Refactor configuration and enhance Telegram initData validation

- Improved formatting and readability in config.py and other files by adding line breaks.
- Introduced INIT_DATA_MAX_AGE_SECONDS to enforce replay protection for Telegram initData.
- Updated validate_init_data function to include max_age_seconds parameter for validation.
- Enhanced API to reject old initData based on the new max_age_seconds setting.
- Added tests for auth_date expiry and validation of initData in test_telegram_auth.py.
- Updated README with details on the new INIT_DATA_MAX_AGE_SECONDS configuration.

alembic/env.py

@@ -1,4 +1,5 @@
 """Alembic env: use config DATABASE_URL and db.models.Base."""
+
 import os
 import sys
 from logging.config import fileConfig

alembic/versions/001_initial_users_and_duties.py

@@ -5,6 +5,7 @@ Revises:
 Create Date: 2025-02-17
 
 """
+
 from typing import Sequence, Union
 
 from alembic import op
@@ -34,7 +35,10 @@ def upgrade() -> None:
         sa.Column("user_id", sa.Integer(), nullable=False),
         sa.Column("start_at", sa.Text(), nullable=False),
         sa.Column("end_at", sa.Text(), nullable=False),
-        sa.ForeignKeyConstraint(["user_id"], ["users.id"], ),
+        sa.ForeignKeyConstraint(
+            ["user_id"],
+            ["users.id"],
+        ),
         sa.PrimaryKeyConstraint("id"),
     )