scripter-x 1.0.31 → 1.0.32

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "scripter-x",
-  "version": "1.0.31",
+  "version": "1.0.32",
   "description": "ScripterX — local Flipkart session extractor (runs on your residential IP, syncs to marthunt)",
   "type": "module",
   "bin": {

package/src/commands.js

@@ -552,13 +552,12 @@ function saveBigbasketSession(args, number, sessionKeys) {
 }
 
 export async function bigbasketCmd(io, api, args = {}) {
-  // Only manual exists today; auto is wired after the server contract is known.
-  const mode = args.auto ? 'auto' : 'manual';
-  if (mode === 'auto') {
-    io.print('  ! BigBasket auto mode is not wired yet — coming once the server is set.', 'danger');
-    io.print('  ◉ use manual for now:  scripterx bigbasket --manual', 'accent');
-    return;
-  }
+  const mode = args.manual ? 'manual' : (args.auto ? 'auto' : (args.number ? 'manual' : (await io.select('Choose BigBasket login flow', [
+    { label: 'Auto', value: 'auto', description: 'Auto-rent numbers via TempOTP (hands-off)' },
+    { label: 'Manual', value: 'manual', description: 'Enter phone + type OTP yourself' },
+  ])).value || 'auto'));
+
+  if (mode === 'auto') return bigbasketAuto(io, args);
 
   io.print('  ◉ BigBasket — local OTP → session JSON (Manual)');
   io.print('  ◉ press esc to cancel', 'accent');
@@ -617,6 +616,94 @@ export async function bigbasketCmd(io, api, args = {}) {
   io.print(`  ✓ done — ${done} session(s) saved.`);
 }
 
+// ── BigBasket auto: rent numbers via TempOTP, poll SMS, verify headlessly ─────
+// Mirrors the Zepto auto flow. Local-first: every success is appended to a combined
+// file the instant it lands (so a mid-run stop never loses an account).
+async function bigbasketAuto(io, args = {}) {
+  io.print('  ◉ BigBasket — auto extraction via TempOTP');
+  const cfg = config.load();
+
+  // TempOTP key (reuse the saved-key / add-new pattern from buildProvider).
+  let key = cfg.tempotp_api_key;
+  if (key) {
+    const choice = await io.select(`saved TempOTP key: ${maskSecret(key)}`, [
+      { label: 'use saved', value: 'use', description: maskSecret(key) },
+      { label: 'add new', value: 'new', description: 'enter a different key' }]);
+    if ((choice.value || choice) === 'new') key = null;
+  }
+  let freshlyEntered = false;
+  if (!key) { key = await io.ask('TempOTP API key'); freshlyEntered = true; }
+  const bal = await tp.balance(key);
+  if (bal == null) { io.print('  ✗ TempOTP key invalid or unreachable', 'danger'); return; }
+  io.print(`  ✓ TempOTP balance: ₹${bal}`);
+  if (freshlyEntered && await io.confirm('save this key locally for next time?', true)) config.setMany({ tempotp_api_key: key });
+
+  // BigBasket service picker (only the BB service ids).
+  const svc = args.service || (await io.select('BigBasket service', tp.BIGBASKET_SERVICES.map((id) => ({
+    label: `${id} · ${tp.SERVICE_NAMES[id]}`, value: id, description: `₹${tp.SERVICES[id]}`,
+  })))).value;
+  const provider = new tp.TempOTPProvider(key, svc);
+
+  const count = args.count || Number(await io.ask('how many sessions?', { dflt: '1' }));
+  const concurrency = args.concurrency || Number(await io.ask('concurrency (keep low — 1 recommended)', { dflt: '1' }));
+  const name = args.name || `BigBasket-${Math.floor(Date.now() / 1000)}`;
+  if (!(await io.confirm(`start ${count} BigBasket extraction(s) at concurrency ${concurrency} on service ${svc}?`, true))) return;
+
+  const { BigBasketWorker } = await import('./worker.js');
+  const { RunController } = await import('./controller.js');
+  const controller = new RunController({ name, provider: `tempotp-bigbasket`, requested: count });
+
+  // INCREMENTAL SAVE: append every extracted session to one JSONL the instant it lands.
+  const baseDir = bigbasketBaseDir(args);
+  const stamp = new Date().toISOString().replace(/[:.]/g, '-');
+  const liveFile = join(baseDir, `${name}-${stamp}.jsonl`);
+  const onResult = (res) => {
+    if (res.status !== 'success' || !res.session) return;
+    mkdirSync(baseDir, { recursive: true });
+    appendFileSync(liveFile, JSON.stringify(res.session) + '\n');
+  };
+
+  const worker = new BigBasketWorker(provider, { requested: count, concurrency, onEvent: controller.handleEvent, onResult });
+  controller.stop = () => worker.stop();
+
+  const results = [];
+  const origRecord = worker._record.bind(worker);
+  worker._record = (res) => { results.push(res); origRecord(res); };
+
+  const interactive = !!io.startRun;
+  if (interactive) io.startRun(controller);
+  let onSigint = null;
+  if (!interactive) {
+    let lastSig = 0;
+    onSigint = () => {
+      const now = Date.now();
+      if (now - lastSig < 2000) { worker.stop(); process.exit(0); }
+      lastSig = now; worker.stop();
+      io.print('  ⚠ stopping — press Ctrl+C again to exit');
+    };
+    process.on('SIGINT', onSigint);
+  }
+
+  await worker.run();
+  if (onSigint) process.off('SIGINT', onSigint);
+  if (io.endRun) io.endRun();
+
+  io.print(`  ✓ done — ${worker.stats.succeeded} succeeded · ${worker.stats.failed} failed · ${worker.stats.cancelled} cancelled · ₹${worker.stats.charges} spent`);
+
+  // Also write a combined pretty JSON array of all successes for convenience.
+  const succeeded = results.filter((r) => r.status === 'success' && r.session).map((r) => r.session);
+  if (succeeded.length) {
+    mkdirSync(baseDir, { recursive: true });
+    const combined = join(baseDir, `${name}-${stamp}.json`);
+    writeFileSync(combined, JSON.stringify(succeeded, null, 2) + '\n');
+    io.print(`  ✓ saved ${succeeded.length} session(s):`);
+    io.print(`     ${combined}`, 'accent');
+    io.print(`     (live JSONL: ${liveFile})`, 'accent');
+  } else {
+    io.print('  ◉ no sessions extracted — nothing to save.');
+  }
+}
+
 const TIER_LABEL = { rs100: '🟢 ₹100', rs75: '🟢 ₹75', rs50: '🟢 ₹50', normal: '⚪ normal', unchecked: '❔ unchecked' };
 
 // The directory the per-tier files go in for an auto run.

package/src/index.js

@@ -55,8 +55,10 @@ const HELP = `${paint.bold('scripterx')} — local Flipkart session extractor
        --number <10-digit>  --otp <code>
        (envelope keyed to ZeptoAuthManager cert; override with --cert or $ZAUTH_CERT_SHA)
   scripterx bigbasket [flags]  local BigBasket OTP login → session JSON (alias: bb)
-       --manual             --number <10-digit>  --otp <code>  --out <file|dir>
-       → writes {phone, bbAuthToken, mId, bbVisitorId} per number (auto mode soon)
+       --auto | --manual    --count N  --concurrency N  --out <file|dir>
+       --service <1819|1874|1919|2259>   (auto: TempOTP BigBasket service id)
+       --number <10-digit>  --otp <code> (manual one-shot)
+       → writes {phone, bbAuthToken, mId, bbVisitorId} per session
   scripterx recheck <file>  re-validate Minutes status of a session JSON, locally (your IP)
        → re-splits into corrected -minutes-free / -minutes-used files + stats
   scripterx campaigns | export [name] | balance | creds | stop | delete | whoami | config
@@ -121,6 +123,7 @@ async function main() {
     mode: flags.email ? 'json_email' : flags.mode, // --email or --mode json_email
     target: flags.target, // run: 'flipkart' | 'zepto'
     number: flags.number, otp: flags.otp, cert: flags.cert, // zepto: local OTP login → ZAUTH1 envelope
+    service: flags.service, // bigbasket auto: TempOTP service id (1819/1874/1919/2259)
     auto: flags.auto, manual: flags.manual,
     checkCoupon: flags['check-coupon'] === true ? true : (flags['check-coupon'] === false ? false : null),
     campaign: flags._[0], out: flags.out, action: flags._[0], value: flags._[1],

package/src/providers/tempotp.js

@@ -3,9 +3,19 @@ import { extractOtp } from '../flipkart.js';
 
 const BASE = 'https://api.tempotp.online';
 // serviceId -> cost (₹). Keep ids as strings (they go straight into the GET params).
-export const SERVICES = { '1040': 10.0, '940': 16.0, '2451': 12.5, '2452': 12.5, '2453': 12.0, '2484': 18.0 };
+export const SERVICES = {
+  '1040': 10.0, '940': 16.0, '2451': 12.5, '2452': 12.5, '2453': 12.0, '2484': 18.0,
+  // BigBasket (SERVER 16 [best-sv-multi])
+  '1819': 12.0, '1874': 12.0, '1919': 14.0, '2259': 14.0,
+};
 // optional friendly names shown in the service picker
-export const SERVICE_NAMES = { '1040': 'Flipkart', '940': 'Flipkart', '2451': 'Shopsy/Flipkart 1 (SERVER 16)', '2452': 'Shopsy/Flipkart 2 (SERVER 16)', '2453': 'Shopsy/Flipkart 3 (SERVER 16)', '2484': 'ALL 6 DIGIT (SERVER 17 [ALL])' };
+export const SERVICE_NAMES = {
+  '1040': 'Flipkart', '940': 'Flipkart', '2451': 'Shopsy/Flipkart 1 (SERVER 16)', '2452': 'Shopsy/Flipkart 2 (SERVER 16)', '2453': 'Shopsy/Flipkart 3 (SERVER 16)', '2484': 'ALL 6 DIGIT (SERVER 17 [ALL])',
+  '1819': 'BigBasket 1.0 (SERVER 16)', '1874': 'BigBasket 2.0 (SERVER 16)', '1919': 'BigBasket 3.0 (SERVER 16)', '2259': 'BigBasket 4.0 (SERVER 16)',
+};
+// BigBasket service ids (for the bigbasket auto picker)
+export const BIGBASKET_SERVICES = ['1819', '1874', '1919', '2259'];
+export const DEFAULT_BIGBASKET_SERVICE = '1819';
 export const DEFAULT_SERVICE = '940';
 const COUNTRY = '22';
 

package/src/worker.js

@@ -6,6 +6,7 @@ import { FlipkartLogin, WrongOTP, BlockedError, TransientError } from './flipkar
 import { CampaignLogger } from './logger.js';
 import * as kuku from './providers/kuku.js';
 import * as zepto from './providers/zepto.js';
+import * as bigbasket from './providers/bigbasket.js';
 
 const OTP_RESEND_AFTER = 60_000;
 const OTPCART_DEADLINE = 120_000;
@@ -759,3 +760,197 @@ export class ZeptoWorker {
     }
   }
 }
+
+// ── BigBasket auto worker ─────────────────────────────────────────────────────
+// Identical orchestration to ZeptoWorker (rent → SMS poll → verify → save), but the
+// merchant is BigBasket: bigbasket.sendOtp() does its own 3-call bootstrap+send, we
+// poll the OTP provider's SMS stream, then bigbasket.verifyOtp() → session JSON.
+// Designed for TempOTP (poll, no resend) but works with any provider exposing
+// rentOnce/startOtp(poll)/cancel. Local-first: emits res.session for incremental save;
+// server push is layered on top by the caller (onResult) when a backend is configured.
+export class BigBasketWorker {
+  constructor(provider, { requested, concurrency, deadlineMs, onEvent, onResult }) {
+    this.provider = provider;
+    this.requested = requested;
+    this.concurrency = Math.max(1, Math.min(concurrency, requested));
+    this.deadlineMs = deadlineMs || (provider?.name === 'tempotp' ? TEMPOTP_DEADLINE : OTPCART_DEADLINE);
+    this.onEvent = onEvent || (() => {});
+    this.onResult = onResult || null;
+    if (provider && 'onNotice' in provider) provider.onNotice = (msg) => this.onEvent('warn', `⚠ ${msg}`);
+    this.stats = { total: requested, succeeded: 0, failed: 0, cancelled: 0, generated: 0, attempts: 0, charges: 0 };
+    this.slots = {};
+    this.seq = 0;
+    this.stopped = false;
+    this._releases = [];
+  }
+
+  stop() { this.stopped = true; }
+  _nextSeq() { return ++this.seq; }
+
+  _claim() {
+    if (this.stopped) return 0;
+    if (this.stats.succeeded >= this.requested) return 0;
+    const active = this.stats.attempts - (this.stats.succeeded + this.stats.failed + this.stats.cancelled);
+    if (this.stats.succeeded + active >= this.requested) return 0;
+    if (this.stats.attempts >= this.requested * ATTEMPT_CAP_MULT) return 0;
+    return ++this.stats.attempts;
+  }
+
+  _emit(slot, kv) {
+    this.slots[slot] = { slot, ...(this.slots[slot] || {}), ...kv };
+    this.onEvent('slot', this.slots[slot]);
+  }
+
+  _record(res) {
+    if (res.mobile) this.stats.generated++;
+    if (res.status === 'success') { this.stats.succeeded++; this.stats.charges += res.cost || 0; }
+    else if (res.status === 'cancelled') this.stats.cancelled++;
+    else { this.stats.failed++; this.stats.charges += res.cost || 0; }
+    this.onEvent('progress', this.stats);
+    this.onEvent('row', res);
+    if (res.status === 'success' && res.session && this.onResult) {
+      try { this.onResult(res); } catch { /* best-effort; never break the loop */ }
+    }
+  }
+
+  async run() {
+    const loops = Array.from({ length: this.concurrency }, (_, i) => this._loop(i + 1));
+    await Promise.all(loops);
+    if (this._releases.length) {
+      this.onEvent('warn', `finishing up — releasing ${this._releases.length} number(s)…`);
+      await Promise.allSettled(this._releases);
+    }
+    this.onEvent('done', this.stats);
+    return this.stats;
+  }
+
+  _release(number, rentedAt, slot) {
+    const p = releaseNumber(this.provider, number, rentedAt, {
+      log: () => {},
+      warn: (m) => this.onEvent('warn', m),
+      onWait: slot ? (sec) => this._emit(slot, { phase: 'cancelling', detail: 'releasing (cancel-lock)', wait: sec }) : undefined,
+    });
+    this._releases.push(p);
+    return p;
+  }
+
+  async _rent(slot) {
+    let attempt = 0;
+    while (!this.stopped) {
+      attempt++;
+      this._emit(slot, { phase: 'renting', detail: `requesting a number (try ${attempt})` });
+      const { number } = await this.provider.rentOnce();
+      if (number) return number;
+      if (attempt % RENT_COOLDOWN_EVERY === 0) {
+        for (let rem = RENT_COOLDOWN_SECS; rem > 0; rem--) {
+          if (this.stopped) return null;
+          this._emit(slot, { phase: 'rent_wait', detail: 'no numbers — waiting', wait: rem });
+          await sleep(1000);
+        }
+      } else {
+        await sleep(RENT_RETRY_DELAY);
+      }
+    }
+    return null;
+  }
+
+  async _loop(slot) {
+    for (;;) {
+      if (this._claim() === 0) return;
+      const res = await this._process(slot);
+      await this._record(res);
+    }
+  }
+
+  async _process(slot) {
+    const idNo = this._nextSeq();
+    const res = { id_no: idNo, status: 'failed', cost: 0, detail: '' };
+
+    if (this.stats.succeeded >= this.requested) {
+      this._emit(slot, { phase: 'done', detail: 'goal reached' });
+      res.status = 'cancelled'; res.detail = 'goal reached';
+      return res;
+    }
+
+    this._emit(slot, { mobile: '', phase: 'renting', detail: 'requesting a number', wait: 0 });
+    const number = await this._rent(slot);
+    if (!number) { res.status = 'cancelled'; res.detail = 'stopped while renting'; return res; }
+    const rentedAt = Date.now();
+    if (this.stats.succeeded >= this.requested) {
+      this._release(number, rentedAt, slot);
+      this._emit(slot, { phase: 'done', detail: 'goal reached' });
+      res.status = 'cancelled'; res.detail = 'goal reached';
+      return res;
+    }
+    res.mobile = number.mobile;
+    this._emit(slot, { mobile: number.mobile, phase: 'rented', detail: 'got a number' });
+
+    let stream = null;
+    let released = false;
+    const smsArrived = { v: false };
+
+    const releaseOnce = (charged = false, doneDetail = 'done', consumed = false) => {
+      if (released) return;
+      released = true;
+      if (consumed || (charged && !this.stopped)) { this._emit(slot, { phase: 'done', detail: doneDetail }); return; }
+      this._emit(slot, { phase: 'cancelling', detail: 'releasing number' });
+      this._release(number, rentedAt, slot);
+    };
+
+    const fail = (detail, category) => {
+      const charged = smsArrived.v;
+      res.status = charged ? 'failed' : 'cancelled';
+      res.cost = charged ? number.cost : 0;
+      res.detail = detail;
+      res.category = category || (res.status === 'failed' ? 'failed' : 'cancelled');
+      releaseOnce(charged, 'failed');
+      return res;
+    };
+
+    const session = bigbasket.newSession(number.mobile);
+
+    try {
+      this._emit(slot, { phase: 'ws', detail: 'opening OTP channel' });
+      stream = this.provider.startOtp(number);
+      if (typeof stream.ready === 'function') await stream.ready();
+
+      // bigbasket.sendOtp does register/device → header → otp (all on our IP).
+      this._emit(slot, { phase: 'send_otp', detail: 'sending OTP' });
+      const sent = await bigbasket.sendOtp(session);
+      if (!sent.ok) return fail(`send: ${sent.msg}`, 'send_blocked');
+
+      // Poll the rented number's SMS stream for the BigBasket OTP.
+      const end = Date.now() + this.deadlineMs;
+      let otp = null;
+      while (Date.now() < end && !this.stopped) {
+        const { otp: o, arrived } = await stream.poll();
+        if (arrived) smsArrived.v = true;
+        if (o) { otp = o; break; }
+        this._emit(slot, { phase: 'await_otp', detail: 'waiting for OTP', wait: Math.floor((end - Date.now()) / 1000) });
+        await sleep(1000);
+      }
+      if (!otp) return fail(`no OTP within ${Math.round(this.deadlineMs / 1000)}s — abandoned`, 'timeout');
+
+      this._emit(slot, { phase: 'verify', detail: 'verifying OTP' });
+      const v = await bigbasket.verifyOtp(session, otp);
+      if (!v.ok) {
+        const wrong = /valid otp|incorrect|invalid|expired/i.test(v.error || '');
+        return fail(`verify: ${v.error}`, wrong ? 'wrong_otp' : 'failed');
+      }
+
+      res.status = 'success';
+      res.cost = number.cost;
+      res.session = bigbasket.toSessionKeys(session); // { phone, bbAuthToken, mId, bbVisitorId }
+      res.category = 'extracted';
+
+      this._emit(slot, { phase: 'saving', detail: 'saving session' });
+      releaseOnce(true, 'extracted', true); // success: OTP consumed → no cancel
+      return res;
+    } catch (e) {
+      return fail(`unexpected: ${e.message}`);
+    } finally {
+      releaseOnce(false);
+      if (stream) try { stream.close(); } catch { /* */ }
+    }
+  }
+}