nodejs-insta-private-api-mqtt 1.1.10 → 1.2.10

package/dist/useMultiFileAuthState.js

@@ -5,15 +5,28 @@ const path = require('path');
 const { CookieJar } = require('tough-cookie');
 const util = require('util');
 const EventEmitter = require('events');
+const crypto = require('crypto');
 
 const FILE_NAMES = {
   creds: 'creds.json',
-  device: 'device.json', 
+  device: 'device.json',
   cookies: 'cookies.json',
   mqttSession: 'mqtt-session.json',
   subscriptions: 'subscriptions.json',
   seqIds: 'seq-ids.json',
-  appState: 'app-state.json'
+  appState: 'app-state.json',
+
+  // Newly added MQTT / realtime persistence files
+  irisState: 'iris-state.json',               // subscription / iris specific state
+  mqttTopics: 'mqtt-topics.json',             // observed topics
+  mqttCapabilities: 'mqtt-capabilities.json', // realtime capabilities per device/version
+  mqttAuth: 'mqtt-auth.json',                 // mqtt auth token / jwt (if available)
+  lastPublishIds: 'last-publish-ids.json',    // last published message ids / ack info
+
+  // Added utility files
+  loginHistory: 'login-history.json',
+  usageStats: 'usage-stats.json',
+  accountsIndex: 'accounts.json'
 };
 
 class MultiFileAuthState extends EventEmitter {
@@ -23,7 +36,12 @@ class MultiFileAuthState extends EventEmitter {
     this._saveDebounceTimer = null;
     this._saveDebounceMs = 500;
     this._dirty = new Set();
-    
+
+    // Auto-refresh fields
+    this._autoRefreshTimer = null;
+    this._autoRefreshIntervalMs = 5 * 60 * 1000; // default 5 minutes
+    this._autoRefreshClient = null;
+
     this.data = {
       creds: null,
       device: null,
@@ -31,20 +49,66 @@ class MultiFileAuthState extends EventEmitter {
       mqttSession: null,
       subscriptions: null,
       seqIds: null,
-      appState: null
+      appState: null,
+
+      // new
+      irisState: null,
+      mqttTopics: null,
+      mqttCapabilities: null,
+      mqttAuth: null,
+      lastPublishIds: null,
+
+      // utility
+      loginHistory: null,
+      usageStats: null,
+      accountsIndex: null
     };
+
+    // ensure folder structure
+    this._ensureFolder();
+    this._ensureBackupFolder();
   }
 
   _getFilePath(key) {
     return path.join(this.folder, FILE_NAMES[key]);
   }
 
+  _getBackupFolder() {
+    return path.join(this.folder, 'backup');
+  }
+
   _ensureFolder() {
     if (!fs.existsSync(this.folder)) {
       fs.mkdirSync(this.folder, { recursive: true, mode: 0o700 });
     }
   }
 
+  _ensureBackupFolder() {
+    const b = this._getBackupFolder();
+    if (!fs.existsSync(b)) {
+      fs.mkdirSync(b, { recursive: true, mode: 0o700 });
+    }
+  }
+
+  // create a timestamped backup of existing file (if present)
+  async _createBackup(key) {
+    try {
+      const filePath = this._getFilePath(key);
+      if (fs.existsSync(filePath)) {
+        const ts = new Date().toISOString().replace(/[:.]/g, '-');
+        const base = path.basename(filePath);
+        const dest = path.join(this._getBackupFolder(), `${base}.${ts}.bak`);
+        await fs.promises.copyFile(filePath, dest);
+        this.emit('backup-created', { key, file: dest });
+        return dest;
+      }
+    } catch (e) {
+      // ignore errors in backup process but log
+      console.warn('[MultiFileAuthState] Backup creation failed for', key, e.message);
+    }
+    return null;
+  }
+
   async _writeFileAtomic(filePath, data) {
     const tempPath = filePath + '.tmp';
     const jsonData = JSON.stringify(data, null, 2);
@@ -69,6 +133,8 @@ class MultiFileAuthState extends EventEmitter {
     this._ensureFolder();
     const filePath = this._getFilePath(key);
     try {
+      // create backup before overwriting existing file
+      await this._createBackup(key);
       await this._writeFileAtomic(filePath, data);
       return true;
     } catch (e) {
@@ -77,15 +143,52 @@ class MultiFileAuthState extends EventEmitter {
     }
   }
 
+  // restore the latest backup for a key (returns path of restored file or null)
+  async restoreLatestBackup(key) {
+    try {
+      const base = FILE_NAMES[key];
+      const bfolder = this._getBackupFolder();
+      if (!fs.existsSync(bfolder)) return null;
+      const files = await fs.promises.readdir(bfolder);
+      const matches = files.filter(f => f.startsWith(base + '.'));
+      if (!matches.length) return null;
+      // sort descending by timestamp embedded in filename
+      matches.sort().reverse();
+      const latest = matches[0];
+      const src = path.join(bfolder, latest);
+      const dest = this._getFilePath(key);
+      await fs.promises.copyFile(src, dest);
+      this.emit('backup-restored', { key, file: src });
+      // reload into memory
+      this.data[key] = await this._readFile(key);
+      return src;
+    } catch (e) {
+      console.warn('[MultiFileAuthState] restoreLatestBackup error:', e.message);
+      return null;
+    }
+  }
+
   async loadAll() {
     this._ensureFolder();
-    
+    this._ensureBackupFolder();
+
     const loadPromises = Object.keys(FILE_NAMES).map(async (key) => {
       this.data[key] = await this._readFile(key);
     });
-    
+
     await Promise.all(loadPromises);
-    
+
+    // ensure usageStats and loginHistory objects exist
+    if (!this.data.loginHistory) this.data.loginHistory = [];
+    if (!this.data.usageStats) this.data.usageStats = {
+      apiRequests: 0,
+      mqttMessages: 0,
+      errors: 0,
+      reconnects: 0,
+      lastReset: new Date().toISOString()
+    };
+    if (!this.data.accountsIndex) this.data.accountsIndex = {};
+
     return {
       creds: this.data.creds,
       device: this.data.device,
@@ -94,6 +197,14 @@ class MultiFileAuthState extends EventEmitter {
       subscriptions: this.data.subscriptions,
       seqIds: this.data.seqIds,
       appState: this.data.appState,
+      irisState: this.data.irisState,
+      mqttTopics: this.data.mqttTopics,
+      mqttCapabilities: this.data.mqttCapabilities,
+      mqttAuth: this.data.mqttAuth,
+      lastPublishIds: this.data.lastPublishIds,
+      loginHistory: this.data.loginHistory,
+      usageStats: this.data.usageStats,
+      accountsIndex: this.data.accountsIndex,
       hasSession: !!(this.data.creds && this.data.cookies)
     };
   }
@@ -104,6 +215,16 @@ class MultiFileAuthState extends EventEmitter {
         await this._writeFile(key, this.data[key]);
       }
     });
+    // also save usageStats and loginHistory explicitly
+    if (this.data.loginHistory) {
+      try { await this._writeFile('loginHistory', this.data.loginHistory); } catch (e) {}
+    }
+    if (this.data.usageStats) {
+      try { await this._writeFile('usageStats', this.data.usageStats); } catch (e) {}
+    }
+    if (this.data.accountsIndex) {
+      try { await this._writeFile('accountsIndex', this.data.accountsIndex); } catch (e) {}
+    }
     await Promise.all(savePromises);
   }
 
@@ -112,15 +233,27 @@ class MultiFileAuthState extends EventEmitter {
     if (this.data.creds) promises.push(this._writeFile('creds', this.data.creds));
     if (this.data.device) promises.push(this._writeFile('device', this.data.device));
     if (this.data.cookies) promises.push(this._writeFile('cookies', this.data.cookies));
+    // also persist loginHistory and usageStats after creds save
+    if (this.data.loginHistory) promises.push(this._writeFile('loginHistory', this.data.loginHistory));
+    if (this.data.usageStats) promises.push(this._writeFile('usageStats', this.data.usageStats));
     await Promise.all(promises);
     this.emit('creds-saved');
   }
 
   async saveMqttState() {
+    // Save base mqtt data
     const promises = [];
     if (this.data.mqttSession) promises.push(this._writeFile('mqttSession', this.data.mqttSession));
     if (this.data.subscriptions) promises.push(this._writeFile('subscriptions', this.data.subscriptions));
     if (this.data.seqIds) promises.push(this._writeFile('seqIds', this.data.seqIds));
+
+    // Save extended mqtt/realtime data (new files)
+    if (this.data.irisState) promises.push(this._writeFile('irisState', this.data.irisState));
+    if (this.data.mqttTopics) promises.push(this._writeFile('mqttTopics', this.data.mqttTopics));
+    if (this.data.mqttCapabilities) promises.push(this._writeFile('mqttCapabilities', this.data.mqttCapabilities));
+    if (this.data.mqttAuth) promises.push(this._writeFile('mqttAuth', this.data.mqttAuth));
+    if (this.data.lastPublishIds) promises.push(this._writeFile('lastPublishIds', this.data.lastPublishIds));
+
     await Promise.all(promises);
     this.emit('mqtt-state-saved');
   }
@@ -133,23 +266,35 @@ class MultiFileAuthState extends EventEmitter {
 
   _debouncedSave(keys) {
     keys.forEach(k => this._dirty.add(k));
-    
+
     if (this._saveDebounceTimer) {
       clearTimeout(this._saveDebounceTimer);
     }
-    
+
     this._saveDebounceTimer = setTimeout(async () => {
       const toSave = Array.from(this._dirty);
       this._dirty.clear();
-      
+
       for (const key of toSave) {
         if (this.data[key] !== null && this.data[key] !== undefined) {
-          await this._writeFile(key, this.data[key]);
+          try {
+            // ensure backup for critical files
+            if (['creds', 'cookies', 'device'].includes(key)) {
+              await this._createBackup(key);
+            }
+            await this._writeFile(key, this.data[key]);
+          } catch (e) {
+            console.error(`[MultiFileAuthState] Debounced write error for ${key}:`, e.message);
+            // increment usageStats.errors
+            try { this.incrementStat('errors'); } catch (e2) {}
+          }
         }
       }
+      this.emit('debounced-save-complete', toSave);
     }, this._saveDebounceMs);
   }
 
+  // --- Setters that schedule debounced saves ---
   setCreds(creds) {
     this.data.creds = creds;
     this._debouncedSave(['creds']);
@@ -185,6 +330,59 @@ class MultiFileAuthState extends EventEmitter {
     this._debouncedSave(['appState']);
   }
 
+  // --- New setters for additional MQTT files ---
+  setIrisState(irisState) {
+    this.data.irisState = irisState;
+    this._debouncedSave(['irisState']);
+  }
+
+  setMqttTopics(topics) {
+    this.data.mqttTopics = topics;
+    this._debouncedSave(['mqttTopics']);
+  }
+
+  setMqttCapabilities(capabilities) {
+    this.data.mqttCapabilities = capabilities;
+    this._debouncedSave(['mqttCapabilities']);
+  }
+
+  setMqttAuth(auth) {
+    this.data.mqttAuth = auth;
+    this._debouncedSave(['mqttAuth']);
+  }
+
+  setLastPublishIds(lastPublishIds) {
+    this.data.lastPublishIds = lastPublishIds;
+    this._debouncedSave(['lastPublishIds']);
+  }
+
+  // --- Utility setters ---
+  addLoginHistory(entry) {
+    if (!this.data.loginHistory) this.data.loginHistory = [];
+    this.data.loginHistory.unshift(entry);
+    // keep bounded history length
+    if (this.data.loginHistory.length > 200) this.data.loginHistory.length = 200;
+    this._debouncedSave(['loginHistory']);
+    this.emit('login-attempt', entry);
+  }
+
+  incrementStat(statName, by = 1) {
+    if (!this.data.usageStats) this.data.usageStats = {
+      apiRequests: 0,
+      mqttMessages: 0,
+      errors: 0,
+      reconnects: 0,
+      lastReset: new Date().toISOString()
+    };
+    if (typeof this.data.usageStats[statName] === 'number') {
+      this.data.usageStats[statName] += by;
+    } else {
+      this.data.usageStats[statName] = (this.data.usageStats[statName] || 0) + by;
+    }
+    this._debouncedSave(['usageStats']);
+  }
+
+  // --- Getters ---
   getCreds() { return this.data.creds; }
   getDevice() { return this.data.device; }
   getCookies() { return this.data.cookies; }
@@ -192,13 +390,24 @@ class MultiFileAuthState extends EventEmitter {
   getSubscriptions() { return this.data.subscriptions; }
   getSeqIds() { return this.data.seqIds; }
   getAppState() { return this.data.appState; }
+  getIrisState() { return this.data.irisState; }
+  getMqttTopics() { return this.data.mqttTopics; }
+  getMqttCapabilities() { return this.data.mqttCapabilities; }
+  getMqttAuth() { return this.data.mqttAuth; }
+  getLastPublishIds() { return this.data.lastPublishIds; }
+  getLoginHistory() { return this.data.loginHistory || []; }
+  getUsageStats() { return this.data.usageStats || {}; }
+  getAccountsIndex() { return this.data.accountsIndex || {}; }
 
   hasValidSession() {
     return !!(this.data.creds && this.data.cookies && this.data.creds.authorization);
   }
 
   hasMqttSession() {
-    return !!(this.data.mqttSession && this.data.mqttSession.sessionId);
+    return !!(
+      (this.data.mqttSession && this.data.mqttSession.sessionId) ||
+      (this.data.mqttAuth && this.data.mqttAuth.jwt)
+    );
   }
 
   async clearAll() {
@@ -211,10 +420,213 @@ class MultiFileAuthState extends EventEmitter {
       } catch (e) {}
       this.data[key] = null;
     }
+    // clear backups too? leave backups intact but emit event
+    this.emit('cleared-all');
+  }
+
+  // --- Backup utilities exposed ---
+  async listBackups() {
+    try {
+      const b = this._getBackupFolder();
+      if (!fs.existsSync(b)) return [];
+      const files = await fs.promises.readdir(b);
+      return files.map(f => path.join(b, f));
+    } catch (e) {
+      return [];
+    }
+  }
+
+  // --- Device fingerprint helpers ---
+  computeDeviceFingerprint(deviceObj) {
+    try {
+      const s = JSON.stringify(deviceObj || this.data.device || {});
+      return crypto.createHash('sha256').update(s).digest('hex');
+    } catch (e) {
+      return null;
+    }
+  }
+
+  // lock device fingerprint: saves hash into device.json (device.locked = true)
+  async lockDeviceFingerprint() {
+    try {
+      if (!this.data.device) this.data.device = {};
+      const hash = this.computeDeviceFingerprint(this.data.device);
+      this.data.device.fingerprintHash = hash;
+      this.data.device.locked = true;
+      await this._writeFile('device', this.data.device);
+      this.emit('device-locked', { fingerprintHash: hash });
+      return hash;
+    } catch (e) {
+      console.warn('[MultiFileAuthState] lockDeviceFingerprint failed:', e.message);
+      return null;
+    }
+  }
+
+  verifyDeviceFingerprint(deviceObj) {
+    try {
+      const stored = this.data.device?.fingerprintHash || null;
+      if (!stored) return true; // no lock present
+      const hash = this.computeDeviceFingerprint(deviceObj || this.data.device);
+      return stored === hash;
+    } catch (e) {
+      return false;
+    }
+  }
+
+  // --- Login history helpers ---
+  recordLoginAttempt({ success, ip, userAgent, method = 'password', reason = null }) {
+    const entry = {
+      date: new Date().toISOString(),
+      success: Boolean(success),
+      ip: ip || null,
+      userAgent: userAgent || null,
+      method,
+      reason
+    };
+    this.addLoginHistory(entry);
+    return entry;
+  }
+
+  // mark account restricted / checkpoint
+  markAccountRestricted({ status = 'checkpoint', reason = null }) {
+    if (!this.data.creds) this.data.creds = {};
+    this.data.creds.accountStatus = status;
+    this.data.creds.restrictedAt = new Date().toISOString();
+    this.data.creds.lastError = reason;
+    this._debouncedSave(['creds']);
+    this.emit('account-restricted', { status, reason });
+  }
+
+  // clear restriction
+  clearAccountRestriction() {
+    if (this.data.creds) {
+      delete this.data.creds.accountStatus;
+      delete this.data.creds.restrictedAt;
+      delete this.data.creds.lastError;
+      this._debouncedSave(['creds']);
+      this.emit('account-unrestricted');
+    }
+  }
+
+  // --- Health check ---
+  getHealth() {
+    return {
+      validSession: this.hasValidSession(),
+      hasCookies: !!this.data.cookies,
+      hasMqtt: this.hasMqttSession(),
+      lastLogin: (this.data.loginHistory && this.data.loginHistory[0]?.date) || null,
+      usageStats: this.getUsageStats(),
+      accountStatus: this.data.creds?.accountStatus || 'ok',
+      deviceLocked: !!this.data.device?.locked
+    };
+  }
+}
+
+// Helper: try to safely extract cookieJar serialization if exists
+async function trySerializeCookieJar(igState) {
+  let cookies = null;
+  try {
+    if (igState.cookieJar && typeof igState.serializeCookieJar === 'function') {
+      cookies = await igState.serializeCookieJar();
+    } else if (igState.cookieJar && typeof igState.cookieJar.serialize === 'function') {
+      // fallback: tough-cookie jar serialize
+      const ser = await util.promisify(igState.cookieJar.serialize).bind(igState.cookieJar)();
+      cookies = ser;
+    }
+  } catch (e) {
+    console.warn('[MultiFileAuthState] Could not serialize cookies:', e.message);
+  }
+  return cookies;
+}
+
+// Helper: try to read a cookie value from a tough-cookie Jar or equivalent
+async function getCookieValueFromJar(cookieJar, name) {
+  if (!cookieJar) return null;
+
+  // try getCookieString (tough-cookie)
+  try {
+    if (typeof cookieJar.getCookieString === 'function') {
+      const getCookieString = util.promisify(cookieJar.getCookieString).bind(cookieJar);
+      const urls = ['https://www.instagram.com', 'https://instagram.com', 'https://i.instagram.com'];
+      for (const url of urls) {
+        try {
+          const cookieString = await getCookieString(url);
+          if (cookieString && typeof cookieString === 'string') {
+            const pairs = cookieString.split(';').map(s => s.trim());
+            for (const p of pairs) {
+              const [k, ...rest] = p.split('=');
+              if (k === name) return rest.join('=');
+            }
+          }
+        } catch (e) {
+          // ignore and try next url
+        }
+      }
+    }
+  } catch (e) {
+    // ignore
+  }
+
+  // try getCookies which returns Cookie objects
+  try {
+    if (typeof cookieJar.getCookies === 'function') {
+      const getCookies = util.promisify(cookieJar.getCookies).bind(cookieJar);
+      const urls = ['https://www.instagram.com', 'https://instagram.com', 'https://i.instagram.com'];
+      for (const url of urls) {
+        try {
+          const cookies = await getCookies(url);
+          if (Array.isArray(cookies)) {
+            for (const c of cookies) {
+              // cookie object shapes vary: check common keys
+              const key = c.key ?? c.name ?? c.name;
+              const val = c.value ?? c.value ?? c.value;
+              if (key === name) return val;
+            }
+          }
+        } catch (e) {
+          // ignore and try next url
+        }
+      }
+    }
+  } catch (e) {
+    // ignore
+  }
+
+  // try serialized cookie jar structure if present
+  try {
+    if (cookieJar && typeof cookieJar === 'object' && cookieJar.cookies && Array.isArray(cookieJar.cookies)) {
+      const found = cookieJar.cookies.find(c => (c.key === name || c.name === name || c.name === name));
+      if (found) return found.value ?? found.value;
+    }
+  } catch (e) {
+    // ignore
   }
+
+  return null;
+}
+
+// Extract cookie-derived fields (sessionid, csrftoken, ds_user_id, mid)
+async function extractCookieFields(igState) {
+  const out = {
+    sessionIdCookie: null,
+    csrfTokenCookie: null,
+    dsUserIdCookie: null,
+    midCookie: null
+  };
+  try {
+    const cookieJar = igState.cookieJar;
+    out.sessionIdCookie = await getCookieValueFromJar(cookieJar, 'sessionid');
+    out.csrfTokenCookie = await getCookieValueFromJar(cookieJar, 'csrftoken');
+    out.dsUserIdCookie = await getCookieValueFromJar(cookieJar, 'ds_user_id') || await getCookieValueFromJar(cookieJar, 'ds_user');
+    out.midCookie = await getCookieValueFromJar(cookieJar, 'mid');
+  } catch (e) {
+    // ignore
+  }
+  return out;
 }
 
 async function extractStateData(igState) {
+  // Basic creds (existing)
   const creds = {
     authorization: igState.authorization || null,
     igWWWClaim: igState.igWWWClaim || null,
@@ -222,6 +634,7 @@ async function extractStateData(igState) {
     passwordEncryptionPubKey: igState.passwordEncryptionPubKey || null
   };
 
+  // Device remains same
   const device = {
     deviceString: igState.deviceString || null,
     deviceId: igState.deviceId || null,
@@ -231,15 +644,10 @@ async function extractStateData(igState) {
     build: igState.build || null
   };
 
-  let cookies = null;
-  try {
-    if (igState.cookieJar && typeof igState.serializeCookieJar === 'function') {
-      cookies = await igState.serializeCookieJar();
-    }
-  } catch (e) {
-    console.warn('[MultiFileAuthState] Could not serialize cookies:', e.message);
-  }
+  // Try to serialize cookies (kept separate)
+  const cookies = await trySerializeCookieJar(igState);
 
+  // App state remains same
   const appState = {
     language: igState.language || 'en_US',
     timezoneOffset: igState.timezoneOffset || null,
@@ -249,6 +657,62 @@ async function extractStateData(igState) {
     challenge: igState.challenge || null
   };
 
+  // --- NEW: richer creds fields derived from igState + cookies ---
+  // try to obtain cookie fields
+  const cookieFields = await extractCookieFields(igState);
+
+  // Primary identifiers
+  const userIdFromState = igState.cookieUserId || igState.userId || igState.user_id || null;
+  const dsUserIdFromCookies = cookieFields.dsUserIdCookie || igState.dsUserId || igState.ds_user_id || null;
+  const sessionIdFromCookies = cookieFields.sessionIdCookie || null;
+  const csrfFromCookies = cookieFields.csrfTokenCookie || null;
+  const midFromCookies = cookieFields.midCookie || igState.mid || null;
+
+  // username if exposed on state
+  const usernameFromState = igState.username || igState.userName || igState.user?.username || null;
+
+  // rankToken: if userId + uuid available, form `${userId}_${uuid}`
+  let rankToken = null;
+  try {
+    if (userIdFromState && (igState.uuid || device.uuid)) {
+      rankToken = `${userIdFromState}_${igState.uuid || device.uuid}`;
+    } else if (igState.rankToken) {
+      rankToken = igState.rankToken;
+    }
+  } catch (e) {
+    rankToken = igState.rankToken || null;
+  }
+
+  // sessionId and csrfToken - prefer cookies, fallback to state fields if present
+  const sessionId = sessionIdFromCookies || igState.sessionId || igState.sessionid || null;
+  const csrfToken = csrfFromCookies || igState.csrfToken || igState.csrftoken || null;
+
+  // mid fallback
+  const mid = midFromCookies || igState.mid || null;
+
+  // isLoggedIn heuristic: presence of sessionid cookie or an 'isLoggedIn' flag or authorization header
+  const isLoggedIn = Boolean(
+    sessionId ||
+    igState.isLoggedIn ||
+    (creds.authorization && creds.authorization.length)
+  );
+
+  // loginAt / lastValidatedAt: try to take from igState if present, otherwise null
+  const loginAt = igState.loginAt || igState.loggedInAt || null;
+  const lastValidatedAt = igState.lastValidatedAt || igState.lastValidated || null;
+
+  // Attach all new fields into creds object (non-destructive)
+  creds.userId = userIdFromState || dsUserIdFromCookies || creds.userId || null;
+  creds.dsUserId = dsUserIdFromCookies || null;
+  creds.username = usernameFromState || null;
+  creds.rankToken = rankToken;
+  creds.sessionId = sessionId;
+  creds.csrfToken = csrfToken;
+  creds.mid = mid;
+  creds.isLoggedIn = isLoggedIn;
+  creds.loginAt = loginAt;
+  creds.lastValidatedAt = lastValidatedAt;
+
   return { creds, device, cookies, appState };
 }
 
@@ -260,7 +724,25 @@ async function applyStateData(igState, authState) {
     if (creds.igWWWClaim) igState.igWWWClaim = creds.igWWWClaim;
     if (creds.passwordEncryptionKeyId) igState.passwordEncryptionKeyId = creds.passwordEncryptionKeyId;
     if (creds.passwordEncryptionPubKey) igState.passwordEncryptionPubKey = creds.passwordEncryptionPubKey;
-    igState.updateAuthorization();
+    // if igState provides a helper to update authorization, call it
+    if (typeof igState.updateAuthorization === 'function') {
+      try { igState.updateAuthorization(); } catch (e) {}
+    }
+
+    // apply new creds-derived fields if state supports them (non-intrusive)
+    try {
+      if (creds.userId && !igState.cookieUserId) igState.cookieUserId = creds.userId;
+      if (creds.username && !igState.username) igState.username = creds.username;
+      if (creds.rankToken && !igState.rankToken) igState.rankToken = creds.rankToken;
+      if (creds.sessionId && !igState.sessionId) igState.sessionId = creds.sessionId;
+      if (creds.csrfToken && !igState.csrfToken) igState.csrfToken = creds.csrfToken;
+      if (creds.mid && !igState.mid) igState.mid = creds.mid;
+      if (typeof creds.isLoggedIn !== 'undefined' && !igState.isLoggedIn) igState.isLoggedIn = creds.isLoggedIn;
+      if (creds.loginAt && !igState.loginAt) igState.loginAt = creds.loginAt;
+      if (creds.lastValidatedAt && !igState.lastValidatedAt) igState.lastValidatedAt = creds.lastValidatedAt;
+    } catch (e) {
+      // ignore if igState shape different
+    }
   }
 
   if (device) {
@@ -274,7 +756,15 @@ async function applyStateData(igState, authState) {
 
   if (cookies) {
     try {
-      await igState.deserializeCookieJar(cookies);
+      if (typeof igState.deserializeCookieJar === 'function') {
+        await igState.deserializeCookieJar(cookies);
+      } else if (igState.cookieJar && typeof igState.cookieJar.restore === 'function') {
+        // fallback restore
+        await util.promisify(igState.cookieJar.restore).bind(igState.cookieJar)(cookies);
+      } else if (igState.cookieJar && typeof igState.cookieJar._importCookies === 'function') {
+        // last-resort, not likely
+        try { igState.cookieJar._importCookies(cookies); } catch (e) {}
+      }
     } catch (e) {
       console.warn('[MultiFileAuthState] Could not deserialize cookies:', e.message);
     }
@@ -290,26 +780,46 @@ async function applyStateData(igState, authState) {
   }
 }
 
+// Main exported helper that wires MultiFileAuthState to your clients
 async function useMultiFileAuthState(folder) {
   const authState = new MultiFileAuthState(folder);
   await authState.loadAll();
 
+  // Helper: persist additional derived creds fields when saving creds
+  const enrichAndSaveCreds = async (igClientState) => {
+    const { creds, device, cookies, appState } = await extractStateData(igClientState);
+    // merge with existing creds non-destructive
+    authState.data.creds = Object.assign({}, authState.data.creds || {}, creds);
+    authState.data.device = Object.assign({}, authState.data.device || {}, device);
+    authState.data.cookies = cookies || authState.data.cookies;
+    authState.data.appState = Object.assign({}, authState.data.appState || {}, appState);
+    await authState.saveCreds();
+    await authState.saveAppState();
+  };
+
   const saveCreds = async (igClient) => {
     if (!igClient || !igClient.state) {
       console.warn('[useMultiFileAuthState] No igClient provided to saveCreds');
       return;
     }
 
-    const { creds, device, cookies, appState } = await extractStateData(igClient.state);
-    
-    authState.data.creds = creds;
-    authState.data.device = device;
-    authState.data.cookies = cookies;
-    authState.data.appState = appState;
-    
-    await authState.saveCreds();
-    await authState.saveAppState();
-    
+    // Use the enriched saver
+    await enrichAndSaveCreds(igClient.state);
+
+    // Also attempt to extract some cookie-derived fields for convenience
+    try {
+      const cookieFields = await extractCookieFields(igClient.state);
+      if (cookieFields.sessionIdCookie) {
+        if (!authState.data.creds) authState.data.creds = {};
+        authState.data.creds.sessionId = cookieFields.sessionIdCookie;
+      }
+      if (cookieFields.dsUserIdCookie) {
+        if (!authState.data.creds) authState.data.creds = {};
+        authState.data.creds.dsUserId = cookieFields.dsUserIdCookie;
+      }
+      authState._debouncedSave(['creds']);
+    } catch (e) {}
+
     console.log('[useMultiFileAuthState] Credentials saved to', folder);
   };
 
@@ -319,6 +829,7 @@ async function useMultiFileAuthState(folder) {
       return;
     }
 
+    // base mqtt session
     const mqttSession = {
       sessionId: null,
       mqttSessionId: null,
@@ -328,30 +839,92 @@ async function useMultiFileAuthState(folder) {
 
     try {
       if (realtimeClient.ig && realtimeClient.ig.state) {
-        mqttSession.userId = realtimeClient.ig.state.cookieUserId;
-        mqttSession.sessionId = realtimeClient.extractSessionIdFromJWT?.() || null;
+        mqttSession.userId = realtimeClient.ig.state.cookieUserId || realtimeClient.ig.state.userId || null;
+        // attempt to extract sessionId from JWT helper if available
+        mqttSession.sessionId = (typeof realtimeClient.extractSessionIdFromJWT === 'function') ? realtimeClient.extractSessionIdFromJWT() : null;
       }
       if (realtimeClient.connection) {
         mqttSession.mqttSessionId = realtimeClient.connection?.clientInfo?.clientMqttSessionId?.toString() || null;
       }
-    } catch (e) {}
+    } catch (e) {
+      // ignore
+    }
 
+    // subscriptions
     const subscriptions = {
       graphQlSubs: realtimeClient.initOptions?.graphQlSubs || [],
       skywalkerSubs: realtimeClient.initOptions?.skywalkerSubs || [],
       subscribedAt: new Date().toISOString()
     };
 
+    // seq ids (iris)
     const seqIds = {};
     if (realtimeClient.initOptions?.irisData) {
       seqIds.seq_id = realtimeClient.initOptions.irisData.seq_id || null;
       seqIds.snapshot_at_ms = realtimeClient.initOptions.irisData.snapshot_at_ms || null;
     }
 
+    // --- Extended MQTT / realtime info (new) ---
+    // irisState: things like subscription_id / device id / other iris metadata
+    const irisState = {};
+    try {
+      // try to glean from various possible places on realtimeClient
+      irisState.subscription_id = realtimeClient.initOptions?.irisData?.subscription_id || realtimeClient.iris?.subscriptionId || realtimeClient.irisState?.subscription_id || null;
+      irisState.user_id = realtimeClient.ig?.state?.cookieUserId || realtimeClient.ig?.state?.userId || irisState.user_id || null;
+      irisState.device_id = realtimeClient.connection?.clientInfo?.deviceId || realtimeClient.initOptions?.deviceId || null;
+      irisState.created_at = new Date().toISOString();
+    } catch (e) {}
+
+    // mqttTopics: topics observed/subscribed
+    const mqttTopics = {};
+    try {
+      mqttTopics.topics = realtimeClient.connection?.subscribedTopics || realtimeClient._subscribedTopics || realtimeClient.subscribedTopics || [];
+      mqttTopics.updatedAt = new Date().toISOString();
+    } catch (e) {
+      mqttTopics.topics = [];
+      mqttTopics.updatedAt = new Date().toISOString();
+    }
+
+    // mqttCapabilities: features supported / protocol version
+    const mqttCapabilities = {};
+    try {
+      mqttCapabilities.supportsTyping = Boolean(realtimeClient.initOptions?.supportsTyping ?? realtimeClient.capabilities?.supportsTyping);
+      mqttCapabilities.supportsReactions = Boolean(realtimeClient.initOptions?.supportsReactions ?? realtimeClient.capabilities?.supportsReactions);
+      mqttCapabilities.supportsVoice = Boolean(realtimeClient.initOptions?.supportsVoice ?? realtimeClient.capabilities?.supportsVoice);
+      mqttCapabilities.protocolVersion = realtimeClient.connection?.protocolVersion || realtimeClient.initOptions?.protocolVersion || null;
+      mqttCapabilities.collectedAt = new Date().toISOString();
+    } catch (e) {}
+
+    // mqttAuth: if realtimeClient keeps an auth token / jwt for mqtt, store (but be careful: short lived)
+    const mqttAuth = {};
+    try {
+      mqttAuth.jwt = realtimeClient.connection?.authToken || realtimeClient.mqttAuth?.jwt || realtimeClient.initOptions?.mqttJwt || null;
+      mqttAuth.expiresAt = realtimeClient.connection?.authExpiresAt || realtimeClient.mqttAuth?.expiresAt || null;
+      mqttAuth.collectedAt = new Date().toISOString();
+    } catch (e) {}
+
+    // lastPublishIds: tracking last message ids for reliable publish/acks
+    const lastPublishIds = {};
+    try {
+      lastPublishIds.lastMessageId = realtimeClient._lastMessageId || realtimeClient.lastMessageId || null;
+      lastPublishIds.lastAckedAt = realtimeClient._lastAckedAt || null;
+      lastPublishIds.collectedAt = new Date().toISOString();
+    } catch (e) {}
+
+    // Assign all into authState and persist
     authState.data.mqttSession = mqttSession;
     authState.data.subscriptions = subscriptions;
     authState.data.seqIds = seqIds;
 
+    authState.data.irisState = irisState;
+    authState.data.mqttTopics = mqttTopics;
+    authState.data.mqttCapabilities = mqttCapabilities;
+    authState.data.mqttAuth = mqttAuth;
+    authState.data.lastPublishIds = lastPublishIds;
+
+    // Increment stats
+    authState.incrementStat('mqttMessages');
+
     await authState.saveMqttState();
     console.log('[useMultiFileAuthState] MQTT session saved to', folder);
   };
@@ -379,6 +952,7 @@ async function useMultiFileAuthState(folder) {
 
     const subs = authState.getSubscriptions() || {};
     const seqIds = authState.getSeqIds() || {};
+    const mqttAuth = authState.getMqttAuth() || null;
 
     return {
       graphQlSubs: subs.graphQlSubs || ['ig_sub_direct', 'ig_sub_direct_v2_message_sync'],
@@ -386,7 +960,9 @@ async function useMultiFileAuthState(folder) {
       irisData: seqIds.seq_id ? {
         seq_id: seqIds.seq_id,
         snapshot_at_ms: seqIds.snapshot_at_ms
-      } : null
+      } : null,
+      mqttAuthToken: mqttAuth?.jwt || null,
+      mqttAuthExpiresAt: mqttAuth?.expiresAt || null
     };
   };
 
@@ -400,32 +976,182 @@ async function useMultiFileAuthState(folder) {
     if (!igClient) return true;
 
     try {
-      await igClient.account.currentUser();
+      // quick check by calling account/currentUser or equivalent
+      if (igClient.account && typeof igClient.account.currentUser === 'function') {
+        await igClient.account.currentUser();
+        return true;
+      }
+      // fallback assume valid if we have creds - up to caller to verify
       return true;
     } catch (e) {
       console.warn('[useMultiFileAuthState] Session validation failed:', e.message);
+      // emit session-expired if credentials appear invalid
+      authState.emit('session-expired', { reason: e.message });
       return false;
     }
   };
 
+  // --- Auto-refresh / revalidation helpers ---
+  const _autoRefreshCheck = async () => {
+    try {
+      if (!authState.data.creds) return;
+      // If creds indicate expiry timestamp, check it
+      const expiresAt = authState.data.creds.sessionExpiresAt ? new Date(authState.data.creds.sessionExpiresAt).getTime() : null;
+      if (expiresAt && Date.now() > expiresAt) {
+        authState.data.creds.isExpired = true;
+        authState._debouncedSave(['creds']);
+        authState.emit('session-expired', { reason: 'sessionExpiresAt' });
+      } else {
+        // if igClient provided, optionally validate remote
+        if (authState._autoRefreshClient) {
+          try {
+            const valid = await isSessionValid(authState._autoRefreshClient);
+            if (!valid) {
+              authState.emit('session-expired', { reason: 'remote-check' });
+            } else {
+              // update lastValidatedAt
+              if (!authState.data.creds) authState.data.creds = {};
+              authState.data.creds.lastValidatedAt = new Date().toISOString();
+              authState._debouncedSave(['creds']);
+            }
+          } catch (e) {}
+        }
+      }
+    } catch (e) {
+      // ignore
+    }
+  };
+
+  const enableAutoRefresh = (igClient, intervalMs = 5 * 60 * 1000) => {
+    // igClient optional: if provided, will be used to do remote validation
+    try {
+      disableAutoRefresh();
+      authState._autoRefreshClient = igClient || null;
+      authState._autoRefreshIntervalMs = intervalMs;
+      authState._autoRefreshTimer = setInterval(_autoRefreshCheck, intervalMs);
+      // run immediately once
+      _autoRefreshCheck();
+      authState.emit('auto-refresh-enabled', { intervalMs });
+    } catch (e) {
+      console.warn('[useMultiFileAuthState] enableAutoRefresh error:', e.message);
+    }
+  };
+
+  const disableAutoRefresh = () => {
+    try {
+      if (authState._autoRefreshTimer) {
+        clearInterval(authState._autoRefreshTimer);
+        authState._autoRefreshTimer = null;
+        authState._autoRefreshClient = null;
+        authState.emit('auto-refresh-disabled');
+      }
+    } catch (e) {}
+  };
+
+  // --- Login history / audit helpers ---
+  const recordLoginAttempt = async ({ success, ip = null, userAgent = null, method = 'password', reason = null }) => {
+    const entry = authState.recordLoginAttempt({ success, ip, userAgent, method, reason });
+    // return entry for caller
+    return entry;
+  };
+
+  // --- Account restriction helpers ---
+  const markAccountRestricted = ({ status = 'checkpoint', reason = null }) => {
+    authState.markAccountRestricted({ status, reason });
+  };
+
+  const clearAccountRestriction = () => {
+    authState.clearAccountRestriction();
+  };
+
+  // --- Usage stats helpers ---
+  const incrementStat = (statName, by = 1) => {
+    authState.incrementStat(statName, by);
+  };
+
+  // --- Backup / restore helpers exposed ---
+  const restoreLatestBackup = async (key) => {
+    return await authState.restoreLatestBackup(key);
+  };
+
+  // --- Device fingerprinting ---
+  const lockDeviceFingerprint = async () => {
+    return await authState.lockDeviceFingerprint();
+  };
+
+  const verifyDeviceFingerprint = (deviceObj) => {
+    return authState.verifyDeviceFingerprint(deviceObj);
+  };
+
+  // --- Accounts manager ---
+  const registerAccount = async (name, folderPath) => {
+    if (!authState.data.accountsIndex) authState.data.accountsIndex = {};
+    authState.data.accountsIndex[name] = folderPath;
+    await authState._writeFile('accountsIndex', authState.data.accountsIndex);
+    authState.emit('account-registered', { name, folderPath });
+    return authState.data.accountsIndex;
+  };
+
+  const listAccounts = () => {
+    return authState.getAccountsIndex();
+  };
+
+  // --- Health check ---
+  const getHealth = () => {
+    return authState.getHealth();
+  };
+
+  // --- Misc helpers: loginHistory & usageStats getters ---
+  const getLoginHistory = () => authState.getLoginHistory();
+  const getUsageStats = () => authState.getUsageStats();
+
   return {
     state: authState,
-    
+
     saveCreds,
     loadCreds,
-    
+
     saveMqttSession,
     getMqttConnectOptions,
-    
+
     clearSession,
     isSessionValid,
 
     hasSession: () => authState.hasValidSession(),
     hasMqttSession: () => authState.hasMqttSession(),
-    
+
     folder,
-    
-    getData: () => authState.data
+
+    // pass-through for convenience
+    getData: () => authState.data,
+
+    // convenience setters/getters for the new data
+    setIrisState: (s) => authState.setIrisState(s),
+    setMqttTopics: (t) => authState.setMqttTopics(t),
+    setMqttCapabilities: (c) => authState.setMqttCapabilities(c),
+    setMqttAuth: (a) => authState.setMqttAuth(a),
+    setLastPublishIds: (p) => authState.setLastPublishIds(p),
+    getIrisState: () => authState.getIrisState(),
+    getMqttTopics: () => authState.getMqttTopics(),
+    getMqttCapabilities: () => authState.getMqttCapabilities(),
+    getMqttAuth: () => authState.getMqttAuth(),
+    getLastPublishIds: () => authState.getLastPublishIds(),
+
+    // new utilities
+    enableAutoRefresh,
+    disableAutoRefresh,
+    recordLoginAttempt,
+    getLoginHistory,
+    markAccountRestricted,
+    clearAccountRestriction,
+    incrementStat,
+    getUsageStats,
+    restoreLatestBackup,
+    lockDeviceFingerprint,
+    verifyDeviceFingerprint,
+    registerAccount,
+    listAccounts,
+    getHealth
   };
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodejs-insta-private-api-mqtt",
-  "version": "1.1.10",
+  "version": "1.2.10",
   "description": "Complete Instagram MQTT protocol with FULL iOS + Android support. 33 device presets (21 iOS + 12 Android). iPhone 16/15/14/13/12, iPad Pro, Samsung, Pixel, Huawei. Real-time DM messaging, view-once media extraction, sub-500ms latency.",
   "main": "dist/index.js",
   "scripts": {