |