harden telegram webapp production readiness
This commit is contained in:
VPN SaaS Dev
@@ -408,8 +408,13 @@ function formData(form) {
|
||||
}
|
||||
|
||||
async function api(path, options = {}) {
|
||||
const headers = { "Content-Type": "application/json", ...(options.headers || {}) };
|
||||
if (tg?.initData) headers["X-Telegram-Init-Data"] = tg.initData;
|
||||
if (!tg?.initData && state.authConfig?.allow_dev_auth) {
|
||||
headers["X-Dev-Telegram-Id"] = localStorage.getItem("driversDevTelegramId") || "1";
|
||||
}
|
||||
const response = await fetch(`/api${path}`, {
|
||||
headers: { "Content-Type": "application/json", ...(options.headers || {}) },
|
||||
headers,
|
||||
...options,
|
||||
});
|
||||
if (!response.ok) {
|
||||
@@ -497,13 +502,14 @@ async function ensureUser() {
|
||||
hideAuthOverlay();
|
||||
return;
|
||||
}
|
||||
const stored = localStorage.getItem("driversUser");
|
||||
if (stored) {
|
||||
state.user = JSON.parse(stored);
|
||||
if (state.authConfig?.allow_dev_auth) {
|
||||
const devId = localStorage.getItem("driversDevTelegramId") || "1";
|
||||
localStorage.setItem("driversDevTelegramId", devId);
|
||||
state.user = await api("/users/me");
|
||||
hideAuthOverlay();
|
||||
return;
|
||||
}
|
||||
await showTelegramLogin();
|
||||
showTelegramOpenHint();
|
||||
throw new Error("Требуется вход через Telegram");
|
||||
}
|
||||
|
||||
@@ -512,22 +518,33 @@ function hideAuthOverlay() {
|
||||
document.body.classList.remove("auth-required");
|
||||
}
|
||||
|
||||
async function showTelegramLogin() {
|
||||
function showTelegramOpenHint() {
|
||||
const overlay = document.querySelector("#authOverlay");
|
||||
const slot = document.querySelector("#telegramLoginSlot");
|
||||
const link = document.querySelector("#telegramLoginLink");
|
||||
const message = document.querySelector("#authMessage");
|
||||
overlay?.classList.remove("hidden");
|
||||
document.body.classList.add("auth-required");
|
||||
if (!slot || slot.dataset.ready) return;
|
||||
const botUsername = state.authConfig?.bot_username;
|
||||
if (message) {
|
||||
message.textContent = "Это приложение открывается через Telegram-бота. Откройте Mini App из Telegram.";
|
||||
}
|
||||
if (slot) slot.textContent = "";
|
||||
if (!botUsername) {
|
||||
slot.textContent = "Telegram Login временно недоступен";
|
||||
return;
|
||||
}
|
||||
if (link) {
|
||||
link.href = `https://t.me/${botUsername}?start=web_login`;
|
||||
link.href = `https://t.me/${botUsername}`;
|
||||
link.classList.remove("hidden");
|
||||
}
|
||||
}
|
||||
|
||||
async function showTelegramLogin() {
|
||||
showTelegramOpenHint();
|
||||
const slot = document.querySelector("#telegramLoginSlot");
|
||||
if (!slot || slot.dataset.ready) return;
|
||||
const botUsername = state.authConfig?.bot_username;
|
||||
if (!botUsername) return;
|
||||
window.onTelegramAuth = async (user) => {
|
||||
state.user = await api("/users/telegram-login", {
|
||||
method: "POST",
|
||||
@@ -1424,7 +1441,11 @@ document.querySelector("#ocrForm").addEventListener("submit", async (event) => {
|
||||
await runAction(formButton, "Распознаю чек...", async () => {
|
||||
const payload = new FormData();
|
||||
payload.append("file", file);
|
||||
const response = await fetch("/api/ocr/fuel-receipt", { method: "POST", body: payload });
|
||||
const response = await fetch("/api/ocr/parse-text-receipt", {
|
||||
method: "POST",
|
||||
headers: tg?.initData ? { "X-Telegram-Init-Data": tg.initData } : {},
|
||||
body: payload,
|
||||
});
|
||||
if (!response.ok) throw new Error(await response.text());
|
||||
const result = await response.json();
|
||||
document.querySelector("#ocrResult").textContent = `${result.message} ${Math.round((result.confidence || 0) * 100)}%`;
|
||||
|
||||
Reference in New Issue
Block a user