Lonami / grammers

(tele)gramme.rs - use Telegram's API from Rust
https://t.me/gramme_rs
Apache License 2.0
554 stars 113 forks source link

Running the `dialogs` example with a 2FA password fails #217

Closed haarts closed 6 months ago

haarts commented 9 months ago

I'm trying to run the 'dialogs' example with cargo run --example dialogs. Everything works up until I enter my 2FA password, then the console outputs this (even the hint works! Cool):

Enter the password (hint look at your password manager): XXX
DEBUG [grammers_mtsender] enqueueing request auth.checkPassword to be serialized
DEBUG [grammers_mtsender] serialized request d18b4d16 (auth.checkPassword) with MsgId(7327155985945296712)
DEBUG [grammers_mtsender] sent request with MsgId(7327155985945296712)
DEBUG [grammers_mtsender] deserializing valid transport packet...
DEBUG [grammers_mtsender] got rpc error RpcError { code: 400, name: "PASSWORD_HASH_INVALID", value: None, caused_by: None } for request MsgId(7327155985945296712)
Error: InvalidPassword

Obviously, I checked my 2FA by using it in the Telegram app and that works as expected, so I'm sure my password is correct. I also printed the captured password back to the console, and that looks A-OK.

What else can I try?

Lonami commented 9 months ago

Sending the password twice should work. I haven't figured out yet why the first try fails.

haarts commented 9 months ago

Odd. But that sounds like a workaround.

Naively I tried just sending the password twice by adding:

                client
                    .check_password(password_token.clone(), password.trim())
                    .await?;

That doesn't work as it throws an error: SRP_ID_INVALID. Some Googling taught me that this is related to Secure Remote Password as used by Telegram. I guess that the password_token can't be cloned like that and that I need a new one for the second request.

I do observe that Telegram now thinks I have successfully logged in. But due to the error no state is persisted and thus I need to log in again when I run the example again.

Lonami commented 6 months ago

Bad password should've been fixed by #230.