NTelegram Authentication
I'm writing a React app with Convex.
I want to support Telegram's super simple Mini App authentication.
Here's how it works:
My telegram bot shares a special link. When a user clicks on the link, it opens a web view to my app, but with some additional information in the fragment identifier of the URL: it passes the telegram user's id, username, first and last name, photo url, a timestamp, and a hash of all that information with the bot's secret.
I've put the bot's secret in my convex environment variables.
I've also written a Convex action that verifies the user information against that secret. This action uses node, so I can't easily re-verify it in every query.
How can I get Convex to see the user as authenticated? Perhaps I need to have my action return a JWT that Convex understands? How do I get the convex client in the web browser to use that JWT in subsequent requests so the user shows up as authenticated in later queries?
I want to support Telegram's super simple Mini App authentication.
Here's how it works:
My telegram bot shares a special link. When a user clicks on the link, it opens a web view to my app, but with some additional information in the fragment identifier of the URL: it passes the telegram user's id, username, first and last name, photo url, a timestamp, and a hash of all that information with the bot's secret.
I've put the bot's secret in my convex environment variables.
I've also written a Convex action that verifies the user information against that secret. This action uses node, so I can't easily re-verify it in every query.
How can I get Convex to see the user as authenticated? Perhaps I need to have my action return a JWT that Convex understands? How do I get the convex client in the web browser to use that JWT in subsequent requests so the user shows up as authenticated in later queries?
