Telegram OAuth with django

im trying to integrate telegram oauth into my application, currently it successfully log in in telegram, but django doesnt received any data in callback, I have tryied many methods, but without any results views.py

def telegram_callback(request):
  data = request.GET.dict()
  print('Telegram callback data:', data)
  if not verify_telegram_auth(data):
      return HttpResponseBadRequest("Invalid Telegram auth")

  telegram_id = data["id"]
  username = data.get("username", f"tg_{telegram_id}")
  first_name = data.get("first_name", "")
  last_name = data.get("last_name", "")

  user, created = User.objects.get_or_create(
      username=f"tg_{telegram_id}",
      defaults={
        "first_name": first_name,
        "last_name": last_name,
      },
  )
  print(user, telegram_id)

  login(request, user)

  return HttpResponseRedirect(reverse("home"))

urls.py

    path("telegram/login/", views.telegram_callback, name="telegram"),

and my html

    <div class="w-full flex justify-center mb-3">
  <script async src="https://telegram.org/js/telegram-widget.js?22"
    data-telegram-login="bot_username"
    data-size="large"
    data-radius="12"
    data-onauth="onTelegramAuth(user)"
    data-userpic="true"
    data-lang="en"
    data-auth-url="{% url 'users:telegram' %}"
    data-request-access="write">
  </script>
</div>

here the reason - Cross-Origin-Opener-Policy: same-origin Cross-Origin-Embedder-Policy: require-corp, simply disable them for telegram login, and it's works

simply import

from django.views.decorators.clickjacking import xframe_options_exempt

@xframe_options_exempt
@csrf_protect
def login_view(request):
    data = request.GET.dict()
    if request.user.is_authenticated:
        return redirect("home")

    if request.method == "POST":
        email = request.POST.get("email")
        password = request.POST.get("password")

        try:
            user = User.objects.get(email=email)
            username = user.username
        except User.DoesNotExist:
            messages.error(request, "Invalid email or password")
            return redirect("login")

        user = authenticate(request, username=username, password=password)

        if user is not None:
            login(request, user)
            return redirect("landing")
        else:
            messages.error(request, "Invalid email or password")
            return redirect("login")

    response = render(request, "auth/login.html")
    response["Cross-Origin-Opener-Policy"] = "unsafe-none"
    response["Cross-Origin-Embedder-Policy"] = "unsafe-none"


    return response

Вернуться на верх

Последние вопросы и ответы

Cap the number of model rows without a race condition

Deploying Django backend and React frontend completely free — production-ready options?

PyCharm не видит импорт представлений в Django (Unresolved reference / ModuleNotFoundError)

Django on Elastic Beanstalk not detecting RDS environment variables (falls back to SQLite)

How to synchronize a locale until a defined level/page?

Why am I getting this key error when using django-formtools and django-allauth together

How to hide GraphQL exceptions in strawberry and Django?

Django add to cart function

How can I use Django Allauth and Google Identity Services (GSI) simultaneously for Google login?

how to create a custom activity logs of user [closed]

Telegram OAuth with django

Последние вопросы и ответы

Рекомендуемые записи по теме