Arnike/duty-teller
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 14 Wiki Activity

Refactor configuration and enhance Telegram initData validation

Browse Source 
- Improved formatting and readability in config.py and other files by adding line breaks.
- Introduced INIT_DATA_MAX_AGE_SECONDS to enforce replay protection for Telegram initData.
- Updated validate_init_data function to include max_age_seconds parameter for validation.
- Enhanced API to reject old initData based on the new max_age_seconds setting.
- Added tests for auth_date expiry and validation of initData in test_telegram_auth.py.
- Updated README with details on the new INIT_DATA_MAX_AGE_SECONDS configuration.
This commit is contained in:
Nikolay Tatarinov
2026-02-17 17:31:20 +03:00
parent d20a285f09
commit 1948618394
19 changed files with 181 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
db/session.py
View File

@@ -1,11 +1,11 @@
"""SQLAlchemy engine and session factory."""
from contextlib import contextmanager
from typing import Generator
from sqlalchemy import create_engine
from sqlalchemy.orm import Session, sessionmaker
from db.models import Base
_engine = None
_SessionLocal = None
@@ -26,7 +26,9 @@ def get_engine(database_url: str):
if _engine is None:
_engine = create_engine(
database_url,
connect_args={"check_same_thread": False} if "sqlite" in database_url else {},
connect_args={"check_same_thread": False}
if "sqlite" in database_url
else {},
echo=False,
)
return _engine