scripter-x 1.0.7 → 1.0.9

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "scripter-x",
-  "version": "1.0.7",
+  "version": "1.0.9",
   "description": "ScripterX — local Flipkart session extractor (runs on your residential IP, syncs to marthunt)",
   "type": "module",
   "bin": {

package/src/commands.js

@@ -3,7 +3,7 @@
 // stdin/stdout). Each command: async (io, api, args) => void.
 import * as config from './config.js';
 import { ApiClient, AuthError } from './api.js';
-import { saveSessions } from './util.js';
+import { saveSessions, CANCEL } from './util.js';
 import * as tp from './providers/tempotp.js';
 import * as oc from './providers/otpcart.js';
 import * as kuku from './providers/kuku.js';
@@ -122,6 +122,12 @@ async function buildProvider(io, name) {
 }
 
 export async function run(io, api, args = {}) {
+  // TARGET: Flipkart (the backend campaign flow) or Zepto (local OTP → ZAUTH1 envelope).
+  const target = args.target || (args.number ? 'zepto' : (await io.select('what to extract?', [
+    { label: 'Flipkart', value: 'flipkart', description: 'session JSON via OTP provider (campaign)' },
+    { label: 'Zepto', value: 'zepto', description: 'local OTP login → ZAUTH1 envelope for AuthManager' }])).value);
+  if (target === 'zepto') return zeptoCmd(io, api, args);
+
   api = api || await getApi(io);
 
   // MODE: extract JSON only, or also link a newaddr.com email to each account.
@@ -204,44 +210,78 @@ export async function run(io, api, args = {}) {
   if (worker.logPath) io.print(`  ◉ log saved to: ${worker.logPath}`);
 }
 
-// ── zepto: local OTP login → extract session to {phone}-{timestamp}.json ──
+// ── zepto: local OTP login → extract session to a ZAUTH1 envelope file ──
 // Dead-simple, no backend: enter a number → we SMS an OTP locally → enter the
-// code → we verify and write the session JSON. Runs entirely on your IP.
+// code → we verify, build the ZAUTH1 envelope, and write {phone}-{timestamp}.txt.
+// LOOPS: after each one it asks for the next number — keep going until the user
+// presses Esc (or double Ctrl+C). Runs entirely on your IP.
 export async function zeptoCmd(io, _api, args = {}) {
-  const number = (args.number || await io.ask('zepto phone number')).replace(/\D/g, '').slice(-10);
-  if (number.length !== 10) throw new Error('enter a 10-digit number');
-
-  const session = zepto.newSession(number);
-  io.print(`  ◉ sending OTP to ${number} …`);
-  const s = await zepto.sendOtp(session);
-  if (!s.ok) throw new Error(`could not send OTP: ${s.msg || s.status}`);
-  io.print('  ✓ OTP sent');
-
-  const otp = (args.otp || await io.ask('enter the OTP')).trim();
-  const v = await zepto.verifyOtp(session, otp);
-  if (!v.ok) throw new Error(`OTP verify failed: ${v.error || v.status}`);
-  io.print(`  ✓ logged in${v.user?.fullName ? ` as ${v.user.fullName}` : ''}`);
-
-  // Build the ZAUTH1 envelope — the format the ZeptoAuthManager tool imports.
-  const envelope = zepto.encodeEnvelope(zepto.toSessionKeys(session), args.cert);
-
-  // {phone}-{timestamp}.txt  in the chosen dir (default ~/Downloads/scripterx/zepto)
-  const stamp = new Date().toISOString().replace(/[:.]/g, '-');
-  const fname = `${number}-${stamp}.txt`;
-  let dest;
-  if (args.out) {
-    const expanded = args.out.startsWith('~') ? join(homedir(), args.out.slice(1)) : args.out;
-    dest = /\.(txt|json)$/i.test(expanded) ? expanded : join(expanded, fname);
-  } else {
-    const downloads = join(homedir(), 'Downloads');
-    dest = join(existsSync(downloads) ? downloads : homedir(), 'scripterx', 'zepto', fname);
+  io.print('  ◉ Zepto — local OTP → ZAUTH1 envelope');
+  io.print('  ◉ press esc to cancel', 'accent');
+
+  let done = 0;
+  // double-Ctrl+C to exit (only meaningful in one-shot mode; the ink App owns its own Ctrl+C)
+  let lastSig = 0, stopping = false;
+  const onSigint = () => {
+    const now = Date.now();
+    if (now - lastSig < 2000) { stopping = true; process.exit(0); }
+    lastSig = now;
+    io.print('  ⚠ press Ctrl+C again to exit');
+  };
+  const interactive = !!io.startRun; // ink App present → don't grab SIGINT
+  if (!interactive) process.on('SIGINT', onSigint);
+
+  try {
+    for (;;) {
+      // number entry — escapable: Esc stops the whole loop
+      const raw = args.number || await io.ask('zepto phone number', { escapable: true });
+      if (raw === CANCEL) break;
+      const number = String(raw).replace(/\D/g, '').slice(-10);
+      if (number.length !== 10) { io.print('  ! enter a 10-digit number', 'danger'); if (args.number) break; continue; }
+
+      const session = zepto.newSession(number);
+      io.print(`  ◉ sending OTP to ${number} …`);
+      const s = await zepto.sendOtp(session);
+      if (!s.ok) { io.print(`  ✗ could not send OTP: ${s.msg || s.status}`, 'danger'); if (args.number) break; continue; }
+      io.print('  ✓ OTP sent');
+
+      // OTP entry — escapable too (Esc abandons this number and loops back)
+      const otpRaw = args.otp || await io.ask('enter the OTP', { escapable: true });
+      if (otpRaw === CANCEL) break;
+      const v = await zepto.verifyOtp(session, String(otpRaw).trim());
+      if (!v.ok) { io.print(`  ✗ OTP verify failed: ${v.error || v.status}`, 'danger'); if (args.number) break; continue; }
+      io.print(`  ✓ logged in${v.user?.fullName ? ` as ${v.user.fullName}` : ''}`);
+
+      // Build the ZAUTH1 envelope — the format the ZeptoAuthManager tool imports.
+      const envelope = zepto.encodeEnvelope(zepto.toSessionKeys(session), args.cert);
+
+      // {phone}-{timestamp}.txt  in the chosen dir (default ~/Downloads/scripterx/zepto)
+      const stamp = new Date().toISOString().replace(/[:.]/g, '-');
+      const fname = `${number}-${stamp}.txt`;
+      let dest;
+      if (args.out) {
+        const expanded = args.out.startsWith('~') ? join(homedir(), args.out.slice(1)) : args.out;
+        dest = /\.(txt|json)$/i.test(expanded) ? expanded : join(expanded, fname);
+      } else {
+        const downloads = join(homedir(), 'Downloads');
+        dest = join(existsSync(downloads) ? downloads : homedir(), 'scripterx', 'zepto', fname);
+      }
+      mkdirSync(dirname(dest), { recursive: true });
+      writeFileSync(dest, envelope + '\n');
+      done++;
+      io.print('  ✓ envelope saved to:');
+      io.print(`     ${dest}`, 'accent');
+      io.print('  ◉ paste into ZeptoAuthManager → Import:');
+      io.print(`     ${envelope}`, 'accent');
+
+      // one-shot (a number was passed on the CLI): do exactly one and stop
+      if (args.number) break;
+      io.print('  ◉ next number (esc to finish)', 'accent');
+    }
+  } finally {
+    if (!interactive && !stopping) process.off('SIGINT', onSigint);
   }
-  mkdirSync(dirname(dest), { recursive: true });
-  writeFileSync(dest, envelope + '\n');
-  io.print('  ✓ envelope saved to:');
-  io.print(`     ${dest}`, 'accent');
-  io.print('  ◉ paste into ZeptoAuthManager → Import:');
-  io.print(`     ${envelope}`, 'accent');
+  io.print(`  ✓ done — ${done} envelope(s) saved.`);
 }
 
 export async function campaigns(io, api) {

package/src/index.js

@@ -26,7 +26,7 @@ const cliIo = {
     else if (line.includes('◉')) console.log(line.replace('◉', paint.accent('◉')));
     else console.log(line);
   },
-  ask: (msg, opts = {}) => (opts.mask ? askSecret(msg) : ask(msg, { dflt: opts.dflt })),
+  ask: (msg, opts = {}) => (opts.mask ? askSecret(msg) : ask(msg, { dflt: opts.dflt, escapable: opts.escapable })),
   confirm: (msg, dflt) => confirm(msg, { dflt }),
   select: async (msg, items) => {
     const norm = items.map((it) => (typeof it === 'string' ? { label: it, value: it } : it));
@@ -106,6 +106,7 @@ async function main() {
     concurrency: flags.concurrency ? +flags.concurrency : null, name: flags.name,
     checkMinutes: flags['check-minutes'] === true ? true : (flags['check-minutes'] === false ? false : null),
     mode: flags.email ? 'json_email' : flags.mode, // --email or --mode json_email
+    target: flags.target, // run: 'flipkart' | 'zepto'
     number: flags.number, otp: flags.otp, cert: flags.cert, // zepto: local OTP login → ZAUTH1 envelope
     campaign: flags._[0], out: flags.out, action: flags._[0], value: flags._[1],
   };

package/src/prompt.js

@@ -1,18 +1,29 @@
 // Minimal interactive prompts (readline) for the non-ink screens (login, run setup).
 import readline from 'node:readline';
-import { paint } from './util.js';
+import { paint, CANCEL } from './util.js';
 
 function makeRl() {
   return readline.createInterface({ input: process.stdin, output: process.stdout });
 }
 
-export function ask(question, { dflt } = {}) {
+// ask() — single-line input. With { escapable: true }, pressing Esc resolves CANCEL.
+export function ask(question, { dflt, escapable } = {}) {
   const rl = makeRl();
   const suffix = dflt != null ? paint.dim(` (${dflt})`) : '';
   return new Promise((resolve) => {
-    rl.question(`  ${paint.bold(question)}${suffix}: `, (a) => {
+    let onKey = null;
+    const finish = (val) => {
+      if (onKey && process.stdin.off) process.stdin.off('keypress', onKey);
       rl.close();
-      resolve(a.trim() || (dflt != null ? String(dflt) : ''));
+      resolve(val);
+    };
+    if (escapable && process.stdin.isTTY) {
+      readline.emitKeypressEvents(process.stdin, rl);
+      onKey = (_str, key) => { if (key && key.name === 'escape') { process.stdout.write('\n'); finish(CANCEL); } };
+      process.stdin.on('keypress', onKey);
+    }
+    rl.question(`  ${paint.bold(question)}${suffix}: `, (a) => {
+      finish(a.trim() || (dflt != null ? String(dflt) : ''));
     });
   });
 }

package/src/ui/App.js

@@ -12,6 +12,7 @@ import { Shell, WelcomeBox } from './Shell.js';
 import { SelectList, Confirm, TextField } from './components.js';
 import { RunView } from './RunView.js';
 import { COLORS } from '../theme.js';
+import { CANCEL } from '../util.js';
 import { useMouse } from './mouse.js';
 
 const h = React.createElement;
@@ -91,7 +92,9 @@ export function App({ ctx }) {
       ask: (message, opts = {}) => new Promise((resolve) => {
         setScreen('prompts');
         setPrompt({ kind: opts.mask ? 'secret' : 'text', message, mask: opts.mask, dflt: opts.dflt || '',
-          done: (v) => { setPrompt(null); setScreen(afterPrompt()); resolve(v || opts.dflt || ''); } });
+          escapable: !!opts.escapable,
+          done: (v) => { setPrompt(null); setScreen(afterPrompt()); resolve(v || opts.dflt || ''); },
+          cancel: () => { setPrompt(null); setScreen(afterPrompt()); resolve(CANCEL); } });
       }),
       select: (message, items, opts = {}) => new Promise((resolve) => {
         const norm = items.map((it) => (typeof it === 'string' ? { label: it, value: it } : it));
@@ -166,5 +169,6 @@ function PromptView({ prompt, frameRef }) {
     return h(Confirm, { message: prompt.message, defaultValue: prompt.dflt, frameRef, onAnswer: (v) => prompt.done(v) });
   }
   return h(TextField, { message: prompt.message, mask: prompt.kind === 'secret', defaultValue: prompt.dflt,
-    onSubmit: (v) => prompt.done(v) });
+    onSubmit: (v) => prompt.done(v),
+    onCancel: prompt.escapable ? () => prompt.cancel() : undefined });
 }

package/src/util.js

@@ -4,6 +4,9 @@ import { join, dirname } from 'node:path';
 import { mkdirSync, writeFileSync, existsSync, statSync } from 'node:fs';
 import { COLORS } from './theme.js';
 
+// Sentinel returned by io.ask({ escapable: true }) when the user presses Esc.
+export const CANCEL = Symbol('cancel');
+
 // minimal ANSI for the non-TUI commands (login, lists, etc.)
 const c = (hex, s) => {
   // map our hex accents to the nearest 256-color for plain stdout