#!/bin/bash
# Modified version, original source: https://gitlab.com/snippets/1871482#note_188602535

CACHE_DIR={{ notify_cache_directory | quote }}
USERID={{ recipient_id | quote }}
KEY={{ bot_key | quote }}

TIMEOUT={{ timeout | quote }}

URL="https://api.telegram.org/bot$KEY/sendMessage"
if [[ "$PAM_SERVICE" == "sshd" && "$PAM_TYPE" == "open_session" && "$PAM_USER" != "git" && -z "$TMUX" ]]; then
    IP="$PAM_RHOST"
    cache_file="$CACHE_DIR/$IP"
    cache_mtime=$(stat --format="%Y" "$cache_file")
    current_time=$(date +%s)
    touch "$cache_file"
    if (( cache_mtime > (current_time - 4*60*60) )); then
        exit 0
    fi
    HOSTNAME=$(hostname --fqdn)
    TEXT="Successful login from [$IP](https://ipinfo.io/$IP) for ${PAM_USER} @ ${HOSTNAME} ($(date "+%Y-%m-%d %H:%M"))"
    curl -s --max-time "$TIMEOUT" -d "chat_id=$USERID" -d "disable_web_page_preview=1" -d "parse_mode=Markdown" -d "text=$TEXT" "$URL" > /dev/null
fi