fix: dual bot token auth + P2P UI logic fixes

- All 17 edge functions now check both TELEGRAM_BOT_TOKEN and TELEGRAM_BOT_TOKEN_KRD for session verification - Add perPage:1000 to listUsers calls to prevent pagination issues - Fix offer button label: Buy tab shows "Al" (green), Sell tab shows "Sat" (red) - Fix active tab highlight with cyan color for visibility - Fix modal transparency (add --card CSS variable) - Fix withdraw tab sync (useEffect on modal open)
2026-06-19 19:11:04 +00:00 · 2026-02-27 00:53:52 +03:00
parent b67809481e
commit 910610491f
24 changed files with 237 additions and 88 deletions
@@ -93,9 +93,13 @@ serve(async (req) => {
    const body: GetPaymentMethodsRequest = await req.json();
    const { sessionToken, currency } = body;

-    // Get bot token for session verification
-    const botToken = Deno.env.get('TELEGRAM_BOT_TOKEN');
-    if (!botToken) {
+    // Get bot tokens for session verification (dual bot support)
+    const botTokens: string[] = [];
+    const _mainToken = Deno.env.get('TELEGRAM_BOT_TOKEN');
+    const _krdToken = Deno.env.get('TELEGRAM_BOT_TOKEN_KRD');
+    if (_mainToken) botTokens.push(_mainToken);
+    if (_krdToken) botTokens.push(_krdToken);
+    if (botTokens.length === 0) {
      return new Response(JSON.stringify({ error: 'Server configuration error' }), {
        status: 500,
        headers: { ...corsHeaders, 'Content-Type': 'application/json' },
@@ -110,7 +114,11 @@ serve(async (req) => {
      });
    }

-    const telegramId = verifySessionToken(sessionToken, botToken);
+    let telegramId: number | null = null;
+    for (const bt of botTokens) {
+      telegramId = verifySessionToken(sessionToken, bt);
+      if (telegramId) break;
+    }
    if (!telegramId) {
      return new Response(JSON.stringify({ error: 'Invalid or expired session' }), {
        status: 401,
@@ -127,8 +135,8 @@ serve(async (req) => {
    const telegramEmail = `telegram_${telegramId}@pezkuwichain.io`;
    const {
      data: { users: authUsers },
-    } = await supabase.auth.admin.listUsers();
-    const authUser = authUsers?.find((u) => u.email === telegramEmail);
+    } = await supabase.auth.admin.listUsers({ perPage: 1000 });
+    const authUser = authUsers?.find((u: { email?: string }) => u.email === telegramEmail);

    if (!authUser) {
      return new Response(JSON.stringify({ error: 'User not found. Please authenticate first.' }), {