BotForge/quickbot
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

move webhook auth key to bot config
All checks were successful
Build Docs / changes (push) Successful in 5s
Details
Build Docs / build-docs (push) Has been skipped
Details
Build Docs / deploy-docs (push) Has been skipped
Details

Browse Source
This commit is contained in:
Alexander Kalinovsky
2025-04-12 17:07:39 +07:00
parent 783ecac91a
commit c81fb57c1a
3 changed files with 4 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/quickbot/api_route/telegram.py
View File

@@ -21,7 +21,7 @@ async def telegram_webhook(
app: QBotApp = request.app app: QBotApp = request.app
request_token = request.headers.get("X-Telegram-Bot-Api-Secret-Token") request_token = request.headers.get("X-Telegram-Bot-Api-Secret-Token")
if request_token != app.bot_auth_token: if request_token != app.config.TELEGRAM_WEBHOOK_AUTH_KEY:
logger.warning("Unauthorized request %s", request) logger.warning("Unauthorized request %s", request)
return Response(status_code=403) return Response(status_code=403)
try: try:

6
src/quickbot/config/__init__.py
View File

@@ -46,6 +46,8 @@ class Config(BaseSettings):
) )
else '' else ''
}" }"
TELEGRAM_WEBHOOK_AUTH_KEY: str = "changethis"
TELEGRAM_BOT_USERNAME: str = "quickbot" TELEGRAM_BOT_USERNAME: str = "quickbot"
TELEGRAM_BOT_SERVER: str = "https://api.telegram.org" TELEGRAM_BOT_SERVER: str = "https://api.telegram.org"
@@ -54,10 +56,6 @@ class Config(BaseSettings):
ADMIN_TELEGRAM_ID: int ADMIN_TELEGRAM_ID: int
USE_NGROK: bool = False
NGROK_AUTH_TOKEN: str = "changethis"
NGROK_URL: str = ""
LOG_LEVEL: str = "DEBUG" LOG_LEVEL: str = "DEBUG"
def _check_default_secret(self, var_name: str, value: str | None) -> None: def _check_default_secret(self, var_name: str, value: str | None) -> None:

4
src/quickbot/main.py
View File

@@ -123,8 +123,6 @@ class QBotApp(Generic[UserType, ConfigType], FastAPI):
self.dp = dp self.dp = dp
self.bot_auth_token = token_hex(128)
self.start_handler = bot_start self.start_handler = bot_start
self.bot_commands = dict[str, BotCommand]() self.bot_commands = dict[str, BotCommand]()
@@ -174,7 +172,7 @@ class QBotApp(Generic[UserType, ConfigType], FastAPI):
url=f"{self.config.TELEGRAM_WEBHOOK_URL}/telegram/webhook", url=f"{self.config.TELEGRAM_WEBHOOK_URL}/telegram/webhook",
drop_pending_updates=True, drop_pending_updates=True,
allowed_updates=self.allowed_updates, allowed_updates=self.allowed_updates,
secret_token=self.bot_auth_token, secret_token=self.webhook_auth_key,
) )
async def show_form( async def show_form(