This call should then finally return a auth.loginTokenSuccess constructor.
If, however, there is a DC mismatch between the two apps, auth.loginTokenMigrateTo is returned instead, to which the app that is trying to login should respond by calling auth.importLoginToken with the specified token, to the specified DC. This second call should then return an auth.loginTokenSuccess constructor, indicating successful login, essentially allowing further authorized interaction with the API. Confirming (importing) the login tokenĪfter the logged-in app calls auth.acceptLoginToken and accepts the login token, the app that is trying to login will receive an updateLoginToken update, which should trigger a second call to the auth.exportLoginToken method. The method will return an authorization object, containing info about the app and session that we just authorized.
#Telegram web login code
In order to log in, the QR code must be scanned and accepted by an already logged-in Telegram app using auth.acceptLoginToken. The login token must be encoded using base64url, embedded in a tg://login?token=base64encodedtoken URL and shown in the form of a QR code to the user.Īfter the expiration of the current QR code, the auth.exportLoginToken method must be recalled and a new QR code must be generated automatically. The method will return an auth.loginToken constructor, containing a binary login token and an expiry date (usually 30 seconds). Related TL schema: auth.loginToken#629f1980 expires: int token: bytes = auth.LoginToken Īuth.loginTokenMigrateTo#68e9916 dc_id: int token: bytes = auth.LoginToken Īuth.loginTokenSuccess#390d5c5e authorization: auth.Authorization = auth.LoginToken Īuthorization#ad01d61d flags: # current:flags.0? true official_app:flags.1? true password_pending:flags.2? true encrypted_requests_disabled:flags.3? true call_requests_disabled:flags.4? true hash: long device_model: string platform: string system_version: string api_id: int app_name: string app_version: string date_created: int date_active: int ip: string country: string region: string = Authorization Īuth.exportLoginToken#b7e085fe api_id: int api_hash: string except_ids: Vector = auth.LoginToken Īuth.acceptLoginToken#e894ad4d token: bytes = Authorization Īuth.importLoginToken#95ac5ce4 token: bytes = auth.LoginToken Exporting a login tokenįirst of all, auth.exportLoginToken must be called by the app that wants to log in to an existing Telegram account.
#Telegram web login full
The full check might look like: data_check_string =. You can verify the authentication and the integrity of the data received by comparing the received hash parameter with the hexadecimal representation of the HMAC-SHA-256 signature of the data-check-string with the SHA256 hash of the bot's token used as a secret key.ĭata-check-string is a concatenation of all received fields, sorted in alphabetical order, in the format key= with a line feed character ('\n', 0x0A) used as separator – e.g., 'auth_date=\nfirst_name=\nid=\nusername='.
#Telegram web login how to
by redirecting the user to the URL specified in the data-auth-url attribute with the following parameters: id, first_name, last_name, username, photo_url, auth_date and hash In the below following blog post I’m going to demo how to login Telegram in web browser client and access all the messages and even chat.After a successful authorization, the widget can return data in two ways:
0 kommentar(er)
