lua-resty-telegram-auth

Telegram Login Widget for the ngx_lua module

Account

iredun

Repo

https://github.com/iredun/lua-resty-telegram-auth 
$ opm get iredun/lua-resty-telegram-auth

lua-resty-telegram-auth

lua-resty-telegram-auth is a module to close access to any locations by Telegram Login Widget

Disclaimer

This module is a beta version and written just for fun for trying to use new technology. Use it in production, to your own risk.

Synopsis

    worker_processes  1;
    
    events {
      worker_connections 1024;
    }
    
    http {
        init_by_lua_block {
            require "telegram-auth".init({
                bot_token = "<BOT TOKEN>",
                bot_username = "<BOT USERNAME WITHOUT @>",
                user_ids = {"1", "2", "3"}
            })
        }
      
        server {
            listen 80;
            charset utf-8;
    
            location / {
                default_type text/html;
                access_by_lua_block {
                    local tg = require "telegram-auth"
                    tg.check_auth()
                }
    
                content_by_lua_block {
                    ngx.say("sensetive data")
                }
            }
    
            location /telegram-auth {
                default_type text/html;
                content_by_lua_block {
                    local tg = require "telegram-auth"
                    tg.auth()
                }
            }
        }
    }

Installation

Using OpenResty Package Manager (opm)

    ❯ opm get iredun/lua-resty-telegram-auth

OPM repository for lua-resty-telegram-auth is located at <https://opm.openresty.org/package/iredun/lua-resty-telegram-auth/>.

Using Nginx Lua Module

Firstly, check and install all dependencies:

Set search paths for pure Lua external libraries (';;' is the default path) in nginx.conf:

lua_package_path '/foo/bar/?.lua;/blah/?.lua;/path-to-module/lua-resty-telegram-auth/?.lua;;';

Configuration

Here is an example:

    init_by_lua_block {
        require "telegram-auth".init({
            bot_token = "<BOT TOKEN>",
            bot_username = "<BOT USERNAME WITHOUT @>",
            user_ids = {"1", "2", "3"}
        })
    }

Here are the possible configuration options:

| Option | Default | Description | | --------------- | ---------------- | ----------------------------------------------- | | bot_token | nil | Yours Telegram bot token | | bot_username | nil | Yours Telegram bot username without @ | | auth_url | /telegram-auth | Location to redirect user for showing auth page | | auth_template | auth.html | Path to template to rendering auth page | | user_ids | {} | List of user IDs who can get access | | cookie_name | tg-auth-string | Name of cookie to store TG data |

Auth template context

In the template, you can access to variables:

  • telgram_bot_username

  • callback_url - current url auth_url

Default template you can find in html/auth.html

In cookies you can get json with user information:

    {
      "last_name": "Smith",
      "id": "11111",
      "photo_url": "<url>",
      "auth_date": "1715359637",
      "hash": "hash for check user data",
      "username": "jsmith",
      "first_name": "John"
    }

For developers

You can start base example in Docker, just change init settings in nginx/default.conf and run

    docker-compose up -d

Authors

Ivan Redun (iredun)

License

3bsd

Dependencies

flex-runtime/lua-resty-cookie, jkeys089/lua-resty-hmac, bungle/lua-resty-template

Versions

Copyright © 2016-2021 Yichun Zhang (agentzh)

100% Powered by OpenResty and PostgreSQL (view the source code of this site)

京ICP备16021991号