How do I get authentication in a telegram bot?

Update: I created a GitHub repository with a very simple PHP application to illustrate the concept explained below:

https://github.com/pevdh/telegram-auth-example

Whether you use a webhook or not is irrelevant.The "deep linking" explained:

1. Let the user log in on an actual website with actual username-password authentication.
2. Generate a unique hashcode (we will call it unique_code)
3. Save unique_code->username to a database or key-value storage.
4. Show the user the URL https://telegram.me/YOURBOTNAME?start=unique_code
5. Now as soon as the user opens this URL in Telegram and presses 'Start', your bot will receive a text message containing '/start unique_code', where unique_code is of course replaced by the actual hashcode.
6. Let the bot retrieve the username by querying the database or key-value storage for unique_code.
7. Save chat_id->username to a database or key-value storage.

Now when your bot receives another message, it can query message.chat.id in the database to check if the message is from this specific user. (And handle accordingly)

Some code (using pyTelegramBotAPI):

import telebotimport timebot = telebot.TeleBot('TOKEN')def extract_unique_code(text):    # Extracts the unique_code from the sent /start command.    return text.split()[1] if len(text.split()) > 1 else Nonedef in_storage(unique_code):     # Should check if a unique code exists in storage    return Truedef get_username_from_storage(unique_code):     # Does a query to the storage, retrieving the associated username    # Should be replaced by a real database-lookup.    return "ABC" if in_storage(unique_code) else Nonedef save_chat_id(chat_id, username):    # Save the chat_id->username to storage    # Should be replaced by a real database query.    pass@bot.message_handler(commands=['start'])def send_welcome(message):    unique_code = extract_unique_code(message.text)    if unique_code: # if the '/start' command contains a unique_code        username = get_username_from_storage(unique_code)        if username: # if the username exists in our database            save_chat_id(message.chat.id, username)            reply = "Hello {0}, how are you?".format(username)        else:            reply = "I have no clue who you are..."    else:        reply = "Please visit me via a provided URL from the website."    bot.reply_to(message, reply)bot.polling()while True:    time.sleep(0)

Note: the unique_code will not be shown as '/start unique_code', only '/start', in the Telegram client, but your bot will still receive '/start unique_code'.

As of February 2018 you can use Telegram Login Widget to authorize people on your website through Telegram.

I have just implemented an authentication solution using deep linking for Django.

This solution generates authentication tokens to associate Telegram chats and Django users. When some telegram user wants to access to restricted area it receives a telegram message with a link to login into the web. One logged web site provides a link to start a new authenticated chat using deep linking.

Also there is a demo for a polls example which only the logged in user can't vote through a telegram.