Di;/ *dZddlmZddlZddlmZddlmZmZddl m Z m Z ddl m Z mZmZddlmZdd lmZdd lmZdd lmZdd lmZdd lmZmZmZmZddlm Z ddl!m"Z"m#Z#m$Z$m%Z%m&Z&ejNe(Z)d*dZ*ee"e#ededdde dgeegdZ+ee"e#edededdde dgeegdZ,eejZe#ed ed!d"d#e dgeegd$Z.Gd%d&e j^Z0eeejZe%e%d'd(e dgeegd)Z1y)+z+API views for Telegram-only authentication.) annotationsN) OpenApiTypes)OpenApiResponse extend_schema)statusviewsets)api_viewpermission_classesaction)AllowAny)Response) RefreshToken)settings) csrf_exempt)TelegramDataValidationErrorinit_data_debug_snapshotsend_telegram_messagevalidate_telegram_init_data)User)TelegramAuthRequestSerializerTelegramAuthResponseSerializer#TelegramAuthenticatedUserSerializer!TelegramWebhookResponseSerializerUserWalletSerializercR t|tj}|jd}|st ddit jS|jd|jdd|jd |jd |jd d }tjj|| \}}|s_g}|jD]6\} } |  t|| | k7st|| | |j!| 8|r|j#||r`|j$sT tjj|} | j&|j&k7r| |_|j#dgt-j.|} t t | j0t | |j&|j2|j4|j6|j8|j:|j<t |j>t |j@|jB|j$d dS#t$r0}t dt |it jcYd}~Sd}~wwxYw#tj*$rYwxYw)z@Shared logic for authenticating a user from an initData payload.errorrNidzInvalid user datausername first_name last_name language_code photo_url)r r!r#r$r%)telegram_user_iddefaults) update_fields) referral_code referred_by rr&r r!r#r$r%credit_balance bonus_balancer)r*accessrefreshuser)"rrTELEGRAM_BOT_TOKENrr strrHTTP_401_UNAUTHORIZEDgetHTTP_400_BAD_REQUESTrobjects get_or_createitemsgetattrsetattrappendsavereferred_by_idrr* DoesNotExistrfor_user access_tokenr&r r!r#r$r%r,r-r)) init_data start_param user_dataexcr&r'r1createdchanged_fieldsfieldvaluereferrerr0s A/home/cursorai/projects/telegram-earn/backend/apps/users/views.py_authenticate_with_init_datarL$s]  /   ' ' !}}T*  ) *..  MM*-mmL"5]];/"7]];/ HLL..)/MD' $&$NN,LE5 WT5%9U%BeU+%%e,-  IINI 34.. ||''k'BH{{dgg%#+   8##D)G '../7|gg$($9$9 MM"oo!^^!%!3!3!^^"%d&9&9":!$T%7%7!8!%!3!3#22   a '  c#h //   V     s0I4AJ J %JJ J J&%J&z(Missing or invalid init_data/start_param) descriptionz$Telegram signature validation failed)z@Authenticate a user via Telegram WebApp initData and issue JWTs.)request responsesrMPOSTc|jjd}|jjd}|stdditjSt ||S)zN Authenticate a user using Telegram Web App initData and return JWTs. rBrCrinit_data is requiredr)datar5r rr6rL)rQrBrCs rKauthenticate_telegramrWps]   -I,,""=1K  - ...  ( ; ??zMissing init_datazSignature validation failedzDev auth disabled)rNrOrPzDevelopment-only Telegram auth helper. Validates a signed initData payload and returns JWTs plus signature debug info. Only available when DEBUG=True and ENABLE_DEV_TELEGRAM_AUTH=True.cXtjrttddsttj S|j jd}|j jd}|stdditjSt|tj}tjd|jd |jd t||}|jtjk(r!t!|j }||d <||_|S) zT Dev-only helper endpoint to test Telegram auth flows without the Mini App. ENABLE_DEV_TELEGRAM_AUTHFrrBrCrrUz)rQr r1r0s rKswitch_user_devrksZ$ NNwx1KUSv8899|| +H  , -..   ||2##D)G '../7|gg$($9$9 MM"oo!^^!%!3!3!^^"%d&9&9":!$T%7%7!8!%!3!3#22        ,XJkB C,,   s7 E##4FFceZdZdZedeiddZededided d g d Z y ) MeViewSetz/Endpoints for current user profile and wallets.rNz*Retrieve the authenticated user's profile.)rRrMcVt|j}t|jS)z4GET /api/users/me/ returns the current user profile.)rr1r rV)selfrQ serializers rKlistzMeViewSet.lists! 9F  ((rXTmanyz8Retrieve all wallet balances for the authenticated user.Fr5)detailmethodsc|j}dd|jddd|jdg}t|d}t |j S)z7GET /api/users/me/wallets/ returns all wallet balances.Primaryr,)nametypebalanceBonusbonusTrr)r1r,r-rr rV)rorQr1walletsrps rKr}zMeViewSet.walletssR||(8TEXEX Yg$:L:L M *'=  ((rXN) __name__ __module__ __qualname____doc__rrrqrr r}rXrKrmrmse9;<@) ) ,$78N 55'*)+  )rXrm)rNzbWebhook for Telegram bot updates. Returns ok/forbidden depending on the configured webhook secret.ctj}|jjd}|r||k7rt ddddS|j xsi}|jdxs|jd}|jd }d }d }|r(|jd }|jd d xsd }n>|r<|jdxsi}|jd }|jdd xsd }|rd|vr t ddiS|d}d } |j dr6|jd} t| dkDr| djnd } n|r|jdr|d} ttdd } | } | r| rd| vrdnd} | | d| } | rdd| idggddd}d}nd }d}ttj|||}|stjd |t ddiS)!zV Receive Telegram webhook updates and handle /start deep links for referrals. zX-Telegram-Bot-Api-Secret-TokenF forbidden)okrrrmessageedited_messagecallback_queryNr"chattextrVrrTz/startr)maxsplitTELEGRAM_WEBAPP_URL?&z startapp=zOpen appurl)rweb_app)keyboardresize_keyboardone_time_keyboardzLTap the button below to open the app. Referral code is passed automatically.z2App URL is not configured. Please try again later.) bot_tokenchat_idr reply_markupz2Failed to reply to Telegram webhook for chat_id=%s)rTELEGRAM_WEBHOOK_SECRETheadersr5r rV startswithsplitlenstripr:rr2rawarning)rQ secret_token header_secretupdaterrrrrrCparts web_app_url button_url separatorr reply_textsents rKtelegram_webhookrs"$33LOO''(IJM 5u{;CHH \\ RFjj#Cvzz2B'CGZZ 01N D D{{6"{{62&,"  $$Y/52{{6"!!&"-3 4t#t %%4jG"K x  A &*-e*q.eAhnn&d N..v6$V, ($92>KJ{+-C3 #}YKy F  !+$):#6 $!&   5   I -- !  D KWU T4L !!rX)rBr3rCz str | None)2r __future__rloggingdrf_spectacular.typesrdrf_spectacular.utilsrrrest_frameworkrrrest_framework.decoratorsr r r rest_framework.permissionsr rest_framework.responser rest_framework_simplejwt.tokensr django.confrdjango.views.decorators.csrfrutils.telegramrrrrmodelsr serializersrrrrr getLoggerr~rarLrWriOBJECTrkViewSetrmrrrXrKrs1".@+JJ/,8 4    8 $IX ) + )S T )O P S 6(XJ @  @  ) + )< = )F G )< =  =  6(XJ    F    + ); < )N O  L  6(XJ*  *Z)  )8     . .  %  6(XJI"   I"rX