Package-Level Type Names (total 21, in which 16 are exported)
/* sort exporteds by: | */
Client implements Telegram authentication.api*tg.ClientappHashstringappIDintrandio.Reader AcceptTOS accepts version of Terms Of Service. Bot performs bot authentication request. CancelPasswordReset cancels password reset.
See https://core.telegram.org/api/srp#password-reset. CheckRecoveryPassword checks whether the recovery code sent to the recovery
email (see RequestPasswordRecovery) is valid, without resetting the password.
See https://core.telegram.org/method/auth.checkRecoveryPassword. IfNecessary runs given auth flow if current session is not authorized. Password performs login via secure remote password (aka 2FA).
Method can be called after SignIn to provide password if requested.
Note that the password is passed as a string, which cannot be reliably
zeroed from memory; use PasswordWith to provide it from protected memory. PasswordWith performs login via secure remote password (aka 2FA), computing
the SRP answer via hash so the password never has to be passed as a string.
Method can be called after SignIn to provide password if requested. RecoverPassword resets the 2FA password using the recovery code sent to the
recovery email (see RequestPasswordRecovery) and logs in.
If opts.NewPassword is set, it becomes the new 2FA password, otherwise the
password is removed.
See https://core.telegram.org/method/auth.recoverPassword. RequestPasswordRecovery requests a recovery code to be sent to the recovery
email set up for the 2FA password and returns the pattern of that email.
The returned code is used by RecoverPassword and CheckRecoveryPassword.
See https://core.telegram.org/method/auth.requestPasswordRecovery.(*Client) ResendCode(ctx context.Context, phone string, hash string) (tg.AuthSentCodeClass, error) ResetPassword resets cloud password and returns time to wait until reset be performed.
If time is zero, password was successfully reset.
May return ResetFailedWaitError.
See https://core.telegram.org/api/srp#password-reset. SendCode requests code for provided phone number, returning code hash
and error if any. Use AuthFlow to reduce boilerplate.
This method should be called first in user authentication flow. SignIn performs sign in with provided user phone, code and code hash.
If ErrPasswordAuthNeeded is returned, call Password to provide 2FA
password.
To obtain codeHash, use SendCode. SignUp registers a validated phone number in the system.
To obtain codeHash, use SendCode.
Use AuthFlow helper to handle authentication flow. Status gets authorization status of client. Test creates and runs auth flow using Test authenticator
if current session is not authorized. TestUser creates and runs auth flow using TestUser authenticator
if current session is not authorized. UpdatePassword sets new cloud password for this account.
See https://core.telegram.org/api/srp#setting-a-new-2fa-password. self returns current user.
You can use tg.User.Bot to check whether current user is bot.
*Client : FlowClient
func NewClient(api *tg.Client, rand io.Reader, appID int, appHash string) *Client
func github.com/gotd/td/telegram.(*Client).Auth() *Client
PasswordHashFunc computes the SRP answer from the account's password
parameters (as returned by account.getPassword).
It lets callers keep the plaintext password out of a Go string — which
cannot be reliably zeroed (see #755) — for example in locked memory, and
turn it into an answer on demand. See the telegram/auth/srpguard subpackage
for a memguard-backed implementation.
func PasswordHashFor(password []byte) PasswordHashFunc
func (*Client).PasswordWith(ctx context.Context, hash PasswordHashFunc) (*tg.AuthAuthorization, error)
PasswordHashProvider is an optional UserAuthenticator extension. When an
authenticator implements it, Flow obtains the 2FA SRP answer via PasswordHash
instead of Password, so the plaintext password can stay in protected memory
(see #755 and the telegram/auth/srpguard subpackage).( PasswordHashProvider) PasswordHash(ctx context.Context, p *tg.AccountPassword) (*tg.InputCheckPasswordSRP, error)
RecoverPasswordOptions is options structure for RecoverPassword. Code is the recovery code received via the recovery email.
Use RequestPasswordRecovery to send a recovery code to the email. Hint is the new password hint.
Used only if NewPassword is not empty. NewPassword, if not empty, sets a new 2FA password after recovery.
If empty, the 2FA password is removed.
func (*Client).RecoverPassword(ctx context.Context, opts RecoverPasswordOptions) (*tg.AuthAuthorization, error)
ResetFailedWaitError reports that you recently requested a password reset that was cancel and need to wait until the
specified date before requesting another reset.Resulttg.AccountResetPasswordFailedWait Error implements error. Until returns time required to wait.
*ResetFailedWaitError : error
SendCodeOptions defines how to send auth code to user. If a token that will be included in eventually sent SMSs is required:
required in newer versions of android, to use the android SMS receiver APIs. AllowFlashCall allows phone verification via phone calls. Pass true if the phone number is used on the current device.
Ignored if AllowFlashCall is not set.
func NewFlow(auth UserAuthenticator, opt SendCodeOptions) Flow
func (*Client).SendCode(ctx context.Context, phone string, options SendCodeOptions) (tg.AuthSentCodeClass, error)
func FlowClient.SendCode(ctx context.Context, phone string, options SendCodeOptions) (tg.AuthSentCodeClass, error)
Status represents authorization status. Authorized is true if client is authorized. User is current User object.
func (*Client).Status(ctx context.Context) (*Status, error)
UpdatePasswordOptions is options structure for UpdatePassword. Hint is new password hint. Password is password callback.
If password was requested and Password is nil, ErrPasswordNotProvided error will be returned.
func (*Client).UpdatePassword(ctx context.Context, newPassword string, opts UpdatePasswordOptions) error
Package-Level Functions (total 13, in which 12 are exported)
CodeOnly creates UserAuthenticator with constant phone and no password.
Constant creates UserAuthenticator with constant phone and password.
Env creates UserAuthenticator which gets phone and password from environment variables.
IsKeyUnregistered reports whether err is AUTH_KEY_UNREGISTERED error.
Deprecated: use IsUnauthorized.
IsUnauthorized reports whether err is 401 UNAUTHORIZED.
https://core.telegram.org/api/errors#401-unauthorized
NewClient initializes and returns Telegram authentication client.
NewFlow initializes new authentication flow.
NewPasswordHash computes new password hash to update password.
Notice that NewPasswordHash mutates given alg.
See https://core.telegram.org/api/srp#setting-a-new-2fa-password.
PasswordHash computes password hash to log in.
See https://core.telegram.org/api/srp#checking-the-password-with-srp.
PasswordHashFor returns a PasswordHashFunc that hashes the given password.
It is the string-based default used by Password; prefer a secret-memory
implementation (e.g. telegram/auth/srpguard) when handling sensitive input.
Test returns UserAuthenticator that authenticates via testing credentials.
Can be used only with testing server. Will perform sign up if test user is
not registered.
NB: as of 2026, Telegram no longer auto-provisions accounts for randomly
generated 99966X test phone numbers — sign in fails with PHONE_CODE_INVALID.
You now need a real, pre-registered test account (use TestUser with its
phone); see https://core.telegram.org/api/auth#test-accounts.
TestUser returns UserAuthenticator that authenticates via testing credentials.
Uses given phone to sign in/sign up.
Can be used only with testing server. Will perform sign up if test user is
not registered.
checkResult checks that `a` is *tg.AuthAuthorization and returns authorization result or error.
Package-Level Variables (total 4, in which 3 are exported)
ErrPasswordAuthNeeded means that 2FA auth is required.
Call Client.Password to provide 2FA password.
ErrPasswordInvalid means that password provided to Password is invalid.
Note that telegram does not trim whitespace characters by default, check
that provided password is expected and clean whitespaces if needed.
You can use strings.TrimSpace(password) for this.
ErrPasswordNotProvided means that password requested by Telegram,
but not provided by user.
The pages are generated with Goldsv0.8.4. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds.
