pezkuwichain/pezkuwi-telegram-miniapp
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-telegram-miniapp.git synced 2026-04-22 03:07:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: auto-sync wallet address to tg_users for deposit system

Browse Source
This commit is contained in:
Kurdistan Tech Ministry
2026-02-08 04:24:06 +03:00
parent c100e99c0d
commit bf8a3cc06c
7 changed files with 177 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
supabase/functions/check-deposits/index.ts
+2 -2
View File
@@ -22,8 +22,8 @@ const TON_API = 'https://tonapi.io/v2';
const TRON_API = 'https://api.trongrid.io';
const SUBSCAN_API = 'https://assethub-polkadot.api.subscan.io';
// Contract addresses
const TON_USDT_MASTER = 'EQCxE6mUtQJKFnGfaROTKOt1lZbDiiX1kCixRv7Nw2Id_sDs'; // TON USDT Jetton
// Contract addresses - raw format from TonAPI
const TON_USDT_MASTER = '0:b113a994b5024a16719f69139328eb759596c38a25f59028b146fecdc3621dfe'; // TON USDT Jetton
const TRON_USDT_CONTRACT = 'TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t'; // TRC20 USDT
const BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
supabase/functions/get-deposit-info/index.ts
+2 -1
View File
@@ -190,7 +190,7 @@ serve(async (req) => {
const { data: existingUser } = await supabase
.from('tg_users')
.select('id, deposit_index')
.select('id, deposit_index, wallet_address')
.eq('telegram_id', telegramUser.id)
.single();
@@ -277,6 +277,7 @@ serve(async (req) => {
code: depositCode,
trc20Address,
depositIndex,
walletAddress: existingUser?.wallet_address || null,
}),
{ headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
);
supabase/functions/save-wallet-address/index.ts
+147
View File
@@ -0,0 +1,147 @@
/**
* Save Wallet Address - Saves user's Asset Hub wallet address
*/
import { serve } from 'https://deno.land/std@0.177.0/http/server.ts';
import { createClient } from 'https://esm.sh/@supabase/supabase-js@2';
import { createHmac } from 'https://deno.land/std@0.177.0/node/crypto.ts';
const ALLOWED_ORIGIN = 'https://telegram.pezkuwichain.io';
function getCorsHeaders(): Record<string, string> {
return {
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
'Access-Control-Allow-Headers':
'authorization, x-client-info, apikey, content-type, x-supabase-client-platform',
'Access-Control-Allow-Methods': 'POST, OPTIONS',
};
}
interface TelegramUser {
id: number;
first_name: string;
}
function validateInitData(initData: string, botToken: string): TelegramUser | null {
try {
const params = new URLSearchParams(initData);
const hash = params.get('hash');
if (!hash) return null;
params.delete('hash');
const sortedParams = Array.from(params.entries())
.sort(([a], [b]) => a.localeCompare(b))
.map(([key, value]) => `${key}=${value}`)
.join('\n');
const secretKey = createHmac('sha256', 'WebAppData').update(botToken).digest();
const calculatedHash = createHmac('sha256', secretKey).update(sortedParams).digest('hex');
if (calculatedHash !== hash) return null;
const authDate = parseInt(params.get('auth_date') || '0');
const now = Math.floor(Date.now() / 1000);
if (now - authDate > 86400) return null;
const userStr = params.get('user');
if (!userStr) return null;
return JSON.parse(userStr) as TelegramUser;
} catch {
return null;
}
}
// Validate Substrate address format (SS58)
function isValidSubstrateAddress(address: string): boolean {
// Basic validation: starts with 1 or 5, length 47-48, alphanumeric
if (!address) return false;
if (address.length < 46 || address.length > 48) return false;
if (!address.match(/^[1-9A-HJ-NP-Za-km-z]+$/)) return false;
// Most Polkadot/Kusama addresses start with 1 or 5
if (!['1', '5'].includes(address[0])) return false;
return true;
}
serve(async (req) => {
const corsHeaders = getCorsHeaders();
if (req.method === 'OPTIONS') {
return new Response('ok', { headers: corsHeaders });
}
try {
const body = await req.json();
const { initData, walletAddress } = body;
if (!initData) {
return new Response(JSON.stringify({ error: 'Missing initData' }), {
status: 400,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
if (!walletAddress) {
return new Response(JSON.stringify({ error: 'Missing walletAddress' }), {
status: 400,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
// Validate wallet address format
if (!isValidSubstrateAddress(walletAddress)) {
return new Response(JSON.stringify({ error: 'Invalid wallet address format' }), {
status: 400,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
const supabaseUrl = Deno.env.get('SUPABASE_URL')!;
const supabaseServiceKey = Deno.env.get('SUPABASE_SERVICE_ROLE_KEY')!;
const botToken = Deno.env.get('TELEGRAM_BOT_TOKEN');
if (!botToken) {
return new Response(JSON.stringify({ error: 'Server configuration error' }), {
status: 500,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
const telegramUser = validateInitData(initData, botToken);
if (!telegramUser) {
return new Response(JSON.stringify({ error: 'Invalid Telegram data' }), {
status: 401,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
const supabase = createClient(supabaseUrl, supabaseServiceKey, {
auth: { autoRefreshToken: false, persistSession: false },
});
// Update user's wallet address
const { error: updateError } = await supabase
.from('tg_users')
.update({ wallet_address: walletAddress })
.eq('telegram_id', telegramUser.id);
if (updateError) {
console.error('Error updating wallet address:', updateError);
return new Response(JSON.stringify({ error: 'Failed to save wallet address' }), {
status: 500,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
return new Response(JSON.stringify({ success: true }), {
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
} catch (err) {
console.error('Save wallet address error:', err);
return new Response(JSON.stringify({ error: 'Internal server error' }), {
status: 500,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
});