dra-qris-api 1.0.0 → 1.0.4

package/README.md

@@ -0,0 +1,253 @@
+<div align="center">
+
+# DRA QRIS API
+
+## QRIS Dinamis Generator + Auto Payment Handler
+
+Library Node.js untuk membuat QRIS, membaca bukti transfer secara otomatis, dan memverifikasi pembayaran melalui API.
+
+---
+
+<p align="center">
+  <img src="https://img.shields.io/badge/dra--qris--api-v1.0.4-purple?logo=npm" alt="Version"/>
+  <img src="https://img.shields.io/badge/Node.js-16%2B-green?logo=node.js" alt="Node.js"/>
+  <img src="https://img.shields.io/badge/OCR-Tesseract-blue?logo=tesseract" alt="OCR"/>
+  <img src="https://img.shields.io/badge/API-Secure-orange?logo=shield" alt="Secure"/>
+</p>
+
+</div>
+
+---
+
+## ⚡ Fitur Utama
+
+- ⚡ Generate QRIS dinamis otomatis
+- 🔍 Membaca foto bukti transfer otomatis
+- 🤖 Auto Payment Handler untuk bot WhatsApp (untuk saat ini hanya pada bot WhatsApp)
+- 🔐 HMAC Signature SHA-256 untuk keamanan request
+- 🗂️ Sangat mudah diintegrasikan ke bot / server mana pun
+
+---
+
+## 🛠️ Instalasi
+
+```
+npm i dra-qris-api
+```
+
+## 📁 Struktur Fungsi
+
+Library ini menyediakan 4 fitur utama:
+
+<table>
+  <thead>
+    <tr>
+      <th>Fungsi</th>
+      <th>Keterangan</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td><code>createQris()</code></td>
+      <td>Membuat QRIS dan mengembalikan image buffer</td>
+    </tr>
+    <tr>
+      <td><code>submitProof()</code></td>
+      <td>Mengirim hasil OCR untuk verifikasi ke API</td>
+    </tr>
+    <tr>
+      <td><code>handlePaymentProof()</code></td>
+      <td>Handler otomatis untuk bukti transfer (gambar)</td>
+    </tr>
+    <tr>
+      <td><code>globalPending</code></td>
+      <td>Store transaksi yang sedang menunggu pembayaran</td>
+    </tr>
+  </tbody>
+</table>
+
+## 🧠 Arsitektur Singkat
+
+```mermaid
+flowchart TD
+  A["User Kirim Command Order"] --> B["createQris()"]
+  B --> C["Generate QRIS + ID"]
+  C --> D["Simpan ke globalPending"]
+  D --> E["User Kirim Bukti Transfer"]
+  E --> F["handlePaymentProof()"]
+  F --> G["OCR Tesseract"]
+  G --> H["submitProof()"]
+  H --> I{"Status Paid?"}
+  I -->|YES| J["Success Callback (bot handle)"]
+  I -->|NO| K["Reply: Pembayaran belum valid"]
+```
+
+## 🚀 Cara Penggunaan
+
+### 1. Import Function
+
+```js
+const {
+  createQris,
+  submitProof,
+  handlePaymentProof,
+  globalPending,
+} = require("dra-qris-api");
+```
+
+### 2. Generate QRIS
+
+```js
+const { id, buffer } = await createQris({
+  nominal: 15000,
+  merchantName: "NAMA MERCHANT",
+  qris: "STRING_QRIS",
+  apikey: "API_KEY", // Hubungi admin atau kunjungi https://api.denayrestapi.xyz untuk mendapatkan apikey
+});
+```
+
+Simpan transaksi:
+
+```js
+globalPending[userId] = {
+  id,
+  nominal: 15000,
+  merchantName: "NAMA MERCHANT",
+  description: "Pembelian Paket Premium",
+  meta: { type: "premium" },
+};
+```
+
+### 3. Handler Bukti Transfer
+
+```js
+if (m.message?.imageMessage) {
+  const result = await handlePaymentProof({
+    m,
+    NekonoidF,
+    reply,
+    botname: "MyBot",
+    apiKey: "API_KEY_KAMU", // Hubungi admin atau kunjungi https://api.denayrestapi.xyz untuk mendapatkan apikey
+  });
+
+  if (!result) return; // gambar biasa bukan bukti tf
+
+  if (result.status === "paid") {
+    await reply("🎉 Pembayaran berhasil diterima!");
+  }
+}
+```
+
+### 4. Struktur Return dari handlePaymentProof()
+
+```js
+{
+  status: "paid",
+  ocrAmount: 15000,
+  ocrText: "...hasil bukti transfer...",
+  pending: {
+    id: "...",
+    nominal: 15000,
+    merchantName: "NAMA MERCHANT",
+    description: "Pembelian Paket Premium",
+    meta: {...},
+  },
+  apiResult: {...}
+}
+```
+
+## 📦 Fitur: globalPending
+
+Contoh penyimpanan transaksi:
+
+```js
+globalPending["628xxx@s.whatsapp.net"] = {
+  id: "PAY123",
+  nominal: 20000,
+  description: "Topup Saldo",
+  meta: {
+    type: "topup",
+    amount: 20000,
+  },
+};
+```
+
+Menghapus transaksi:
+
+```js
+delete globalPending[m.sender];
+```
+
+## Implementasi Lengkap
+
+```js
+if (m.message?.imageMessage) {
+  const result = await handlePaymentProof({
+    m,
+    NekonoidF: conn,
+    reply: (txt) => conn.sendMessage(m.chat, { text: txt }),
+    botname: "BotDigital",
+    apiKey: "API_KEY", // Hubungi admin atau kunjungi https://api.denayrestapi.xyz untuk mendapatkan apikey
+  });
+
+  if (result?.status === "paid") {
+    if (result.pending.meta.product === "A") {
+      // kasih produk
+    }
+  }
+}
+
+switch (command) {
+  case "buy":
+    {
+      const basePrice = 20000;
+
+      // Kode unik untuk mencegah gambar palsu
+      const uniqueCode = Math.floor(Math.random() * 100); // 0 - 99
+      const nominal = basePrice + uniqueCode;
+
+      const { id, buffer } = await createQris({
+        nominal,
+        merchantName: "TOKO SAYA",
+        qris: "QRIS STRING",
+        apikey: "API_KEY", // Hubungi admin atau kunjungi https://api.denayrestapi.xyz untuk mendapatkan apikey
+      });
+
+      globalPending[m.sender] = {
+        id,
+        nominal,
+        description: "Pembelian Produk A",
+        meta: { product: "A", uniqueCode },
+      };
+
+      await conn.sendMessage(m.chat, {
+        image: Buffer.from(buffer),
+        caption: `💳 *Pembayaran Produk A*\nNominal: Rp${nominal}\n\nSilakan scan QRIS dan unggah bukti transfer.`,
+      });
+    }
+    break;
+}
+```
+
+## 🛡️ Keamanan
+
+- Semua request memakai HMAC-SHA256 signature
+- Timestamp + request-id otomatis
+
+## NOTE
+
+> Ini hanya menggunakan metode validasi pembayaran via bukti transfer, tidak melakukan pembayaran otomatis layaknya API QRIS langsung. Silahkan gunakan API QRIS langsung jika cara ini terbilang rumit, cara ini hanya sebagai alternatif.
+
+## 👨‍💻 Sosial Media Kreator
+
+<p align="center">
+  <a href="https://github.com/irukadevsindie">
+    <img src="https://img.shields.io/badge/GitHub-100000?style=for-the-badge&logo=github&logoColor=white"/>
+  </a>
+  <a href="https://t.me/irukaid">
+    <img src="https://img.shields.io/badge/Telegram-2CA5E0?style=for-the-badge&logo=telegram&logoColor=white"/>
+  </a>
+  <a href="https://instagram.com/irukadevs.id">
+    <img src="https://img.shields.io/badge/Instagram-E4405F?style=for-the-badge&logo=instagram&logoColor=white"/>
+  </a>
+</p>

package/index.js

@@ -1,90 +1,6 @@
-// file: denay-qris.js
-import axios from "axios";
-import crypto from "crypto";
+const createQris = require("./lib/createQris");
+const submitProof = require("./lib/submitProof");
+const globalPending = require("./lib/globalPending");
+const handlePaymentProof = require("./lib/handlePaymentProof");
 
-export async function createQris({
-  nominal,
-  merchantName,
-  qris,
-  returnMode = "image",
-  apikey,
-  requireSignature = true,
-}) {
-  const timestamp = Date.now().toString();
-  const requestId = crypto.randomBytes(16).toString("hex");
-
-  const requestBody = { nominal, merchantName, qris, returnMode, apikey };
-
-  const signature = requireSignature
-    ? crypto
-        .createHmac("sha256", apikey)
-        .update(JSON.stringify(requestBody) + timestamp)
-        .digest("hex")
-    : undefined;
-
-  const { data, headers } = await axios.post(
-    "https://api.denayrestapi.xyz/api/private/qris?op=create",
-    requestBody,
-    {
-      headers: {
-        "Content-Type": "application/json",
-        "x-api-key": apikey,
-        ...(signature && { "x-signature": signature }),
-        "x-timestamp": timestamp,
-        "x-request-id": requestId,
-      },
-      responseType: "arraybuffer",
-    }
-  );
-
-  const id = headers?.["x-payment-id"] || data.result?.id;
-
-  if (!id) throw new Error("Gagal membuat QRIS: ID pembayaran tidak tersedia.");
-
-  return { id, buffer: data };
-}
-
-export async function submitProof({
-  id,
-  ocrAmount,
-  ocrMerchantName,
-  ocrRawText,
-  reporter,
-  apikey,
-  requireSignature = true,
-}) {
-  const timestamp = Date.now().toString();
-  const requestId = crypto.randomBytes(16).toString("hex");
-
-  const requestBody = {
-    id,
-    ocrAmount,
-    ocrMerchantName,
-    ocrRawText,
-    reporter,
-    apikey,
-  };
-
-  const signature = requireSignature
-    ? crypto
-        .createHmac("sha256", apikey)
-        .update(JSON.stringify(requestBody) + timestamp)
-        .digest("hex")
-    : undefined;
-
-  const { data } = await axios.post(
-    "https://api.denayrestapi.xyz/api/private/qris?op=submit-proof",
-    requestBody,
-    {
-      headers: {
-        "Content-Type": "application/json",
-        "x-api-key": apikey,
-        ...(signature && { "x-signature": signature }),
-        "x-timestamp": timestamp,
-        "x-request-id": requestId,
-      },
-    }
-  );
-
-  return data;
-}
+module.exports = { createQris, submitProof, globalPending, handlePaymentProof };

package/lib/createQris.js

@@ -0,0 +1,46 @@
+import axios from "axios";
+import crypto from "crypto";
+
+async function createQris({
+  nominal,
+  merchantName,
+  qris,
+  returnMode = "image",
+  apikey,
+  requireSignature = true,
+}) {
+  const timestamp = Date.now().toString();
+  const requestId = crypto.randomBytes(16).toString("hex");
+
+  const requestBody = { nominal, merchantName, qris, returnMode, apikey };
+
+  const signature = requireSignature
+    ? crypto
+        .createHmac("sha256", apikey)
+        .update(JSON.stringify(requestBody) + timestamp)
+        .digest("hex")
+    : undefined;
+
+  const { data, headers } = await axios.post(
+    "https://api.denayrestapi.xyz/api/private/qris?op=create",
+    requestBody,
+    {
+      headers: {
+        "Content-Type": "application/json",
+        "x-api-key": apikey,
+        ...(signature && { "x-signature": signature }),
+        "x-timestamp": timestamp,
+        "x-request-id": requestId,
+      },
+      responseType: "arraybuffer",
+    }
+  );
+
+  const id = headers?.["x-payment-id"] || data.result?.id;
+
+  if (!id) throw new Error("Gagal membuat QRIS: ID pembayaran tidak tersedia.");
+
+  return { id, buffer: data };
+}
+
+module.exports = { createQris };

package/lib/globalPending.js

@@ -0,0 +1,3 @@
+const globalPending = Object.create(null);
+
+module.exports = globalPending;

package/lib/handlePaymentProof.js

@@ -0,0 +1,140 @@
+const fs = require("fs");
+const path = require("path");
+const sharp = require("sharp");
+const Tesseract = require("tesseract.js");
+const { submitProof } = require("./submitProof");
+const globalPending = require("./globalPending");
+
+/**
+ * Handle bukti transfer via gambar (QRIS / slip)
+ * Universal: tidak tahu ini buat panel/topup/dll.
+ *
+ * @param {Object} params
+ * @param {Object} params.m - message object (Baileys)
+ * @param {Object} params.conn - client WA (untuk download media)
+ * @param {Function} params.reply - fungsi reply(teks)
+ * @param {String} params.botname - nama bot / reporter
+ * @param {String} params.apiKey - API key dra-qris-api
+ * @param {String} [params.ocrLang="eng"] - bahasa OCR Tesseract
+ *
+ * @returns {Promise<null | {
+ *   status: string,
+ *   ocrAmount: number,
+ *   ocrText: string,
+ *   pending: any,
+ *   apiResult: any
+ * }>}
+ */
+async function handlePaymentProof({
+  m,
+  conn,
+  reply,
+  botname,
+  apiKey,
+  ocrLang = "eng",
+}) {
+  const pending = globalPending[m.sender];
+  if (!pending) return null;
+
+  const tempDir = path.join(process.cwd(), "temp");
+  if (!fs.existsSync(tempDir)) fs.mkdirSync(tempDir, { recursive: true });
+
+  let buffer;
+  let imgPath;
+
+  try {
+    buffer = await conn.downloadAndSaveMediaMessage(
+      m,
+      "buffer",
+      {},
+      { reuploadRequest: conn.waUploadToServer }
+    );
+
+    if (!buffer || buffer.length === 0) {
+      await reply(
+        "❌ Gagal download gambar. Pastikan file terkirim dengan benar."
+      );
+      return null;
+    }
+  } catch (err) {
+    await reply("❌ Gagal download gambar.");
+    return null;
+  }
+
+  imgPath = path.join(tempDir, `${Date.now()}.png`);
+  try {
+    await sharp(buffer).png().toFile(imgPath);
+  } catch (err) {
+    await reply("❌ Gagal memproses gambar, pastikan file valid.");
+    return null;
+  }
+
+  await reply("🔍 Membaca bukti transfer kamu...");
+
+  let text = "";
+  try {
+    const { data } = await Tesseract.recognize(imgPath, ocrLang);
+    text = data.text;
+  } catch (err) {
+    if (fs.existsSync(imgPath)) fs.unlinkSync(imgPath);
+    await reply("❌ Gagal membaca bukti transfer. Pastikan gambar jelas.");
+    return null;
+  }
+
+  const parseOcrAmount = (text) => {
+    const lines = text.split(/\r?\n/);
+    let amountLine = lines.find((l) => /nominal|jumlah total|total/i.test(l));
+    if (!amountLine) amountLine = text;
+
+    let cleaned = (amountLine.match(/[\d.,]+/g) || ["0"]).pop();
+    cleaned = cleaned.replace(/\./g, "").replace(/,/g, "");
+    return Number(cleaned) || 0;
+  };
+
+  const ocrAmount = parseOcrAmount(text);
+
+  try {
+    const apiResult = await submitProof({
+      id: pending.id,
+      ocrAmount,
+      ocrMerchantName: pending.merchantName,
+      ocrRawText: text,
+      reporter: botname,
+      apikey: apiKey,
+    });
+
+    const status = apiResult.result?.status || "unknown";
+
+    if (status === "paid") {
+      await reply(
+        `✅ Pembayaran untuk *${
+          pending.description || "transaksi kamu"
+        }* sebesar Rp${pending.nominal} terverifikasi.`
+      );
+
+      delete globalPending[m.sender];
+    } else {
+      await reply(
+        `⚠️ Pembayaran belum valid / belum masuk. Status: *${status}*`
+      );
+    }
+
+    if (imgPath && fs.existsSync(imgPath)) fs.unlinkSync(imgPath);
+
+    return {
+      status,
+      ocrAmount,
+      ocrText: text,
+      pending,
+      apiResult,
+    };
+  } catch (err) {
+    console.error("Error submitProof:", err);
+    await reply("❌ Gagal submit bukti, coba lagi nanti.");
+
+    if (imgPath && fs.existsSync(imgPath)) fs.unlinkSync(imgPath);
+    return null;
+  }
+}
+
+module.exports = { handlePaymentProof };

package/lib/submitProof.js

@@ -0,0 +1,49 @@
+import axios from "axios";
+import crypto from "crypto";
+
+async function submitProof({
+  id,
+  ocrAmount,
+  ocrMerchantName,
+  ocrRawText,
+  reporter,
+  apikey,
+  requireSignature = true,
+}) {
+  const timestamp = Date.now().toString();
+  const requestId = crypto.randomBytes(16).toString("hex");
+
+  const requestBody = {
+    id,
+    ocrAmount,
+    ocrMerchantName,
+    ocrRawText,
+    reporter,
+    apikey,
+  };
+
+  const signature = requireSignature
+    ? crypto
+        .createHmac("sha256", apikey)
+        .update(JSON.stringify(requestBody) + timestamp)
+        .digest("hex")
+    : undefined;
+
+  const { data } = await axios.post(
+    "https://api.denayrestapi.xyz/api/private/qris?op=submit-proof",
+    requestBody,
+    {
+      headers: {
+        "Content-Type": "application/json",
+        "x-api-key": apikey,
+        ...(signature && { "x-signature": signature }),
+        "x-timestamp": timestamp,
+        "x-request-id": requestId,
+      },
+    }
+  );
+
+  return data;
+}
+
+module.exports = { submitProof };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "dra-qris-api",
-  "version": "1.0.0",
-  "description": "Connector for QRIS API DenayRestAPI ",
+  "version": "1.0.4",
+  "description": "Connector and modules for QRIS API DenayRestAPI ",
   "main": "index.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
@@ -12,6 +12,7 @@
   "author": "IrukaIndieDevs",
   "dependencies": {
     "axios": "^1.12.2",
-    "crypto": "^1.0.1"
+    "crypto": "^1.0.1",
+    "tesseract.js": "^6.0.1"
   }
 }