Closed karb0f0s closed 2 months ago
Some people start reproaching ASP.NET dependencies on our main library https://github.com/TelegramBots/book/issues/112
So I put this issue on hold as we might move all ASP.NET related code in a separate package in the future
Why make things complex when it can be solved by adding a single line in the controller:
[HttpPost]
public async Task<IActionResult> Post([FromBody] Update update)
{
if (Request.Headers["X-Telegram-Bot-Api-Secret-Token"] != SecretToken) return Forbid();
// handle the update
}
We can ship middleware/extension method to validate
secret_token
in ASP.NET Core applications.