add: verify code in telegram

2025-07-21 08:07:21 +05:00
parent dd71c19c6b
commit c8d8c65251
7 changed files with 123 additions and 9 deletions
--- a/app/api/users.py
+++ b/app/api/users.py
@ -1,5 +1,5 @@
 from fastapi import APIRouter, HTTPException, Body, Response
-from app.models.user import UserCreate, UserLogin
+from app.models.user import UserCreate, UserLogin, VerifyCode
 from app.models.request import ValidateRequest
 from app.services.auth import AuthService
 from app.db.database import users_collection, sessions_collection
@ -117,3 +117,11 @@ async def get_user_by_uuid(uuid: str):
        safe_user["total_time_formatted"] = f"{hours}ч {minutes}м {seconds}с"
    return safe_user
@router.post("/auth/verify_code")
 async def verify_code(verify_code: VerifyCode):
    return await AuthService().verify_code(verify_code.username, verify_code.code, verify_code.telegram_chat_id)
@router.post("/auth/generate_code")
 async def generate_code(username: str):
    return await AuthService().generate_code(username)
--- a/app/models/user.py
+++ b/app/models/user.py
@ -1,10 +1,9 @@
-from pydantic import BaseModel, EmailStr
+from pydantic import BaseModel
 from datetime import datetime
 from typing import Optional
 class UserCreate(BaseModel):
    username: str
    email: EmailStr
    password: str
 class UserLogin(BaseModel):
@ -13,7 +12,6 @@ class UserLogin(BaseModel):
 class UserInDB(BaseModel):
    username: str
    email: EmailStr
    hashed_password: str
    uuid: str
    skin_url: Optional[str] = None
@ -23,9 +21,17 @@ class UserInDB(BaseModel):
    total_time_played: int = 0  # Общее время игры в секундах
    is_active: bool = True
    created_at: datetime = datetime.utcnow()
-    
+    code: Optional[str] = None
    telegram_id: Optional[str] = None
    is_verified: bool = False
    code_expires_at: Optional[datetime] = None
 class Session(BaseModel):
    access_token: str
    client_token: str
    user_uuid: str
    expires_at: datetime
 class VerifyCode(BaseModel):
    username: str
    code: str
    telegram_chat_id: int
--- a/app/services/auth.py
+++ b/app/services/auth.py
@ -17,6 +17,7 @@ from cryptography.hazmat.primitives.asymmetric import padding
 from dotenv import load_dotenv
 import os
 from pathlib import Path
 import secrets
 env_path = Path(__file__).parent.parent / ".env"
 load_dotenv(dotenv_path=env_path)
@ -37,18 +38,59 @@ class AuthService:
        # Сохраняем в MongoDB
        new_user = UserInDB(
            username=user.username,
            email=user.email,
            hashed_password=hashed_password,
            uuid=user_uuid,
            is_verified=False,
            code=None,
            code_expires_at=None
        )
        await users_collection.insert_one(new_user.dict())
        return {"status": "success", "uuid": user_uuid}
    async def generate_code(self, username: str):
        if await users_collection.find_one({"username": username}):
            if await users_collection.find_one({"username": username, "is_verified": True}):
                raise HTTPException(400, "User already verified")   
            code = secrets.token_hex(3).upper()
            await users_collection.update_one({"username": username}, {"$set": {"code": code, "code_expires_at": datetime.utcnow() + timedelta(minutes=10)}})
            return {"status": "success", "code": code}
        else:
            raise HTTPException(404, "User not found")
    async def verify_code(self, username: str, code: str, telegram_chat_id: int):
        user = await users_collection.find_one({"username": username})
        if not user:
            raise HTTPException(404, "User not found")
        if user["is_verified"]:
            raise HTTPException(400, "User already verified")
        # Проверяем код и привязку к Telegram
        if user.get("telegram_chat_id") and user["telegram_chat_id"] != telegram_chat_id:
            raise HTTPException(403, "This account is linked to another Telegram")
        if user.get("code") != code:
            raise HTTPException(400, "Invalid code")
        # Обновляем chat_id при первом подтверждении
        await users_collection.update_one(
            {"username": username},
            {"$set": {
                "is_verified": True,
                "telegram_chat_id": telegram_chat_id,
                "code": None
            }}
        )
        return {"status": "success"}
    async def login(self, credentials: UserLogin):
        # Ищем пользователя
        user = await users_collection.find_one({"username": credentials.username})
        if not user or not verify_password(credentials.password, user["hashed_password"]):
            raise HTTPException(status_code=401, detail="Invalid credentials")
        if not user["is_verified"]:
            raise HTTPException(status_code=401, detail="User not verified")
        # Генерируем токены
        access_token = create_access_token({"sub": user["username"], "uuid": user["uuid"]})
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -13,6 +13,19 @@ services:
      - .env
    depends_on:
      - mongodb
    command: ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "3000"]
  telegram_bot:
    container_name: telegram_bot
    build:
      context: .
      dockerfile: Dockerfile
    user: "${UID:-1000}:${GID:-1000}"
    volumes:
      - ./telegram_bot.py:/app/telegram_bot.py
    env_file:
      - .env
    command: ["python", "telegram_bot.py"]
  mongodb:
    container_name: mongodb
--- a/2
+++ b/2
@ -12,5 +12,3 @@ RUN mkdir -p /app/static/skins /app/static/capes /app/static/capes_store && \
    chown -R 1000:1000 /app/static
 EXPOSE 3000
 CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "3000"]
--- a/requirements.txt
+++ b/requirements.txt
@ -8,6 +8,7 @@ python-multipart>=0.0.9
 mongoengine>=0.24.2
 python-dotenv>=1.0.0
 pydantic>=2.0.0
 pydantic[email]>=2.0.0
 cryptography>=43.0.0
 pytelegrambotapi>=2.0.0
 httpx>=0.27.2
--- a/telegram_bot.py
+++ b/telegram_bot.py
@ -0,0 +1,46 @@
 from telebot import TeleBot
 import httpx
 import os
 from dotenv import load_dotenv
 load_dotenv()
 bot = TeleBot(os.getenv("TELEGRAM_BOT_TOKEN"))
 API_URL = os.getenv("API_URL")
 user_states = {}  # {"chat_id": {"username": "DIKER0K"}}
@bot.message_handler(commands=['start'])
 def start(message):
    bot.reply_to(message, "🔑 Введите ваш игровой никнейм:")
    bot.register_next_step_handler(message, process_username)
 def process_username(message):
    user_states[message.chat.id] = {"username": message.text.strip()}
    bot.reply_to(message, "📋 Теперь введите код из лаунчера:")
@bot.message_handler(func=lambda m: m.chat.id in user_states)
 def verify_code(message):
    username = user_states[message.chat.id]["username"]
    code = message.text.strip()
    print(username, code, message.chat.id)
    try:
        response = httpx.post(
            f"{API_URL}/auth/verify_code",
            json={"username": username, "code": code, "telegram_chat_id": message.chat.id},  # JSON-сериализация автоматически
            headers={"Content-Type": "application/json"}  # Необязательно, httpx добавляет сам
        )
        print(response.json())
        if response.status_code == 200:
            bot.reply_to(message, "✅ Аккаунт подтвержден!")
        else:
            bot.reply_to(message, f"❌ Ошибка: {response.json().get('detail')}")
    except Exception:
        print(API_URL)
        bot.reply_to(message, "⚠️ Сервер недоступен")
    del user_states[message.chat.id]
 if __name__ == "__main__":
    bot.polling(none_stop=True)