From 0b3db7140cb275616a0a7d482915effcc653f919 Mon Sep 17 00:00:00 2001
From: Maharshi Mishra <maharshi@tor.us>
Date: Mon, 21 Oct 2024 23:13:58 +0530
Subject: [PATCH] Updated actual tg flow

---
 .../server/api/index.js                       | 41 ++++++++++---------
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/single-factor-auth-web/sfa-web-ton-telegram-example/server/api/index.js b/single-factor-auth-web/sfa-web-ton-telegram-example/server/api/index.js
index ebc8f808..c78ce678 100644
--- a/single-factor-auth-web/sfa-web-ton-telegram-example/server/api/index.js
+++ b/single-factor-auth-web/sfa-web-ton-telegram-example/server/api/index.js
@@ -75,32 +75,35 @@ app.post("/auth/telegram", async (req, res) => {
     return res.status(400).json({ error: "initDataRaw is required" });
   }
 
-  if (isMocked) {
-    // Directly parse the mocked initDataRaw without validation
+  try {
     const data = new URLSearchParams(initDataRaw);
-    const user = JSON.parse(decodeURIComponent(data.get("user"))); // Decode the 'user' parameter from initDataRaw
+    console.log("Decoded Init Data:", data.toString());
 
-    const mockUser = {
-      id: user.id,
-      username: user.username,
-      photo_url: user.photo_url || "https://www.gravatar.com/avatar", // Default photo URL for mocked user
-      first_name: user.first_name,
-    };
+    if (isMocked) {
+      const user = JSON.parse(decodeURIComponent(data.get("user"))); // Decode the 'user' parameter from initDataRaw
 
-    console.log("Parsed mock user data:", mockUser);
+      const mockUser = {
+        id: user.id,
+        username: user.username,
+        photo_url: user.photo_url || "https://www.gravatar.com/avatar", // Default photo URL for mocked user
+        first_name: user.first_name,
+      };
 
-    const JWTtoken = generateJwtToken(mockUser);
-    return res.json({ token: JWTtoken });
-  }
+      console.log("Parsed mock user data:", mockUser);
+      const JWTtoken = generateJwtToken(mockUser);
+      return res.json({ token: JWTtoken });
+    }
 
-  // For real scenarios, proceed with validation
-  const validator = new AuthDataValidator({ botToken: TELEGRAM_BOT_TOKEN });
-  const data = objectToAuthDataMap(new URLSearchParams(initDataRaw));
+    // For real scenarios, proceed with validation
+    const validator = new AuthDataValidator({ botToken: TELEGRAM_BOT_TOKEN });
+    const telegramData = objectToAuthDataMap(data);
 
-  try {
-    const user = await validator.validate(data);
+    console.log("Telegram data before validation:", telegramData);
+
+    const user = await validator.validate(telegramData);
+
+    console.log("Validated user:", user);
 
-    // Ensure a photo URL is available or use a default one
     const validatedUser = {
       ...user,
       photo_url: user.photo_url || "https://www.gravatar.com/avatar", // Fallback photo URL if missing