Experiment with User data

orchestr7 · Sep 7, 2024 · f2f05a8 · f2f05a8
1 parent f4a4d05
commit f2f05a8
Show file tree

Hide file tree

Showing 23 changed files with 190 additions and 261 deletions.
diff --git a/backend/build.gradle.kts b/backend/build.gradle.kts
@@ -7,14 +7,16 @@ plugins {
 }
 
 dependencies {
+    api(project(":common"))
     implementation("org.springframework.boot:spring-boot-starter-data-jpa")
     implementation("org.springframework.boot:spring-boot-starter-oauth2-client")
+    implementation("org.springframework.boot:spring-boot-starter-test")
     implementation("org.springframework.boot:spring-boot-starter-validation")
     implementation("org.springframework.boot:spring-boot-starter-web")
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
     implementation("org.jetbrains.kotlin:kotlin-reflect")
-    implementation("io.jsonwebtoken:jjwt-api:0.11.5")
     implementation("com.h2database:h2:2.3.232")
+    implementation("commons-codec:commons-codec:1.17.1")
     runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.5")
     runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.5")
     testImplementation(kotlin("test"))

diff --git a/backend/src/jvmMain/kotlin/ru/posidata/backend/BackendApplication.kt b/backend/src/jvmMain/kotlin/ru/posidata/backend/BackendApplication.kt
diff --git a/backend/src/jvmMain/kotlin/ru/posidata/backend/controller/TelegramAuthController.kt b/backend/src/jvmMain/kotlin/ru/posidata/backend/controller/TelegramAuthController.kt
diff --git a/backend/src/jvmMain/kotlin/ru/posidata/backend/entity/User.kt b/backend/src/jvmMain/kotlin/ru/posidata/backend/entity/User.kt
diff --git a/backend/src/jvmMain/kotlin/ru/posidata/backend/repository/UserRepository.kt b/backend/src/jvmMain/kotlin/ru/posidata/backend/repository/UserRepository.kt
diff --git a/backend/src/jvmMain/kotlin/ru/posidata/backend/service/TelegramAuthService.kt b/backend/src/jvmMain/kotlin/ru/posidata/backend/service/TelegramAuthService.kt
diff --git a/backend/src/jvmMain/kotlin/ru/posidata/backend/service/UserService.kt b/backend/src/jvmMain/kotlin/ru/posidata/backend/service/UserService.kt
diff --git a/backend/src/jvmMain/resources/application.yml b/backend/src/jvmMain/resources/application.yml
diff --git a/backend/src/main/kotlin/ru/posidata/backend/controller/TelegramAuthController.kt b/backend/src/main/kotlin/ru/posidata/backend/controller/TelegramAuthController.kt
@@ -43,38 +43,9 @@ class TelegramAuthController(private val telegramAuthService: TelegramAuthServic
     //</body>
     //</html>
     // https://posidata.ru/api/test?id=221298772&first_name=Андрей&last_name=Кулешов&username=akuleshov7&photo_url=https%3A%2F%2Ft.me%2Fi%2Fuserpic%2F320%2Fd3fKyG306aXHDBCxZXfWTpGlii6fZqZMo1tBmMPEl_E.jpg&auth_date=1725656645&hash=742dda3a019e57821e1fb7acf9918aeb6f0d734cc5c8612913b6696aeab2c745
-    @GetMapping("/test")
-    fun test(
-        @RequestParam id: String,
-        @RequestParam first_name: String,
-        @RequestParam last_name: String,
-        @RequestParam photo_url: String,
-        @RequestParam username: String,
-        @RequestParam auth_date: String,
-        @RequestParam hash: String
-    ): String {
-        println(username)
-        return username
-    }
-
     @GetMapping("/get")
     fun get(): String {
         println("Hi!")
         return "Hi"
     }
-
-
-    @PostMapping("auth/telegram")
-    fun telegramAuth(@RequestBody request: Map<String, Any>): ResponseEntity<Any> {
-        return try {
-            val authResult = telegramAuthService.authenticate(request)
-            if (authResult.isAuthenticated) {
-                ResponseEntity.ok(authResult.token)
-            } else {
-                ResponseEntity.status(HttpStatus.FORBIDDEN).body("Login info hash mismatch")
-            }
-        } catch (e: Exception) {
-            ResponseEntity.status(HttpStatus.FORBIDDEN).body("Server error while authenticating")
-        }
-    }
 }
diff --git a/backend/src/main/kotlin/ru/posidata/backend/controller/UserController.kt b/backend/src/main/kotlin/ru/posidata/backend/controller/UserController.kt
@@ -0,0 +1,57 @@
+package ru.posidata.backend.controller
+
+import org.springframework.http.HttpStatus
+import org.springframework.http.ResponseEntity
+import org.springframework.web.bind.annotation.*
+import ru.posidata.backend.service.TelegramAuthService
+import ru.posidata.backend.service.UserService
+import ru.posidata.common.ResourceType
+import ru.posidata.common.Resources
+
+
+@RestController
+@RequestMapping("api")
+class UserController(
+    private val telegramAuthService: TelegramAuthService,
+    private val userService: UserService
+) {
+    @GetMapping("/get")
+    fun getResults(
+        @RequestParam username: String?,
+        @RequestParam telegramId: Long,
+        @RequestParam hash: String,
+        @RequestParam firstName: String?,
+        @RequestParam lastName: String?,
+    ): ResponseEntity<Any> {
+        println("Received a request to get results from $username, $telegramId, $hash, $firstName, $lastName")
+        userService.findOrCreateUser(
+            username = username,
+            telegramId = telegramId,
+            firstName = firstName,
+            lastName = lastName
+        )
+        return ResponseEntity.status(HttpStatus.OK).body("")
+    }
+
+    @GetMapping("/answer")
+    fun submitAnswer(
+        @RequestParam pokemonName: String,
+        @RequestParam resourceType: ResourceType,
+        // @RequestParam gameNumber: Int,
+        @RequestParam username: String,
+        @RequestParam hash: String,
+    ): ResponseEntity<Any> {
+        // user
+        println(pokemonName)
+        var count: Int = 0
+        val pokemon = Resources.getByName(pokemonName)
+            ?: return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Invalid pokemon name $pokemonName")
+        if (pokemon.type == resourceType) {
+            // correct answer
+            ++count
+        } else {
+            // incorrect answer
+        }
+        return ResponseEntity.status(HttpStatus.OK).body(resourceType)
+    }
+}
diff --git a/backend/src/main/kotlin/ru/posidata/backend/entity/User.kt b/backend/src/main/kotlin/ru/posidata/backend/entity/User.kt
@@ -9,7 +9,16 @@ data class User(
     val id: Long = 0,
     @Column(unique = true)
     val telegramId: Long,
-    val firstName: String,
+    val firstName: String?,
     val lastName: String?,
-    val username: String?
+    val username: String?,
+
+    @Column(nullable = true)
+    var firstGameScore: Int?,
+
+    @Column(nullable = true)
+    var secondGameScore: Int?,
+
+    @Column(nullable = true)
+    var thirdGameScore: Int?,
 )
diff --git a/backend/src/main/kotlin/ru/posidata/backend/repository/UserRepository.kt b/backend/src/main/kotlin/ru/posidata/backend/repository/UserRepository.kt
@@ -1,10 +1,10 @@
 package ru.posidata.backend.repository
 
-import org.springframework.data.jpa.repository.JpaRepository
+import org.springframework.data.repository.CrudRepository
 import org.springframework.stereotype.Repository
 import ru.posidata.backend.entity.User
 
 @Repository
-interface UserRepository : JpaRepository<User, Long> {
+interface UserRepository : CrudRepository<User, Long> {
     fun findByTelegramId(telegramId: Long): User?
 }
diff --git a/backend/src/main/kotlin/ru/posidata/backend/service/TelegramAuthService.kt b/backend/src/main/kotlin/ru/posidata/backend/service/TelegramAuthService.kt
@@ -1,43 +1,58 @@
 package ru.posidata.backend.service
 
+import org.apache.commons.codec.digest.HmacUtils
 import org.springframework.beans.factory.annotation.Value
 import org.springframework.stereotype.Service
-import java.security.MessageDigest
-import java.util.*
-import javax.crypto.Mac
-import javax.crypto.spec.SecretKeySpec
+
 
 @Service
 class TelegramAuthService(
     @Value("\${telegram.bot.token}") private val telegramToken: String,
-    private val userService: UserService
 ) {
-    fun authenticate(request: Map<String, Any>): AuthResult {
-        val hash = request["hash"] as String
-        val sortedRequest = request.toMutableMap().apply { remove("hash") }
-
-        val dataCheckString = sortedRequest.entries
-            .sortedBy { it.key.lowercase(Locale.getDefault()) }
-            .joinToString("\n") { "${it.key}=${it.value}" }
-
-        val secretKey = SecretKeySpec(
-            MessageDigest.getInstance("SHA-256").digest(telegramToken.toByteArray(Charsets.UTF_8)),
-            "HmacSHA256"
-        )
-        val mac = Mac.getInstance("HmacSHA256")
-        mac.init(secretKey)
-
-        val result = mac.doFinal(dataCheckString.toByteArray(Charsets.UTF_8))
-        val calculatedHash = result.joinToString("") { "%02x".format(it) }
-
-        return if (hash.equals(calculatedHash, ignoreCase = true)) {
-            val user = userService.findOrCreateUser(request)
-            println(user)
-            AuthResult(true, "token")
-        } else {
-            AuthResult(false, null)
-        }
+    fun isValidHash(hash: String): Boolean {
+        val secreteKey = "1289756607:AAFYuBeHguJKYhDVzwSfYFLX4tF5YbkSU7M"
+        return true
     }
+
+}
+
+
+fun main() {
+    println(isValidHash())
+}
+
+// Bot token
+const val BOT_TOKEN = "7518590686:AAFCT7m70_ANfOZfIACr2C7bOy0igdLNOpg"
+
+// Function to validate hash
+fun isValidHash(): Boolean {
+    val hash = "742dda3a019e57821e1fb7acf9918aeb6f0d734cc5c8612913b6696aeab2c745"
+
+    val parsedData: Map<String, String> = mapOf(
+        "id" to "221298772",
+        "first_name" to "Андрей",
+        "last_name" to "Кулешов",
+        "username" to "akuleshov7",
+        "photo_url" to "https%3A%2F%2Ft.me%2Fi%2Fuserpic%2F320%2Fd3fKyG306aXHDBCxZXfWTpGlii6fZqZMo1tBmMPEl_E.jpg",
+        "auth_date" to "1725656645",
+        "hash" to "742dda3a019e57821e1fb7acf9918aeb6f0d734cc5c8612913b6696aeab2c745"
+    )
+
+    // Remove 'hash' value & sort alphabetically
+    val dataKeys = parsedData.keys.filter { it != "hash" }.sorted()
+
+    // Create line format key=<value>
+    val items = dataKeys.map { key -> "$key=${parsedData[key]}" }
+
+    // Create check string with '\n' as separator
+    val dataCheckString = items.joinToString("\n")
+
+    val secretKey: ByteArray = HmacUtils("HmacSHA256", "WebAppData").hmac(BOT_TOKEN)
+    val initDataHash: String = HmacUtils("HmacSHA256", secretKey).hmacHex(dataCheckString)
+
+    println(initDataHash)
+    println(hash)
+    // Return whether the generated hash matches the provided hash
+    return initDataHash == hash
 }
 
-data class AuthResult(val isAuthenticated: Boolean, val token: String?)