npm - scripter-x - Versions diffs - 1.0.2 → 1.0.7 - Mend

scripter-x 1.0.2 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/src/ui/fullscreen.js CHANGED Viewed

@@ -32,6 +32,9 @@ export function FullScreen({ children }) {
 }
 // enterAltScreen / leaveAltScreen — call around render(). Returns a cleanup fn.
+// CRITICAL: restore() must ALSO disable mouse tracking — otherwise on any abrupt exit the
+// shell is left with mouse mode on and spews `35;91;28M…` coordinate codes on every move.
+// We register restore on exit + the kill signals so it runs no matter how we leave.
 export function enterAltScreen() {
   process.stdout.write('\x1b[?1049h'); // switch to alternate buffer
   process.stdout.write('\x1b[2J\x1b[H'); // clear + home
@@ -40,9 +43,14 @@ export function enterAltScreen() {
   const restore = () => {
     if (restored) return;
     restored = true;
-    process.stdout.write('\x1b[?25h');   // show cursor
-    process.stdout.write('\x1b[?1049l');  // back to normal buffer (history intact)
+    try {
+      process.stdout.write('\x1b[?1000l\x1b[?1003l\x1b[?1006l'); // disable ALL mouse modes
+      process.stdout.write('\x1b[?25h');    // show cursor
+      process.stdout.write('\x1b[?1049l');   // back to normal buffer (history intact)
+    } catch { /* */ }
   };
   process.on('exit', restore);
+  process.on('SIGTERM', () => { restore(); process.exit(0); });
+  process.on('SIGHUP', () => { restore(); process.exit(0); });
   return restore;
 }

package/src/worker.js CHANGED Viewed

@@ -3,6 +3,8 @@
 //   goal = N JSONs, 4× attempt cap; refund rule (charge only if SMS arrived);
 //   OTP timing + wrong-OTP resend; every result pushed to the server (ingest).
 import { FlipkartLogin, WrongOTP, BlockedError, TransientError } from './flipkart.js';
+import { CampaignLogger } from './logger.js';
+import * as kuku from './providers/kuku.js';
 const OTP_RESEND_AFTER = 60_000;
 const OTPCART_DEADLINE = 120_000;
@@ -17,7 +19,7 @@ const ATTEMPT_CAP_MULT = 4;
 const sleep = (ms) => new Promise((r) => setTimeout(r, ms));
 export class Worker {
-  constructor(api, provider, { campaignId, requested, concurrency, checkMinutes, onEvent, onFailure }) {
+  constructor(api, provider, { campaignId, requested, concurrency, checkMinutes, onEvent, onFailure, name, emailMode, kukuAccount }) {
     this.api = api;
     this.provider = provider;
     this.cid = campaignId;
@@ -27,12 +29,19 @@ export class Worker {
     this.onEvent = onEvent || (() => {});
     // onFailure({mobile, reason}) → Promise<boolean>: true = keep going, false = stop campaign.
     this.onFailure = onFailure || null;
+    this.emailMode = !!emailMode;       // also attach a newaddr.com email to each account
+    this.kukuAccount = kukuAccount || null; // ONE shared premium kuku account for all emails
+    this._kukuLock = Promise.resolve();  // serialize email generation (one premium account)
     this.stats = { total: requested, succeeded: 0, failed: 0, cancelled: 0, generated: 0, attempts: 0, charges: 0 };
     this.slots = {};
     this.seq = 0;
     this.stopped = false;
+    this.logger = new CampaignLogger({ campaignId, name: name || campaignId, provider: provider.name });
   }
+  // append one line to the campaign log file (clean, timestamped)
+  log(line) { try { this.logger.write(line); } catch { /* */ } }
   stop() { this.stopped = true; }
   _nextSeq() { return ++this.seq; }
@@ -61,14 +70,21 @@ export class Worker {
         fail_reason: res.detail || '', session: res.session,
         minutes_checked: !!res.minutes_checked, coupon_eligible: res.coupon_eligible ?? undefined,
         has_minutes_order: res.has_minutes_order ?? undefined,
+        linked_email: res.linked_email ?? undefined,
+        email_linked: res.email_linked ?? undefined,
+        email_reason: res.email_reason ?? undefined,
       });
     } catch (e) { this.onEvent('warn', `ingest failed: ${e.message}`); }
   }
   async run() {
     await this.api.markRunning(this.cid);
+    this.log(`campaign started — goal ${this.requested} JSONs, concurrency ${this.concurrency}`);
     const loops = Array.from({ length: this.concurrency }, (_, i) => this._loop(i + 1));
     await Promise.all(loops);
+    // Wait for any in-flight background releases to finish BEFORE we report done, so the
+    // log + summary reflect that every rented number was actually cancelled.
+    await this._drainReleases();
     const status = this.stopped ? 'cancelled' : 'completed';
     const s = this.stats;
     try {
@@ -77,10 +93,20 @@ export class Worker {
         numbers_generated: s.generated, attempts: s.attempts, charges: s.charges, status,
       });
     } catch (e) { this.onEvent('warn', `finish failed: ${e.message}`); }
+    try { this.logger.summary(s); } catch { /* */ }
+    this.logPath = this.logger.path;
     this.onEvent('done', s);
     return s;
   }
+  // track + await background number-cancel goroutines so the campaign doesn't "finish"
+  // while a number is still being released (which would risk a charge leak going unlogged).
+  async _drainReleases() {
+    if (!this._releases || !this._releases.length) return;
+    this.log(`waiting for ${this._releases.length} pending number cancellation(s)…`);
+    await Promise.allSettled(this._releases);
+  }
   async _loop(slot) {
     for (;;) {
       if (this._claim() === 0) return;
@@ -99,45 +125,65 @@ export class Worker {
     const rentedAt = Date.now();
     res.mobile = number.mobile;
     this._emit(slot, { mobile: number.mobile, phase: 'rented', detail: 'got a number' });
+    this.log(`rented ${number.mobile} (txn ${number.txn}, cost ₹${number.cost})`);
     const smsArrived = { v: false };
     const fk = new FlipkartLogin();
     let stream = null;
+    let released = false; // GUARANTEE: a rented number is released exactly once, no leak
+    // releaseOnce — the single chokepoint that schedules the provider cancel. Called from
+    // every terminal path (fail, success, error). Without this a blocked/errored number
+    // could stay rented → we'd be charged.
+    const releaseOnce = () => {
+      if (released) return;
+      released = true;
+      this._emit(slot, { phase: 'cancelling', detail: 'releasing number' });
+      this._release(number, rentedAt);
+    };
     const fail = (detail) => {
       const charged = smsArrived.v;
       res.status = charged ? 'failed' : 'cancelled';
       res.cost = charged ? number.cost : 0;
       res.detail = detail;
-      this._emit(slot, { phase: 'cancelling', detail: 'releasing number' });
-      this._release(number, rentedAt);
+      this.log(`FAILED ${number.mobile}: ${detail} (charged: ${charged})`);
+      releaseOnce();
       return res;
     };
     try {
       this._emit(slot, { phase: 'ws', detail: 'opening OTP channel' });
       stream = this.provider.startOtp(number);
+      // WAIT for the OTP channel to be OPEN before triggering the SMS — otherwise the OTP
+      // push can arrive before the WS is listening and be lost (the "purchased but no OTP"
+      // bug). OTPCart streams expose ready(); TempOTP (HTTP poll) has no ready() → skip.
+      if (typeof stream.ready === 'function') await stream.ready();
+      // 1. SEND — retry 3× on transient (529/throttle/network) with a 2s gap.
       this._emit(slot, { phase: 'send_otp', detail: 'sending OTP' });
-      try { await fk.sendOtp(number.mobile); }
-      catch (e) { return fail(`send: ${e.message}`); }
+      const sent = await this._fkRetry(slot, 'send OTP', () => fk.sendOtp(number.mobile), number);
+      if (!sent.ok) {
+        if (sent.stop) { this.stopped = true; return fail(`send blocked: ${sent.error}`); }
+        return fail(`send: ${sent.error}`);
+      }
+      // 2. AWAIT OTP
       const deadline = this.provider.name === 'tempotp' ? TEMPOTP_DEADLINE : OTPCART_DEADLINE;
       const doResend = this.provider.name === 'otpcart';
       const otp = await this._awaitOtp(slot, stream, fk, number, deadline, doResend, smsArrived);
       if (!otp) return fail(`no OTP within ${deadline / 1000}s — abandoned`);
+      // 3. VERIFY (already retries transients internally via _verify; re-verify on blockage)
       this._emit(slot, { phase: 'verify', detail: 'verifying OTP' });
       const { session, error: verifyErr } = await this._verify(slot, fk, stream, number, otp, smsArrived);
       if (!session) {
-        // surface the REAL Flipkart reason, and (since the OTP SMS was delivered) charge it.
         const failed = fail(verifyErr || 'verify failed');
-        // ask the user whether to keep going after a failure (one prompt at a time)
         if (this.onFailure && !this.stopped && !this._asking) {
           this._asking = true;
           try {
             const cont = await this.onFailure({ mobile: number.mobile, reason: verifyErr || 'verify failed' });
-            if (!cont) this.stopped = true; // stop the whole campaign
+            if (!cont) this.stopped = true;
           } finally { this._asking = false; }
         }
         return failed;
@@ -151,16 +197,119 @@ export class Worker {
         } catch { /* non-fatal */ }
       }
+      // 5. EMAIL LINK (optional) — keep the SAME number's OTP stream alive: FK-6 triggers a
+      // 2nd phone OTP that arrives on `stream`, plus an email OTP from kuku. Partial-success:
+      // if linking fails, the JSON is STILL a success (email_linked=false + reason).
+      if (this.emailMode) {
+        try {
+          const linked = await this._linkEmail(slot, fk, stream, number, session, smsArrived);
+          if (linked.email) {
+            session.email = linked.email;
+            session.emailVerified = !!linked.ok;
+            res.linked_email = linked.email;
+            res.email_linked = !!linked.ok;
+            if (!linked.ok) res.email_reason = linked.reason;
+          } else {
+            res.email_linked = false; res.email_reason = linked.reason;
+          }
+        } catch (e) {
+          res.email_linked = false; res.email_reason = e.message;
+          this.log(`email link ${number.mobile} failed (JSON still saved): ${e.message}`);
+        }
+      }
       this._emit(slot, { phase: 'saving', detail: 'saving session' });
       res.status = 'success'; res.cost = number.cost; res.session = session;
-      this._emit(slot, { phase: 'done', detail: 'extracted' });
-      this._release(number, rentedAt);
+      this.log(`SUCCESS ${number.mobile} — session extracted (₹${number.cost})${res.email_linked ? ` + email ${res.linked_email}` : ''}`);
+      this._emit(slot, { phase: 'done', detail: res.email_linked ? `extracted + ${res.linked_email}` : 'extracted' });
+      releaseOnce(); // success still releases the number (OTP already consumed)
       return res;
+    } catch (e) {
+      // ANY unexpected error → still release the number so we're never charged for a leak
+      this.log(`ERROR ${number.mobile}: ${e.message}`);
+      return fail(`unexpected: ${e.message}`);
     } finally {
+      releaseOnce(); // belt-and-suspenders: never leave a rented number un-released
       if (stream) try { stream.close(); } catch { /* */ }
     }
   }
+  // _linkEmail — attach a newaddr.com email to the just-logged-in account.
+  // Returns { email, ok, reason }. The number's OTP `stream` is kept OPEN by the caller so
+  // the FK-6 phone OTP arrives on it; the email OTP comes from kuku (subject line).
+  async _linkEmail(slot, fk, stream, number, session, smsArrived) {
+    // FK-5: skip if an email is already attached
+    try {
+      const prof = await fk.profileInfo(session);
+      if (prof.emailAlready) return { email: prof.email || '', ok: true, reason: 'already linked' };
+    } catch { /* non-fatal — proceed to attach */ }
+    // 1. mint a newaddr.com email from the shared premium account (serialized — one account)
+    this._emit(slot, { phase: 'minutes', detail: 'generating email' });
+    let email;
+    const gen = this._kukuLock.then(() => kuku.generateEmail(this.kukuAccount, 'newaddr.com'));
+    this._kukuLock = gen.catch(() => {});
+    try { email = await gen; } catch (e) { return { email: '', ok: false, reason: `email gen: ${e.message}` }; }
+    this.log(`email ${number.mobile} → ${email}`);
+    // 2. FK-6: send OTP to BOTH the email and the phone (retry transients)
+    this._emit(slot, { phase: 'send_otp', detail: 'sending email+phone OTP' });
+    let reqs;
+    const sent = await this._fkRetry(slot, 'email OTP', async () => { reqs = await fk.sendEmailOtp(session, email); }, number);
+    if (!sent.ok) return { email, ok: false, reason: `email OTP send: ${sent.error}` };
+    // 3. catch BOTH OTPs in parallel: email from kuku, phone from the open stream
+    this._emit(slot, { phase: 'await_otp', detail: 'awaiting email + phone OTP' });
+    const emailOtpP = kuku.waitForOtp(this.kukuAccount, { toEmail: email, timeoutMs: 120000, pollMs: 4000 });
+    const phoneOtpP = this._awaitOtp(slot, stream, fk, number, 120000, false, smsArrived);
+    const [emailOtp, phoneOtp] = await Promise.all([emailOtpP, phoneOtpP]);
+    if (!emailOtp) return { email, ok: false, reason: 'no email OTP received' };
+    if (!phoneOtp) return { email, ok: false, reason: 'no phone OTP for email-link' };
+    // 4. FK-7: submit both OTPs
+    this._emit(slot, { phase: 'verify', detail: 'linking email' });
+    try {
+      await fk.verifyEmailOtp(session, {
+        email, emailOtp, emailReqId: reqs.emailReqId,
+        phoneUserId: reqs.phoneUserId, phoneOtp, phoneReqId: reqs.phoneReqId });
+      this.log(`EMAIL LINKED ${number.mobile} ↔ ${email}`);
+      return { email, ok: true };
+    } catch (e) {
+      return { email, ok: false, reason: `link verify: ${e.message}` };
+    }
+  }
+  // _fkRetry — run a Flipkart call up to 3× with a 2s gap on transient failures (529 /
+  // throttle / network). On final failure, asks the user continue-or-stop (one at a time).
+  // Returns { ok, error?, stop? }.
+  async _fkRetry(slot, label, fn, number) {
+    const MAX = 3, GAP = 2000;
+    let lastErr = '';
+    for (let attempt = 1; attempt <= MAX; attempt++) {
+      if (this.stopped) return { ok: false, error: 'stopped' };
+      try { await fn(); return { ok: true }; }
+      catch (e) {
+        lastErr = e.message || String(e);
+        const transient = e instanceof TransientError || e instanceof BlockedError;
+        this.log(`${label} attempt ${attempt}/${MAX} failed: ${lastErr}${transient ? ' (transient)' : ''}`);
+        if (!transient) return { ok: false, error: lastErr };
+        if (attempt < MAX) {
+          this._emit(slot, { phase: 'send_otp', detail: `Flipkart busy — retry ${attempt}/${MAX} in 2s` });
+          await sleep(GAP);
+        }
+      }
+    }
+    // all 3 attempts failed → ask the user whether to keep going
+    if (this.onFailure && !this.stopped && !this._asking) {
+      this._asking = true;
+      try {
+        const cont = await this.onFailure({ mobile: number?.mobile || '', reason: `${label} blocked after ${MAX} tries: ${lastErr}` });
+        if (!cont) return { ok: false, error: lastErr, stop: true };
+      } finally { this._asking = false; }
+    }
+    return { ok: false, error: lastErr };
+  }
   async _rent(slot) {
     let attempt = 0;
     while (!this.stopped) {
@@ -193,7 +342,8 @@ export class Worker {
       const rem = Math.floor((end - Date.now()) / 1000);
       if (doResend && !resent && Date.now() >= resendAt) {
         try { await fk.sendOtp(number.mobile); } catch { /* */ }
-        stream.resend(); resent = true;
+        try { await stream.resend(); } catch { /* */ }
+        resent = true;
         this._emit(slot, { phase: 'otp_resend', detail: 'OTP resent', wait: rem });
       } else {
         this._emit(slot, { phase: 'await_otp', detail: 'waiting for OTP', wait: rem });
@@ -208,15 +358,20 @@ export class Worker {
   // not mislabeled as "OTP rejected".
   async _verify(slot, fk, stream, number, otp, smsArrived) {
     let lastErr = 'verify failed';
+    // RE-VERIFY on blockage: a 529/transient is NOT the OTP's fault, so retry the same
+    // (still-valid) OTP 3× with a 2s gap before giving up — never cancel a good number
+    // just because Flipkart hiccupped.
     for (let attempt = 1; attempt <= 3; attempt++) {
       try {
         const session = await fk.verifyOtp(number.mobile, otp);
+        if (attempt > 1) this.log(`verify ${number.mobile} succeeded on retry ${attempt}`);
         return { session, error: null };
       } catch (e) {
-        if (e instanceof TransientError) {
+        if (e instanceof TransientError || e instanceof BlockedError) {
           lastErr = e.message;
-          this._emit(slot, { phase: 'verify', detail: `Flipkart busy — retry ${attempt}/3` });
-          await sleep(3000);
+          this.log(`verify ${number.mobile} transient attempt ${attempt}/3: ${lastErr} — re-verifying`);
+          this._emit(slot, { phase: 'verify', detail: `Flipkart busy — re-verify ${attempt}/3` });
+          if (attempt < 3) await sleep(2000);
           continue; // retry the SAME otp (it's still valid; the server just hiccupped)
         }
         if (e instanceof WrongOTP) {
@@ -233,7 +388,7 @@ export class Worker {
   async _resendAndVerify(slot, fk, stream, number, smsArrived, why) {
     this._emit(slot, { phase: 'otp_resend', detail: `${why} — resending`, wait: WRONG_OTP_WAIT / 1000 });
     try { await fk.sendOtp(number.mobile); } catch (e) { return { session: null, error: `resend failed: ${e.message}` }; }
-    stream.resend();
+    try { await stream.resend(); } catch { /* */ }
     const end = Date.now() + WRONG_OTP_WAIT;
     let otp2 = null;
     while (Date.now() < end && !this.stopped) {
@@ -249,13 +404,32 @@ export class Worker {
     catch (e) { return { session: null, error: e.message }; }
   }
+  // _release — GUARANTEE the rented number is cancelled so we're never charged for a
+  // number that didn't succeed. TempOTP can't be cancelled before its 2-min lock, so we
+  // wait that out first. The cancel is RETRIED up to 5× until it confirms; the outcome is
+  // logged. The returned promise is tracked so the campaign waits for it before finishing.
   _release(number, rentedAt) {
-    (async () => {
+    if (!this._releases) this._releases = [];
+    const p = (async () => {
       if (this.provider.name === 'tempotp') {
         const wait = NUMBER_CANCEL_LOCK - (Date.now() - rentedAt);
         if (wait > 0) await sleep(wait);
       }
-      try { await this.provider.cancel(number); } catch { /* */ }
+      for (let attempt = 1; attempt <= 5; attempt++) {
+        try {
+          await this.provider.cancel(number);
+          this.log(`cancelled ${number.mobile} (txn ${number.txn}) — refunded`);
+          return;
+        } catch (e) {
+          this.log(`cancel ${number.mobile} attempt ${attempt}/5 failed: ${e.message}`);
+          await sleep(3000);
+        }
+      }
+      // Could NOT cancel after 5 tries — flag it loudly so the user knows a number may be charged.
+      this.log(`⚠ COULD NOT CANCEL ${number.mobile} (txn ${number.txn}) after 5 tries — may be charged! cancel manually on the provider.`);
+      this.onEvent('warn', `⚠ couldn't cancel ${number.mobile.slice(-10)} — cancel it on the provider to avoid a charge`);
     })();
+    this._releases.push(p);
+    return p;
   }
 }