Web Validation
Nutgram provides a simple way to validate the data received from a Login Widget or a Mini App.
Login Widget
The Telegram Login Widget is a simple way to authorize users on your website.
Nutgram provides the validateLoginData
method to validate the data received from the widget.
If the data is valid, the method returns a
LoginData
object,
otherwise it throws an InvalidDataException
.
// $initData MUST BE a query string value like this:
// id=12345678&first_name=Mario&last_name=Super&username=SuperMario&photo_url=photourl&auth_date=1693264973&hash=1a2b3c4d5e6f
// Tip: you can user the http_build_query to get the query string from an array via $_POST variable.
try {
$loginData = $bot->validateLoginData($initData);
//$loginData->id
//$loginData->toArray()['id']
} catch (InvalidDataException) {
echo 'Invalid data!';
}
Mini App
With Mini Apps developers can use JavaScript to create infinitely flexible interfaces that can be launched right inside Telegram — and can completely replace any website.
Nutgram provides the validateWebAppData
method to validate the data received from the Mini App.
If the data is valid, the method returns a
WebAppData
object,
otherwise it throws an InvalidDataException
.
// $initData MUST BE a query string value like this:
// user=%7B%22id%22%3A12345678%2C%22first_name%22%3A%22Mario%22%2C%22last_name%22%3A%22Super%22%2C%22username%22%3A%22SuperMario%22%2C%22language_code%22%3A%22en%22%2C%22is_premium%22%3Atrue%2C%22allows_write_to_pm%22%3Atrue%7D&chat_instance=-123456789&chat_type=private&start_param=foo&auth_date=1693264973&hash=1a2b3c4d5e6f
// how to get $initData from frontend (example):
// $initData = $_GET['initData'] or $_POST['initData'];
// initData is an example key name provided by frontend
try {
$webappData = $bot->validateWebAppData($initData);
//$webappData->user->id
//$webappData->toArray()['user']['id']
} catch (InvalidDataException) {
echo 'Invalid data!';
}