// app.js
const express = require("express");
const moment = require("moment");
const cors = require("cors");
const app = express();
const port = 3000;
const bodyParser = require("body-parser");
const axios = require("axios");
const { toJalaali, toGregorian } = require("jalaali-js");
moment.locale("en");
const CryptoJS = require("crypto-js");
// app.options("*", cors);
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
const {
config,
encrypt,
decrypt,
encryptWS,
decryptWS,
} = require("./lib/asan-pardakht-config");
// Middleware to parse JSON requests
app.use(express.json());
app.use(cors());
const querystring = require("querystring");
const https = require("https");
// const mellat = new mellatCheckout({
// terminalId: "7269507",
// username: "7269507",
// password: "66506956",
// timeout: 10000,
// apiUrl: "https://bpm.shaparak.ir/pgwchannel/services/pgw?wsdl",
// });
// const apiUrl = "https://bpm.shaparak.ir/pgwchannel/services/pgw?wsdl";
// function _interopRequireDefault(obj) {
// return obj && obj.__esModule ? obj : { default: obj };
// }
// var _soap = require("soap");
// const soap = require("soap");
const { bpReversalRequest } = require("./lib/bp-reversal-request");
const { bpInquiryRequest } = require("./lib/bp-inquiry-request");
const { bpVerifyRequest } = require("./lib/bp-verify-request");
const { bpPayRequest } = require("./lib/bp-pay-request");
const { bpSettleRequest } = require("./lib/bp-settle-request");
const {
bpCumulativeDynamicPayRequest,
} = require("./lib/bp-cumulative-dynamic-pay-request");
const {
taavonSendData,
taavonSendDataZarinPal,
taavonSendDataZarinPalLink,
} = require("./lib/taavon-send-data");
const { getAllCities } = require("./lib/getAllCities");
const { getAllProvinces } = require("./lib/getAllProvinces");
const { MongoClient, ObjectId } = require("mongodb");
// MongoDB for SEP pay requests (use MONGODB_URI env to override)
const MONGODB_URI =
process.env.MONGODB_URI ||
"mongodb://root:2pCCFs4wrsLDsO1pjQVA9jORT2WCjLNO5uauS6FUUaGLXCcfjw28IJmAO8RxlEJN@31.7.78.133:14365/?authSource=admin";
const SEP_DB_NAME = "rasadyar";
const SEP_COLLECTION = "sepPayRequests";
let mongoClient = null;
async function getMongoClient() {
if (!mongoClient) {
mongoClient = new MongoClient(MONGODB_URI);
await mongoClient.connect();
}
return mongoClient;
}
async function getSepPayCollection() {
const client = await getMongoClient();
return client.db(SEP_DB_NAME).collection(SEP_COLLECTION);
}
// var _soap2 = _interopRequireDefault(_soap);
// var behpardakhtClient;
// _soap2.default.createClient(
// apiUrl,
// {
// overrideRootElement: {
// namespace: "ns1",
// },
// },
// function (error, client) {
// if (error) {
// // return callback(error);
// console.log("error", error);
// }
// console.log("Behpardakht Client Is Ready!");
// behpardakhtClient = client;
// // return callback(null);
// return null;
// }
// );
app.post("/cumulative-dynamic-pay-request", async (req, res) => {
// const orderId = moment().valueOf();
const orderId = req.body.orderId;
const amount = req.body.amount;
const additionalData = req.body.additionalData;
// let payRequestResult = await bpPayRequest(
// parseInt(orderId),
// 10000,
// "ok",
// "https://rasadyar.net/verify-payment"
// );
// additionalData: "9700383709,10000,0;1031990414,10000,0;",
let payRequestResult = await bpCumulativeDynamicPayRequest(
parseInt(orderId),
amount,
additionalData,
"https://rasadyar.net/verify-payment",
);
const payRequestRes = payRequestResult.return.split(",");
const responseCode = payRequestRes[0];
const refId = payRequestRes[1];
if (parseInt(responseCode) === 0) {
return res.json({ refId });
}
console.log("error: ", payRequestResult);
return res
.status(400)
.json({ error: desribtionStatusCode(parseInt(payRequestResult)) });
// var now = new Date();
// const bpPayRequestCallback = function (error, result) {
// console.log(result, "gggggg");
// if (error) {
// console.log("error", error);
// }
// var parsed = result.return.split(",");
// if (parsed.length < 2) {
// return {
// resCode: Number(parsed[0]),
// rawResCode: parsed[0],
// refId: null,
// };
// }
// var refId = parsed[1];
// // const redirectUrl = `https://bpm.shaparak.ir/pgwchannel/startpay.mellat?RefId=${refId}`;
// // // Redirect the user to the constructed URL
// // res.set('Referrer', 'https://rasadyar.net'); // Set the Referrer header
// // res.redirect(redirectUrl);
// return res.json({
// resCode: 0,
// rawResCode: "0",
// refId: refId,
// });
// };
// const localDate = moment().format("YYYYMMDD");
// const localTime = moment().format("HHmmss");
// const orderId = moment().valueOf();
// behpardakhtClient.bpPayRequest(
// {
// terminalId: 7269507,
// userName: "7269507",
// userPassword: "66506956",
// orderId: parseInt(orderId),
// amount: 10000,
// localDate: localDate,
// localTime: localTime,
// additionalData: "",
// payerId: 0,
// callBackUrl: "https://rasadyar.net/verify-payment", // Payment Callback URL
// },
// bpPayRequestCallback
// );
});
async function reversePay(orderId, saleOrderId, saleReferenceId) {
let resultReversePay = await bpReversalRequest(
orderId,
saleOrderId,
saleReferenceId,
);
resultReversePay = resultReversePay.return;
console.log(resultReversePay);
}
function desribtionStatusCode(statusCode) {
switch (statusCode) {
case 0:
return "ﺗﺮاﻛﻨﺶ_ﺑﺎ_ﻣﻮﻓﻘﻴﺖ_اﻧﺠﺎم_ﺷﺪ";
case 11:
return "ﺷﻤﺎره_ﻛﺎرت_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 12:
return "ﻣﻮﺟﻮدي_ﻛﺎﻓﻲ_ﻧﻴﺴﺖ";
case 13:
return "رﻣﺰ_ﻧﺎدرﺳﺖ_اﺳﺖ";
case 14:
return "ﺗﻌﺪاد_دﻓﻌﺎت_وارد_ﻛﺮدن_رﻣﺰ_ﺑﻴﺶ_از_ﺣﺪ_ﻣﺠﺎز_اﺳﺖ";
case 15:
return "ﻛﺎرت_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 16:
return "دﻓﻌﺎت_ﺑﺮداﺷﺖ_وﺟﻪ_ﺑﻴﺶ_از_ﺣﺪ_ﻣﺠﺎز_اﺳﺖ";
case 17:
return "ﻛﺎرﺑﺮ_از_اﻧﺠﺎم_ﺗﺮاﻛﻨﺶ_ﻣﻨﺼﺮف_ﺷﺪه_اﺳﺖ";
case 18:
return "ﺗﺎرﻳﺦ_اﻧﻘﻀﺎي_ﻛﺎرت_ﮔﺬﺷﺘﻪ_اﺳﺖ";
case 19:
return "ﻣﺒﻠﻎ_ﺑﺮداﺷﺖ_وﺟﻪ_ﺑﻴﺶ_از_ﺣﺪ_ﻣﺠﺎز_اﺳﺖ";
case 111:
return "ﺻﺎدر_ﻛﻨﻨﺪه_ﻛﺎرت_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 112:
return "ﺧﻄﺎي_ﺳﻮﻳﻴﭻ_ﺻﺎدر_ﻛﻨﻨﺪه_ﻛﺎرت";
case 113:
return "ﭘﺎﺳﺨﻲ_از_ﺻﺎدر_ﻛﻨﻨﺪه_ﻛﺎرت_درﻳﺎﻓﺖ_ﻧﺸﺪ";
case 114:
return "دارﻧﺪه_ﻛﺎرت_ﻣﺠﺎز_ﺑﻪ_اﻧﺠﺎم_اﻳﻦ_ﺗﺮاﻛﻨﺶ_ﻧﻴﺴﺖ";
case 21:
return "ﭘﺬﻳﺮﻧﺪه_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 23:
return "ﺧﻄﺎي_اﻣﻨﻴﺘﻲ_رخ_داده_اﺳﺖ";
case 24:
return "اﻃﻼﻋﺎت_ﻛﺎرﺑﺮي_ﭘﺬﻳﺮﻧﺪه_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 25:
return "ﻣﺒﻠﻎ_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 31:
return "ﭘﺎﺳﺦ_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 32:
return "ﻓﺮﻣﺖ_اﻃﻼﻋﺎت_وارد_ﺷﺪه_ﺻﺤﻴﺢ_ﻧﻤﻲ_ﺑﺎﺷﺪ";
case 33:
return "ﺣﺴﺎب_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 34:
return "ﺧﻄﺎي_ﺳﻴﺴﺘﻤﻲ";
case 35:
return "ﺗﺎرﻳﺦ_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 41:
return "ﺷﻤﺎره_درﺧﻮاﺳﺖ_ﺗﻜﺮاري_اﺳﺖ";
case 42:
return "ﺗﺮاﻛﻨﺶ_Sale_یافت_نشد_";
case 43:
return "ﻗﺒﻼ_Verify_درﺧﻮاﺳﺖ_داده_ﺷﺪه_اﺳﺖ";
case 44:
return "درخواست_verify_یافت_نشد";
case 45:
return "ﺗﺮاﻛﻨﺶ_Settle_ﺷﺪه_اﺳﺖ";
case 46:
return "ﺗﺮاﻛﻨﺶ_Settle_نشده_اﺳﺖ";
case 47:
return "ﺗﺮاﻛﻨﺶ_Settle_یافت_نشد";
case 48:
return "تراکنش_Reverse_شده_است";
case 49:
return "تراکنش_Refund_یافت_نشد";
case 412:
return "شناسه_قبض_نادرست_است";
case 413:
return "ﺷﻨﺎﺳﻪ_ﭘﺮداﺧﺖ_ﻧﺎدرﺳﺖ_اﺳﺖ";
case 414:
return "سازﻣﺎن_ﺻﺎدر_ﻛﻨﻨﺪه_ﻗﺒﺾ_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 415:
return "زﻣﺎن_ﺟﻠﺴﻪ_ﻛﺎري_ﺑﻪ_ﭘﺎﻳﺎن_رسیده_است";
case 416:
return "ﺧﻄﺎ_در_ﺛﺒﺖ_اﻃﻼﻋﺎت";
case 417:
return "ﺷﻨﺎﺳﻪ_ﭘﺮداﺧﺖ_ﻛﻨﻨﺪه_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 418:
return "اﺷﻜﺎل_در_ﺗﻌﺮﻳﻒ_اﻃﻼﻋﺎت_ﻣﺸﺘﺮي";
case 419:
return "ﺗﻌﺪاد_دﻓﻌﺎت_ورود_اﻃﻼﻋﺎت_از_ﺣﺪ_ﻣﺠﺎز_ﮔﺬﺷﺘﻪ_اﺳﺖ";
case 421:
return "IP_نامعتبر_است";
case 51:
return "ﺗﺮاﻛﻨﺶ_ﺗﻜﺮاري_اﺳﺖ";
case 54:
return "ﺗﺮاﻛﻨﺶ_ﻣﺮﺟﻊ_ﻣﻮﺟﻮد_ﻧﻴﺴﺖ";
case 55:
return "ﺗﺮاﻛﻨﺶ_ﻧﺎﻣﻌﺘﺒﺮ_اﺳﺖ";
case 61:
return "ﺧﻄﺎ_در_واریز";
}
return "";
}
app.post("/verify-payment", async (req, res) => {
let Run_bpReversalRequest = false;
let saleReferenceId = -999;
let saleOrderId = -999;
let resultCode_bpPayRequest;
if (
req.body === null ||
req.body?.ResCode === null ||
req.body?.SaleOrderId === null ||
req.body?.SaleReferenceId === null ||
req.body?.CardHolderPan === null
) {
return res
.status(422)
.json({ error: "پارامترهای لازم از طرف بانک ارسال نشد." });
}
saleReferenceId = parseInt(req.body.SaleReferenceId, 10);
saleOrderId = parseInt(req.body.SaleOrderId, 10);
resultCode_bpPayRequest = parseInt(req.body.ResCode);
const finalAmount = req.body.FinalAmount;
const refId = req.body.RefId;
const cardHolderPan = req.body.CardHolderPan;
//Result Code
let resultCode_bpinquiryRequest = "-9999";
let resultCode_bpSettleRequest = "-9999";
let resultCode_bpVerifyRequest = "-9999";
let redirectUrlError = "";
const provinceCode = saleOrderId.toString().substring(0, 2);
if (provinceCode === "10") {
redirectUrlError = `https://check.rasadyar.net/payment?error=`;
} else if (provinceCode === "15") {
redirectUrlError = `https://sha.rasadyar.net/payment?error=`;
} else if (provinceCode === "18") {
redirectUrlError = `https://ha.rasadyar.net/payment?error=`;
} else if (provinceCode === "91") {
redirectUrlError = `https://ar.rasadyar.net/payment?error=`;
} else if (provinceCode === "47") {
redirectUrlError = `https://ma.rasadyar.net/payment?error=`;
}
if (parseInt(resultCode_bpPayRequest) === 17) {
const error = desribtionStatusCode(parseInt(resultCode_bpPayRequest));
console.log("uwuwuwuwuwuwu", error);
await taavonSendData(saleOrderId, { error, refId });
return res.redirect(redirectUrlError + "کاربر از انجام تراکنش منصرف شد!");
}
if (resultCode_bpPayRequest === 0) {
//verify request
resultCode_bpVerifyRequest = await bpVerifyRequest(
saleOrderId,
saleOrderId,
saleReferenceId,
);
resultCode_bpVerifyRequest = resultCode_bpVerifyRequest.return;
console.log("bpVerifyRequest:" + resultCode_bpVerifyRequest);
if (
resultCode_bpVerifyRequest === null ||
resultCode_bpVerifyRequest.length === 0
) {
//Inquiry Request
resultCode_bpinquiryRequest = await bpInquiryRequest(
saleOrderId,
saleOrderId,
saleReferenceId,
);
resultCode_bpinquiryRequest = parseInt(
resultCode_bpinquiryRequest.return,
);
console.log("bpinquiryRequest" + resultCode_bpinquiryRequest);
if (resultCode_bpinquiryRequest !== 0) {
reversePay(saleOrderId, saleOrderId, saleReferenceId);
const error = desribtionStatusCode(resultCode_bpinquiryRequest);
await taavonSendData(saleOrderId, { error, refId });
return res.json({ error });
}
}
if (
parseInt(resultCode_bpVerifyRequest) === 0 ||
resultCode_bpinquiryRequest === 0
) {
//SettleRequest
resultCode_bpSettleRequest = await bpSettleRequest(
saleOrderId,
saleOrderId,
saleReferenceId,
);
resultCode_bpSettleRequest = parseInt(resultCode_bpSettleRequest.return);
//ﺗﺮاﻛﻨﺶ_Settle_ﺷﺪه_اﺳﺖ
//ﺗﺮاﻛﻨﺶ_ﺑﺎ_ﻣﻮﻓﻘﻴﺖ_اﻧﺠﺎم_ﺷﺪ
if (
resultCode_bpSettleRequest === 0 ||
resultCode_bpSettleRequest === 45
) {
//success payment
const data = {
saleReferenceId,
saleOrderId,
cardHolderPan,
date: new Date(),
finalAmount,
refId,
};
let redirectUrl = "";
let subDomain = "test";
const provinceCode = saleOrderId.toString().substring(0, 2);
console.log({ data, provinceCode });
if (provinceCode === "10") {
subDomain = "test";
redirectUrl = `https://check.rasadyar.net/payment?finalAmount=${finalAmount}&saleOrderId=${saleOrderId}&cardHolderPan=${cardHolderPan}&date=${data.date}&saleReferenceId=${saleReferenceId}`;
} else if (provinceCode === "15") {
subDomain = "sha";
redirectUrl = `https://sha.rasadyar.net/payment?finalAmount=${finalAmount}&saleOrderId=${saleOrderId}&cardHolderPan=${cardHolderPan}&date=${data.date}&saleReferenceId=${saleReferenceId}`;
} else if (provinceCode === "18") {
subDomain = "ha";
redirectUrl = `https://ha.rasadyar.net/payment?finalAmount=${finalAmount}&saleOrderId=${saleOrderId}&cardHolderPan=${cardHolderPan}&date=${data.date}&saleReferenceId=${saleReferenceId}`;
} else if (provinceCode === "91") {
subDomain = "ar";
redirectUrl = `https://ar.rasadyar.net/payment?finalAmount=${finalAmount}&saleOrderId=${saleOrderId}&cardHolderPan=${cardHolderPan}&date=${data.date}&saleReferenceId=${saleReferenceId}`;
} else if (provinceCode === "47") {
subDomain = "ma";
redirectUrl = `https://ma.rasadyar.net/payment?finalAmount=${finalAmount}&saleOrderId=${saleOrderId}&cardHolderPan=${cardHolderPan}&date=${data.date}&saleReferenceId=${saleReferenceId}`;
}
//save success payment into db
const url = `https://${subDomain}backend.rasadyar.com/wage_payment_final_step/`;
const options = {
method: "POST",
body: JSON.stringify(data),
headers: {
"Content-Type": "application/json",
},
};
try {
const r = await fetch(url, options);
} catch (error) {
return res.json({ error: "اطلاعات پرداخت ذخیره نشد!" });
}
return res.redirect(redirectUrl);
}
} else {
if (saleOrderId != -999 && saleReferenceId != -999) {
if (resultCode_bpPayRequest !== 17)
reversePay(saleOrderId, saleOrderId, saleReferenceId);
}
const error = desribtionStatusCode(resultCode_bpVerifyRequest);
try {
await taavonSendData(saleOrderId, { error, refId });
} catch (error) {
return res.json({ error: "اطلاعات پرداخت ذخیره نشد!" });
}
return res.json({ error });
}
} else {
if (saleOrderId != -999 && saleReferenceId != -999) {
if (resultCode_bpPayRequest !== 17)
reversePay(saleOrderId, saleOrderId, saleReferenceId);
const error = desribtionStatusCode(resultCode_bpPayRequest);
try {
taavonSendData(saleOrderId, { error, refId });
} catch (error) {
return res.json({ error: "اطلاعات پرداخت ذخیره نشد!" });
}
return res.json({ error });
}
}
});
//zarinpal ---------------------------------------------------------------------------------------------------
const MERCHANT_ID = "7ad4aa9d-a153-4b94-b850-552ecf690a4a";
const ZARINPAL_API = "https://api.zarinpal.com/pg/v4/payment/request.json";
const ZARINPAL_API_VERIFY =
"https://api.zarinpal.com/pg/v4/payment/verify.json";
app.post("/zarinpay", async (req, res) => {
const { amount, description, provincecode, wages, isLink } = req.body;
if (!amount || !description) {
return res.status(400).send("Invalid request parameters");
}
const parsedAmount = parseInt(amount);
if (isNaN(parsedAmount)) {
return res.status(400).send("Invalid amount");
}
try {
const response = await axios.post(
ZARINPAL_API,
{
merchant_id: MERCHANT_ID,
amount: parsedAmount,
description: description,
callback_url: `https://pay.rasadyar.com/zarinverify/?amount=${amount}&province=${provincecode}&isLink=${isLink}`,
wages: wages,
},
{
headers: {
"Content-Type": "application/json",
accept: "application/json",
},
},
);
if (response.data.data.authority) {
return res.status(201).json(response.data.data);
} else {
return res
.status(500)
.json({ error: "Error Init Payment", data: response.data.errors });
}
console.log("Verification response: ", response.data);
} catch (error) {
return res
.status(500)
.json({ error: "Error in accessing ZarinPal", data: error });
}
});
app.get("/zarinverify", async (req, res) => {
const { Authority, Status, amount, province, isLink } = req.query;
if (!Authority || !Status || !amount || !province) {
return res.status(400).send("Invalid request parameters");
}
if (Status === "OK") {
try {
const response = await axios.post(
ZARINPAL_API_VERIFY,
{
merchant_id: MERCHANT_ID,
authority: Authority,
amount: amount,
},
{
headers: {
"Content-Type": "application/json",
accept: "application/json",
},
},
);
console.log("Verification response in verify: ", response.data);
if (response.data.data.code === 100 || response.data.data.code === 101) {
let redirectUrl = `https://rasadyar.net/payment?finalAmount=${amount}&cardHolderPan=${
response.data.data.card_pan
}&date=${new Date()}&saleReferenceId=${response.data.data.ref_id}`;
let subDomain = "";
// if (province.substring(0, 2) === "10") {
// subDomain = "test";
// redirectUrl = `https://check.rasadyar.net/payment?finalAmount=${amount}&cardHolderPan=${
// response.data.data.card_pan
// }&date=${new Date()}&saleReferenceId=${response.data.data.ref_id}`;
// } else if (province.substring(0, 2) === "15") {
// subDomain = "sha";
// redirectUrl = `https://sha.rasadyar.net/payment?finalAmount=${amount}&cardHolderPan=${
// response.data.data.card_pan
// }&date=${new Date()}&saleReferenceId=${response.data.data.ref_id}`;
// } else if (province.substring(0, 2) === "18") {
// subDomain = "ha";
// redirectUrl = `https://ha.rasadyar.net/payment?finalAmount=${amount}&cardHolderPan=${
// response.data.data.card_pan
// }&date=${new Date()}&saleReferenceId=${response.data.data.ref_id}`;
// } else if (province.substring(0, 2) === "91") {
// subDomain = "ar";
// redirectUrl = `https://ar.rasadyar.net/payment?finalAmount=${amount}&cardHolderPan=${
// response.data.data.card_pan
// }&date=${new Date()}&saleReferenceId=${response.data.data.ref_id}`;
// } else if (province.substring(0, 2) === "47") {
// subDomain = "ma";
// redirectUrl = `https://ma.rasadyar.net/payment?finalAmount=${amount}&cardHolderPan=${
// response.data.data.card_pan
// }&date=${new Date()}&saleReferenceId=${response.data.data.ref_id}`;
// }
if (isLink) {
await taavonSendDataZarinPalLink(province, {
authority: Authority,
refId: response.data.data.ref_id,
cardHolderPan: response.data.data.card_pan,
});
} else {
await taavonSendDataZarinPal(province, {
authority: Authority,
refId: response.data.data.ref_id,
cardHolderPan: response.data.data.card_pan,
});
}
return res.redirect(redirectUrl);
}
} catch (error) {
res.status(400).send("Payment was not successful.");
}
} else {
let redirectUrlError = `https://rasadyar.net/payment?error=`;
// if (province.substring(0, 2) === "10") {
// redirectUrlError = `https://check.rasadyar.net/payment?error=`;
// } else if (province.substring(0, 2) === "15") {
// redirectUrlError = `https://sha.rasadyar.net/payment?error=`;
// } else if (province.substring(0, 2) === "18") {
// redirectUrlError = `https://ha.rasadyar.net/payment?error=`;
// } else if (province.substring(0, 2) === "91") {
// redirectUrlError = `https://ar.rasadyar.net/payment?error=`;
// } else if (province.substring(0, 2) === "47") {
// redirectUrlError = `https://ma.rasadyar.net/payment?error=`;
// }
await taavonSendDataZarinPal(province, {
error: "کاربر از انجام تراکنش منصرف شد!",
authority: Authority,
});
return res.redirect(redirectUrlError + "کاربر از انجام تراکنش منصرف شد!");
}
});
//sadad ---------------------------------------------------------------------------------------------------
const encrypt_pkcs7 = (data, key) => {
const keyHex = CryptoJS.enc.Base64.parse(key);
const encrypted = CryptoJS.TripleDES.encrypt(data, keyHex, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7,
});
return encrypted.toString();
};
app.post("/sadad-get-token", async (req, res) => {
const { data } = req.body;
try {
const response = await axios.post(
"https://sadad.shaparak.ir/api/v0/Request/PaymentRequest",
data,
{
headers: {
"Content-Type": "application/json",
Referer: "https://rasadyar.net/",
},
},
);
res.status(201).send(response.data);
} catch (error) {
res.status(500).send(error.message);
}
});
app.post("/sadad-request-payment", async (req, res) => {
const now = new Date();
const { OrderId, Amount, province } = req.body;
const month = String(now.getMonth() + 1).padStart(2, "0");
const day = String(now.getDate()).padStart(2, "0");
const year = now.getFullYear();
const hours = now.getHours();
const minutes = String(now.getMinutes()).padStart(2, "0");
const seconds = String(now.getSeconds()).padStart(2, "0");
const ampm = hours >= 12 ? "pm" : "am";
const formattedHours = hours % 12 || 12;
const key = "H8eOhSGAeKol46gNfb39dqbMFn0VJKbe";
const MerchantId = "000000140345422";
const TerminalId = "24107875";
const LocalDateTime = `${month}/${day}/${year} ${formattedHours}:${minutes}:${seconds} ${ampm}`;
const ReturnUrl = `https://rasadyar.net/sadad-verify?province=${province}&Amount=${Amount}`;
const dataToEncrypt = `${TerminalId};${OrderId};${Amount}`;
// Encrypt the data
const SignData = encrypt_pkcs7(dataToEncrypt, key);
const data = {
Amount: Amount,
OrderId: OrderId,
LocalDateTime: LocalDateTime,
ReturnUrl: ReturnUrl,
SignData: SignData,
TerminalId: TerminalId,
MerchantId: MerchantId,
};
console.log("Request Data:", data);
try {
const response = await axios.post(
"https://rasadyar.net/sadad-get-token",
{ data: data },
{
headers: {
"Content-Type": "application/json",
Referer: "https://rasadyar.net/",
},
},
);
const responseData = response.data;
if (responseData.ResCode === 0) {
res.status(201).send(responseData);
} else {
res.status(400).send(responseData);
}
} catch (error) {
res.status(500).send(error.message);
}
});
//asanpardakht ---------------------------------------------------------------------------------------------
app.post("/asanpay", async (req, res) => {
const { price } = req.body;
const orderId = Math.floor(Math.random() * 1000000);
const localDate = new Date()
.toISOString()
.replace(/T/, " ")
.replace(/\..+/, "");
const additionalData = "";
const callBackUrl = "https://rasadyar.net/asanverify";
const reqString = `1,${config.username},${config.password},${orderId},${price},${localDate},${additionalData},${callBackUrl},0`;
const encryptedRequest = await encryptWS(reqString);
const soapClient = await soap.createClientAsync(config.WebServiceUrl);
const args = {
merchantConfigurationID: config.merchantConfigurationID,
encryptedRequest: encryptedRequest,
};
soapClient.RequestOperation(args, (err, result) => {
if (err) {
res.status(500).send("خطا در فراخوانی وبسرویس.");
} else {
const response = result.RequestOperationResult;
if (response.startsWith("0,")) {
const refId = response.slice(2);
res.redirect(`https://asan.shaparak.ir/?RefId=${refId}`);
} else {
res.status(400).send(`خطای شماره: ${response}`);
}
}
});
});
app.post("/asanverify", async (req, res) => {
const { ReturningParams } = req.body;
const decryptedParams = await decryptWS(ReturningParams);
const params = decryptedParams.split(",");
if (params[3] !== "0" && params[3] !== "00") {
return res.status(400).send(`تراکنش ناموفق
خطای شماره: ${params[3]}`);
}
const encryptedCredintials = await encryptWS(
`${config.username},${config.password}`,
);
const soapClient = await soap.createClientAsync(config.WebServiceUrl);
const verifyArgs = {
merchantConfigurationID: config.merchantConfigurationID,
encryptedCredentials: encryptedCredintials,
payGateTranID: params[5],
};
soapClient.RequestVerification(verifyArgs, (err, verifyResult) => {
if (err || verifyResult.RequestVerificationResult !== "500") {
return res
.status(500)
.send(
`خطای شماره: ${verifyResult.RequestVerificationResult} در هنگام Verify`,
);
}
soapClient.RequestReconciliation(verifyArgs, (err, settlementResult) => {
if (err || settlementResult.RequestReconciliationResult !== "600") {
return res
.status(500)
.send(
`خطای شماره: ${settlementResult.RequestReconciliationResult} در هنگام Settlement`,
);
}
res.send(
'تراکنش با موفقیت انجام پذیرفت.
',
);
});
});
});
//sep -------------------------------------------------------------------------------------------------
function generateRandomString() {
const numbers = "0123456789";
const lowerCase = "abcdefghijklmnopqrstuvwxyz";
const upperCase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const specialChars = "!@#$%^&*()_+-=[]{}|;:,.<>?";
const getRandomChar = (chars) =>
chars[Math.floor(Math.random() * chars.length)];
const num = getRandomChar(numbers);
const lower = getRandomChar(lowerCase);
const upper = getRandomChar(upperCase);
const special = getRandomChar(specialChars);
const combined = [num, lower, special, upper].join("");
return combined
.split("")
.sort(() => Math.random() - 0.5)
.join("");
}
const SEP_TERMINAL_ID = 21608844;
const SEP_TERMINAL_PASS = 9238787;
const SEP_API = "https://sep.shaparak.ir/onlinepg/onlinepg";
const SEP_API_VERIFY =
"https://sep.shaparak.ir/verifyTxnRandomSessionkey/ipg/VerifyTransaction";
app.post("/sep-pay-request", async (req, res) => {
const { amount, phone, provincecode, isLink, wages } = req.body;
if (!amount) {
return res.status(400).send("Invalid request parameters");
}
const parsedAmount = parseInt(amount);
if (isNaN(parsedAmount)) {
return res.status(400).send("Invalid amount");
}
const resNum = generateRandomString();
const redirectUrl = `https://pay.rasadyar.net/sepverify/?Amount=${amount}&province=${provincecode}&isLink=${isLink}`;
try {
const response = await axios.post(
SEP_API,
{
action: "token",
TerminalId: SEP_TERMINAL_ID,
Amount: parsedAmount,
ResNum,
RedirectUrl: redirectUrl,
CellNumber: phone,
SettlementIBANInfo: wages,
// TranType: "Government",
},
{
headers: {
"Content-Type": "application/json",
accept: "application/json",
},
},
);
// Save to MongoDB before returning
try {
const coll = await getSepPayCollection();
const token = response.data?.Token ?? response.data?.token ?? null;
await coll.insertOne({
amount: parsedAmount,
amountRaw: amount,
phone: phone || null,
provincecode: provincecode || null,
isLink: isLink || null,
wages: wages || null,
resNum,
redirectUrl,
token,
rawResponse: response.data,
verified: false,
refNum: null,
traceNo: null,
securePan: null,
createdAt: new Date(),
updatedAt: new Date(),
});
} catch (dbErr) {
console.error("SEP pay request: failed to save to DB", dbErr);
}
return res.status(201).json(response.data);
} catch (error) {
return res
.status(500)
.json({ error: "Error in accessing SEP", data: error });
}
});
app.post("/sepverify", async (req, res) => {
const { State, Amount, RefNum, Token, TraceNo, SecurePan } = req.body;
const { province, isLink } = req.query;
if (!State || !Amount || !Token || !province || !isLink) {
return res.status(400).send("Missing required parameters");
}
if (State === "OK") {
try {
const response = await axios.post(
SEP_API_VERIFY,
{ RefNum: RefNum, TerminalNumber: SEP_TERMINAL_ID },
{
headers: {
"Content-Type": "application/json",
accept: "application/json",
},
},
);
if (response.data.ResultCode === 0) {
let redirectUrl = `https://rasadyar.net/payment?finalAmount=${Amount}&cardHolderPan=${SecurePan}&date=${new Date()}&saleReferenceId=${TraceNo}`;
if (isLink) {
await taavonSendDataZarinPalLink(province, {
authority: Token,
refId: TraceNo,
cardHolderPan: SecurePan,
});
} else {
await taavonSendDataZarinPal(province, {
authority: Token,
refId: TraceNo,
cardHolderPan: SecurePan,
});
}
return res.redirect(redirectUrl);
}
} catch (error) {
await taavonSendDataZarinPal(province, {
error: "تراکنش نامشخص!",
authority: Token,
});
return res.redirect(redirectUrlError + "تراکنش نامشخص!");
}
} else {
let redirectUrlError = `https://rasadyar.net/payment?error=`;
await taavonSendDataZarinPal(province, {
error: "کاربر از انجام تراکنش منصرف شد!",
authority: Token,
});
return res.redirect(redirectUrlError + "کاربر از انجام تراکنش منصرف شد!");
}
});
app.get("/sep-pay-requests/gui", async (req, res) => {
const basePath =
(req.baseUrl || "").replace(/\/sep-pay-requests\/gui$/, "") || "";
const listPath = basePath
? basePath + "/sep-pay-requests"
: "/sep-pay-requests";
const submitPathPrefix = basePath
? basePath + "/sep-pay-request/"
: "/sep-pay-request/";
let list = [];
try {
const coll = await getSepPayCollection();
const raw = await coll
.find({})
.sort({ createdAt: -1 })
.limit(500)
.toArray();
list = raw.map((doc) => ({
...doc,
_id: doc._id ? doc._id.toString() : doc._id,
}));
} catch (err) {
console.error("sep-pay-requests gui list error", err);
}
const listJson = JSON.stringify(list)
.replace(/\u2028/g, "\\u2028")
.replace(/\u2029/g, "\\u2029")
.replace(//g, "\\u003e")
.replace(/\\/g, "\\\\")
.replace(/"/g, '\\"');
const html = `
SEP Pay Requests
درخواستهای پرداخت SEP
API لیست (JSON)
`;
res.setHeader("Content-Type", "text/html; charset=utf-8");
res.send(html);
});
// List all SEP pay requests (API)
app.get("/sep-pay-requests", async (req, res) => {
try {
const coll = await getSepPayCollection();
const list = await coll
.find({})
.sort({ createdAt: -1 })
.limit(500)
.toArray();
// Ensure _id is string for GUI
const listWithIds = list.map((doc) => ({
...doc,
_id: doc._id ? doc._id.toString() : doc._id,
}));
return res.json(listWithIds);
} catch (err) {
console.error("sep-pay-requests list error", err);
return res.status(500).json({ error: err.message });
}
});
// Manual submit to Taavon (like sepverify does) - use stored or body: authority, refId, cardHolderPan
app.post("/sep-pay-request/:id/submit", async (req, res) => {
const id = req.params.id;
const { authority, refId, cardHolderPan } = req.body;
try {
const coll = await getSepPayCollection();
const doc = await coll.findOne({ _id: new ObjectId(id) });
if (!doc) {
return res.status(404).json({ error: "Record not found" });
}
const province = (doc.provincecode || "").toString().substring(0, 2);
const isLink =
doc.isLink === true || doc.isLink === "true" || doc.isLink === "1";
const data = {
authority: authority ?? doc.token,
refId: refId ?? doc.traceNo,
cardHolderPan: cardHolderPan ?? doc.securePan,
};
if (isLink) {
await taavonSendDataZarinPalLink(province, data);
} else {
await taavonSendDataZarinPal(province, data);
}
return res.json({ ok: true, message: "Submitted to Taavon" });
} catch (err) {
console.error("sep-pay-request submit error", err);
return res.status(500).json({ error: err.message });
}
});
//end sep ---------------------------------------------------------------------------------------------
// samasat crack
const getPersianDate = (daysOffset = 0) => {
const currentDate = new Date();
currentDate.setDate(currentDate.getDate() + daysOffset);
const jalaaliDate = toJalaali(
currentDate.getFullYear(),
currentDate.getMonth() + 1,
currentDate.getDate(),
);
const { jy, jm, jd } = jalaaliDate;
const formattedDate = `${jy}/${String(jm).padStart(2, "0")}/${String(
jd,
).padStart(2, "0")}`;
return formattedDate;
};
const getPersianDateForHatching = (daysOffset = 0) => {
const currentDate = new Date();
currentDate.setDate(currentDate.getDate() + daysOffset);
const jalaaliDate = toJalaali(
currentDate.getFullYear(),
currentDate.getMonth() + 1,
currentDate.getDate(),
);
const { jy, jm, jd } = jalaaliDate;
const formattedDate = `${String(jd).padStart(2, "0")}/${String(jm).padStart(
2,
"0",
)}/${jy}`;
return formattedDate;
};
const removeDateMaxFrom = getPersianDate(-10);
const removeDateMaxFromForHatching = getPersianDateForHatching(-60);
const removeDateMaxTo = getPersianDate(0);
const removeDateMaxToForHatching = getPersianDateForHatching(0);
app.post("/transporting-chickens", async (req, res) => {
const { cookie, province } = req.body;
try {
const postData = querystring.stringify({
sort: "RemoveDateMax-desc~UnitName-asc",
page: 1,
pageSize: 1000,
group: "",
aggregate: "HatchingCount-sum~RemoveCount-sum",
filter: "",
"searchVm.ProvinceLocationId": parseInt(province),
"searchVm.UnitName": "",
"searchVm.PersonFullName": "",
"searchVm.PartIdCode": "",
"searchVm.PostalCode": "",
"searchVm.EpidemiologicCode": "",
"searchVm.CapacityFemale": "",
"searchVm.BfrCode": "",
"searchVm.SourceCertId": "",
"searchVm.HatchingCount": "",
"searchVm.RemoveCount": "",
"searchVm.HatchingDateFrom": "",
"searchVm.HatchingDateTo": "",
"searchVm.PercentRemoveTakhlieFromHatchingFrom": "",
"searchVm.PercentRemoveTakhlieFromHatchingTo": "",
"searchVm.RemoveDateMinFrom": "",
"searchVm.RemoveDateMinTo": "",
"searchVm.RemoveDateMaxFrom": removeDateMaxFrom,
"searchVm.RemoveDateMaxTo": removeDateMaxTo,
"searchVm.RemoveAgeAvgFrom": "",
"searchVm.RemoveAgeAvgTo": "",
"searchVm.RemoveAgeAvgSamasatFrom": "",
"searchVm.RemoveAgeAvgSamasatTo": "",
"searchVm.RemovePartyCountFrom": "",
"searchVm.RemovePartyCountTo": "",
});
const options = {
hostname: "www.samasat.ir",
path: "/Report/BroilerCarryChickenAccordingToCarriage/_AjaxBinding",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer:
"https://www.samasat.ir/Report/BroilerCarryChickenAccordingToCarriage",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
res.json(jsonData.Data);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error" });
}
});
app.post("/transporting-chickens-details", async (req, res) => {
const { cookie, certId } = req.body;
try {
const postData = querystring.stringify({
sort: "IssueDate-desc",
page: 1,
pageSize: 1000,
group: "",
filter: "",
certId: parseInt(certId),
});
const options = {
hostname: "www.samasat.ir",
path: "/WinBroilerFlockRequest/WinBroilerFlockRequestRemoveTrackingRep/_AjaxBindingWinBroilerFlockRequestRemoveTrackingRepVw",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer:
"https://www.samasat.ir/Report/BroilerOnFlowFlocksHealthPermitReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
res.json(jsonData.Data);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error" });
}
});
app.post("/hatchings", async (req, res) => {
const { cookie, province, tableName } = req.body;
try {
const postData = querystring.stringify({
sort: "HatchingDate-desc",
page: 1,
pageSize: 1000,
group: "",
aggregate:
"HatchingCount-sum~HatchingCountInBargiri-sum~HatchingCountInTakhlie-sum~TrackingBargiriCount-sum~DiffHamlThanTakhlieCount-sum~DiffTakhlieThanHamlCount-sum~HamlMorghTotalCount-sum~HamlMorghTakhlieCount-sum~EvacuationCount-sum",
filter: "",
"searchVm.ProvinceLocationId": parseInt(province),
"searchVm.FromDate": removeDateMaxFromForHatching + " 12:00:00 ق.ظ",
"searchVm.ToDate": removeDateMaxToForHatching + " 12:00:00 ق.ظ",
"searchVm.TableName":
tableName || "Z_002_ReportTempTable_9b95c4b1b4c6441c8c333258a51827da",
"searchVm.PartIdCode": "",
"searchVm.UnitName": "",
"searchVm.PostalCode": "",
"searchVm.EpidemiologicCode": "",
"searchVm.PersonFullName": "",
"searchVm.CapacityFemaleFrom": "",
"searchVm.CapacityFemaleTo": "",
"searchVm.RequestCode": "",
"searchVm.DesCertId": "",
"searchVm.FlockAgeDayFrom": 1,
"searchVm.FlockAgeDayTo": 60,
"searchVm.HatchingDateFromPersian": "",
"searchVm.HatchingDateToPersian": "",
"searchVm.MaxHatchingDateFromPersian": "",
"searchVm.MaxHatchingDateToPersian": "",
"searchVm.TrackingStatusId": "",
"searchVm.PercentMorghToJoojeTotalFrom": "",
"searchVm.PercentMorghToJoojeTotalTo": "",
"searchVm.PercentMorghToJoojeTakhlieFrom": "",
"searchVm.PercentMorghToJoojeTakhlieTo": "",
});
const options = {
hostname: "www.samasat.ir",
path: "/Report/BroilerOnFlowFlocksHealthPermitReport/_AjaxBinding",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer:
"https://www.samasat.ir/Report/BroilerOnFlowFlocksHealthPermitReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
res.json(jsonData.Data);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error" });
}
});
app.post("/samasat-users", async (req, res) => {
const { cookie, province } = req.body;
try {
const postData = querystring.stringify({
sort: "",
page: 1,
pageSize: 3000,
group: "",
filter: "",
"searchVm.HasUnit": "True",
"searchVm.IsOtherPoultry": "False",
"searchVm.ProvinceLocationId": parseInt(province),
"searchVm.UnitTypes[0]": "Broiler",
"searchVm.UserName": "",
"searchVm.FirstName": "",
"searchVm.LastName": "",
"searchVm.Mobile": "",
"searchVm.Email": "",
"searchVm.UserIsActive": "",
"searchVm.UnitName": "",
"searchVm.EpidemiologicCode": "",
"searchVm.PartIdCode": "",
"searchVm.SystemCode": "",
"searchVm.UnitPostalCode": "",
"searchVm.UnitIsActive": "",
});
const options = {
hostname: "www.samasat.ir",
path: "/BaseInformation/BroilerUserManagement/_AjaxBinding",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer: "https://www.samasat.ir/BaseInformation/BroilerUserManagement",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
const transformedUsers = jsonData?.Data?.map(
({ Unit, Id, ...rest }) => {
let updatedUnit = Unit;
delete Unit.Id;
return {
...rest,
...updatedUnit,
PId: Id,
Province: getAllProvinces().find(
(p) => parseInt(p.id) === parseInt(province),
)?.name,
City: getAllCities().find(
(city) =>
parseInt(city.id) === parseInt(updatedUnit?.LocationIdCity),
)?.name,
};
},
);
res.json(transformedUsers);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error" });
}
});
app.post("/samasat-breeds", async (req, res) => {
const { cookie, province } = req.body;
try {
const postData = querystring.stringify({
sort: "SendDate-desc",
page: 1,
pageSize: 2000,
group: "",
aggregate: "RequestCountLong-sum~ChickCountLong-sum",
filter: "",
"searchVm.FlockRequestId": "",
"searchVm.Islegal": "True",
"searchVm.HatcheryId": "",
"searchVm.ProvinceLocationId": province,
"searchVm.PartIdCode": "",
"searchVm.UnitName": "",
"searchVm.BfrRequestCode": "",
"searchVm.CertId": "",
"searchVm.BroilerPedigreeTypeId": "",
"searchVm.SendDateFrom": removeDateMaxFrom,
"searchVm.SendDateTo": removeDateMaxTo,
"searchVm.ChickCountFrom": "",
"searchVm.ChickCountTo": "",
"searchVm.PedigreeType": "",
"searchVm.SenderUnitName": "",
"searchVm.StartDateFrom": "",
"searchVm.StartDateTo": "",
"searchVm.EndDateFrom": "",
"searchVm.EndDateTo": "",
"searchVm.RequestCountFrom": "",
"searchVm.RequestCountTo": "",
"searchVm.SystemCode": "",
"searchVm.EpidemiologicCode": "",
"searchVm.PostalCode": "",
"searchVm.CapacityFemaleFrom": "",
"searchVm.CapacityFemaleTo": "",
"searchVm.PersonNationalCodeOrId": "",
"searchVm.PersonName": "",
"searchVm.RegDateFrom": "",
"searchVm.RegDateTo": "",
});
const options = {
hostname: "www.samasat.ir",
path: "/Report/BroilerFlockRequestDetailReport/_AjaxBinding",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer:
"https://www.samasat.ir/Report/BroilerFlockRequestDetailReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
res.json(jsonData.Data);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error", error });
}
});
app.post("/samasat-license", async (req, res) => {
const { cookie, province, fromDate, toDate } = req.body;
try {
const postData = querystring.stringify({
sort: "InsertDate-desc",
page: 1,
pageSize: 100000,
group: "",
filter: "",
"searchVm.ProvinceLocationId": province,
"searchVm.Islegal": "True",
"searchVm.PartIdCode": "",
"searchVm.UnitName": "",
"searchVm.StatusIds[0]": 2,
"searchVm.StatusIds[1]": 3,
"searchVm.StatusIds[2]": 4,
"searchVm.StatusIds[3]": 5,
"searchVm.StatusIds[4]": 17,
"searchVm.UnionTypeFilter": "",
"searchVm.SystemCode": "",
"searchVm.EpidemiologicCode": "",
"searchVm.PostalCode": "",
"searchVm.CapacityFemaleFrom": "",
"searchVm.CapacityFemaleTo": "",
"searchVm.SendDateFrom": "",
"searchVm.SendDateTo": "",
"searchVm.RequestCode": "",
"searchVm.CertId": "",
"searchVm.GoodCountFrom": "",
"searchVm.GoodCountTo": "",
"searchVm.StartDateFromPersian": fromDate,
"searchVm.StartDateToPersian": toDate || "",
"searchVm.EndDateFromPersian": "",
"searchVm.EndDateToPersian": "",
"searchVm.RemindDaysFrom": "",
"searchVm.RemindDaysTo": "",
});
const options = {
hostname: "www.samasat.ir",
path: "/Report/BroilerIssuedLicensesReport/_AjaxBinding",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer: "https://www.samasat.ir/Report/BroilerIssuedLicensesReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
res.json(jsonData.Data);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error", error });
}
});
app.post("/samasat-license-transports", async (req, res) => {
const { cookie, certId } = req.body;
try {
const postData = querystring.stringify({
sort: "IssueDate-desc",
page: 1,
pageSize: 100000,
group: "",
filter: "",
certId: certId,
});
const options = {
hostname: "www.samasat.ir",
path: "/WinBroilerFlockRequest/WinBroilerFlockRequestRemoveTrackingRep/_AjaxBindingWinBroilerFlockRequestRemoveTrackingRepVw",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer: "https://www.samasat.ir/Report/BroilerIssuedLicensesReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
res.json(jsonData.Data);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error", error });
}
});
app.post("/samasat-good-sum", async (req, res) => {
const { cookie, certId } = req.body;
try {
const postData = querystring.stringify({
sort: "IssueDate-desc",
page: 1,
pageSize: 100000,
group: "",
filter: "",
certId: certId,
});
const options = {
hostname: "www.samasat.ir",
path: "/WinBroilerFlockRequest/WinBroilerFlockRequestHatchingTrackingRep/_AjaxBindingWinBroilerFlockRequestHatchingTrackingRepVw",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer: "https://www.samasat.ir/Report/BroilerIssuedLicensesReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
res.json(
jsonData.Data?.filter(
(option) => option?.TrackingStatus === 2,
)?.reduce((acc, item) => acc + Number(item?.GoodAmount || 0), 0),
);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error", error });
}
});
app.post("/samasat-evacuation", async (req, res) => {
const { cookie, reqId } = req.body;
try {
const postData = querystring.stringify({
broilerFlockRequestId: reqId,
});
const options = {
hostname: "www.samasat.ir",
path: `/Report/BroilerCarryChickenAccordingToCarriage/_EvacuationDetailSum?broilerFlockRequestId=${reqId}`,
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer: "https://www.samasat.ir/Report/BroilerIssuedLicensesReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
if (
jsonData.SumEvacuation ||
jsonData.SumLosses ||
jsonData.SumIllness ||
jsonData.SumNaturalOccurrence ||
jsonData.SumFire
) {
if (jsonData.SumEvacuation > 0) {
res.json(jsonData.SumEvacuation);
} else {
res.json(
// jsonData.SumLosses +
jsonData.SumIllness +
jsonData.SumNaturalOccurrence +
jsonData.SumFire,
);
}
} else {
res.json(0);
}
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error", error });
}
});
app.post("/samasat-evacuation-detail", async (req, res) => {
const { cookie, certId } = req.body;
if (!cookie || !certId) {
return res
.status(400)
.json({ error: "Missing required fields: cookie or certId" });
}
try {
const postData = querystring.stringify({
sort: "ReportDate-desc",
page: 1,
pageSize: 25,
group: "",
filter: "",
certId,
});
const options = {
hostname: "www.samasat.ir",
path: "/WinBroilerFlockRequest/WinBroilerFlockRequestHatchingTrackingRep/_AjaxBindingWinBroilerFlockRequestHatchingTrackingRepVwEvacuation",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer: "https://www.samasat.ir/Report/BroilerIssuedLicensesReport",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const contentType = response.headers["content-type"] || "";
if (!contentType.toLowerCase().includes("application/json")) {
return res
.status(502)
.json({ error: "Upstream response is not JSON", body: data });
}
const jsonData = JSON.parse(data);
res.json(jsonData.Data ?? jsonData);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Request Error:", error);
res.status(500).json({ error: "Failed to fetch data" });
});
request.write(postData);
request.end();
} catch (error) {
console.error("Server Error:", error);
res.status(500).json({ error: "Internal server error", error });
}
});
app.post("/samasat-cities", async (req, res) => {
const { cookie, province } = req.body;
if (!cookie || !province) {
return res
.status(400)
.json({ error: "Missing required fields: cookie or province" });
}
const options = {
hostname: "www.samasat.ir",
path:
"/Location/_GetCities?locationIdProvince[]=" +
encodeURIComponent(province),
method: "GET",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36",
Accept: "*/*",
Referer: "https://www.samasat.ir/BaseInformation/BroilerUserManagement",
"X-Requested-With": "XMLHttpRequest",
Cookie: cookie,
Origin: "https://www.samasat.ir",
},
};
const request = https.request(options, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
const transformedData = jsonData.map((city) => ({
name: city.Text,
id: city.Value,
province: province,
}));
res.json(transformedData);
} catch (error) {
console.error("Error parsing JSON:", error.message);
res
.status(500)
.json({ error: "Invalid JSON response from external API" });
}
});
});
request.on("error", (error) => {
console.error("Error with the request:", error.message);
res.status(500).json({ error: "Failed to make request to external API" });
});
request.end();
});
app.post("/loginsamasat", async (req, res) => {
const url = "https://www.samasat.ir/Account/Login";
const payload = {
Key: "9c74474d883848248eae926cdabd25d4",
UsernameOrMobile: "03029",
Password: "at50205020",
CaptchaCode: "3334",
remember: 1,
};
const headers = {
"X-Requested-With": "XMLHttpRequest",
"Content-Type": "application/json",
};
try {
const response = await axios.post(url, payload, { headers: headers });
res.json(response.data);
} catch (error) {
res.status(500).json({
message: "Error making request to external API",
error: error.message,
});
}
});
function getRandomElement(array) {
const randomIndex = Math.floor(Math.random() * array.length);
return array[randomIndex];
}
async function performLogin() {
const getOptions = {
hostname: "ba124.ir",
path: "/Account/Login",
method: "GET",
headers: {
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36",
Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.9,fa-IR;q=0.8,fa;q=0.7",
Connection: "keep-alive",
"Sec-Fetch-Dest": "document",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-Site": "none",
"Sec-Fetch-User": "?1",
"Upgrade-Insecure-Requests": "1",
},
};
const loginPageCookies = await new Promise((resolve, reject) => {
const request = https.request(getOptions, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
const csrfMatch = data.match(
/ cookie.split(";")[0])
.join("; ");
resolve({ csrfToken, cookieString });
});
});
request.on("error", (error) => {
reject(error);
});
request.end();
});
const randomUser = getRandomElement([
4072893341, 4072452238, 4070413170, 4189617652, 4071417919, 4172069355,
]);
const postData = querystring.stringify({
NationalId: randomUser,
Password: randomUser,
__RequestVerificationToken: loginPageCookies.csrfToken,
});
const postOptions = {
hostname: "ba124.ir",
path: "/Account/Login",
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"Content-Length": Buffer.byteLength(postData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36",
Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.9,fa-IR;q=0.8,fa;q=0.7",
Connection: "keep-alive",
Cookie: loginPageCookies.cookieString,
Host: "ba124.ir",
Origin: "https://ba124.ir",
Referer: "https://ba124.ir/Account/Login",
"Sec-Fetch-Dest": "document",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-User": "?1",
"Upgrade-Insecure-Requests": "1",
},
};
const finalCookie = await new Promise((resolve, reject) => {
const request = https.request(postOptions, (response) => {
response.on("data", () => {});
response.on("end", () => {
const cookies = response.headers["set-cookie"] || [];
const cookieString = cookies
.map((cookie) => cookie.split(";")[0])
.join("; ");
const combinedCookie = loginPageCookies.cookieString
? `${loginPageCookies.cookieString}; ${cookieString}`
: cookieString;
resolve(combinedCookie);
});
});
request.on("error", (error) => {
reject(error);
});
request.write(postData);
request.end();
});
return finalCookie;
}
async function makeInquiryRequest(info, type, cookie) {
const payloadData =
type === "person"
? querystring.stringify({
nationalCode: info,
birthDateString: "1404/08/12",
})
: type === "unit"
? querystring.stringify({
NationalCode: info,
})
: JSON.stringify({
NationaId: info,
});
const requestOptions = {
hostname: "ba124.ir",
path:
type === "person"
? "/Inquiries/PersonInfo"
: type === "unit"
? "/Inquiries/CallGetLegalPersonInfoByNationalCode"
: "/Inquiries/AsnafGWLicenseInquiry",
method: "POST",
headers: {
"Content-Type":
type === "person" || type === "unit"
? "application/x-www-form-urlencoded; charset=UTF-8"
: "application/json; charset=UTF-8",
"Content-Length": Buffer.byteLength(payloadData),
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36",
Accept: "application/json, text/javascript, */*; q=0.01",
Accept_Encoding: "gzip, deflate, br, zstd",
Accept_Language: "en-US,en;q=0.9,fa-IR;q=0.8,fa;q=0.7",
Connection: "keep-alive",
Cookie: cookie,
Host: "ba124.ir",
Origin: "https://ba124.ir",
Referer:
type === "person"
? "https://ba124.ir/Inquiries/PersonInfo"
: type === "unit"
? "https://ba124.ir/Inquiries/GetLegalPersonInfoByNationalCode"
: "https://ba124.ir/Inquiries/AsnafGWLicenseInquiry",
"Sec-Ch-Ua":
'"Chromium";v="142", "Google Chrome";v="142", "Not_A Brand";v="99"',
"Sec-Ch-Ua-Mobile": "?0",
"Sec-Ch-Ua-Platform": '"Windows"',
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "same-origin",
"X-Requested-With": "XMLHttpRequest",
},
};
const finalInfo = await new Promise((resolve, reject) => {
const request = https.request(requestOptions, (response) => {
let data = "";
response.on("data", (chunk) => {
data += chunk;
});
response.on("end", () => {
try {
const jsonData = JSON.parse(data);
resolve(jsonData);
} catch (error) {
reject(new Error(`Invalid JSON response: ${error.message}`));
}
});
});
request.on("error", (error) => {
reject(error);
});
request.write(payloadData);
request.end();
});
return finalInfo;
}
app.get("/national-documents", async (req, res) => {
const { info, type } = req.query;
if (!info) {
return res.status(400).json({
error: "Missing required field: info",
});
}
try {
let finalCookie = await performLogin();
let finalInfo = await makeInquiryRequest(info, type, finalCookie);
while (finalInfo && finalInfo.error) {
console.log("Session expired, retrying login and request...");
finalCookie = await performLogin();
finalInfo = await makeInquiryRequest(info, type, finalCookie);
}
res.json(finalInfo);
} catch (error) {
res.status(500).json({
error: "Failed to fetch person info",
message: error.message,
});
}
});
app.get("/", async (req, res) => {
return res.redirect("https://rasadyar.com");
});
app.get("/health", async (req, res) => {
return res.json({ status: "server is working..." });
});
// Start the server
app.listen(port, () => {
console.log(`Server is running on http://localhost:${port}`);
});