wdevs/whatshooked
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

feat(whatsapp): 🎉 Add extended sending and template management
Some checks failed
CI / Test (1.23) (push) Failing after -24m15s
Details
CI / Test (1.22) (push) Failing after -24m12s
Details
CI / Build (push) Successful in -26m47s
Details
CI / Lint (push) Successful in -26m36s
Details

Browse Source 
* Implemented new endpoints for sending various message types:
  - Audio
  - Sticker
  - Location
  - Contacts
  - Interactive messages
  - Template messages
  - Flow messages
  - Reactions
  - Marking messages as read

* Added template management endpoints:
  - List templates
  - Upload templates
  - Delete templates

* Introduced flow management endpoints:
  - List flows
  - Create flows
  - Get flow details
  - Upload flow assets
  - Publish flows
  - Delete flows

* Added phone number management endpoints:
  - List phone numbers
  - Request verification code
  - Verify code

* Enhanced media management with delete media endpoint.

* Updated dependencies.
This commit is contained in:
Hein
2026-02-03 18:07:42 +02:00
parent 98fc28fc5f
commit a7a5831911
16 changed files with 2024 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

305
pkg/handlers/flows.go Normal file
View File

@@ -0,0 +1,305 @@
package handlers
import (
"encoding/json"
"net/http"
"git.warky.dev/wdevs/whatshooked/pkg/utils"
"git.warky.dev/wdevs/whatshooked/pkg/whatsapp/businessapi"
"go.mau.fi/whatsmeow/types"
)
// ListFlows returns all flows for the account.
// POST /api/flows {"account_id"}
func (h *Handlers) ListFlows(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
resp, err := baClient.ListFlows(r.Context())
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, resp)
}
// CreateFlow creates a new flow.
// POST /api/flows/create {"account_id","name","categories":[...],"endpoint_url"}
func (h *Handlers) CreateFlow(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
businessapi.FlowCreateRequest
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.Name == "" || len(req.Categories) == 0 {
http.Error(w, "name and categories are required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
resp, err := baClient.CreateFlow(r.Context(), req.FlowCreateRequest)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, resp)
}
// GetFlow returns details for a single flow.
// POST /api/flows/get {"account_id","flow_id"}
func (h *Handlers) GetFlow(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
FlowID string `json:"flow_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.FlowID == "" {
http.Error(w, "flow_id is required", http.StatusBadRequest)
return
}
// validate account exists and is business-api (even though GetFlow doesn't strictly need it, consistency)
if _, err := h.getBusinessAPIClient(req.AccountID); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
resp, err := baClient.GetFlow(r.Context(), req.FlowID)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, resp)
}
// UploadFlowAsset uploads a screens JSON to a DRAFT flow.
// POST /api/flows/upload {"account_id","flow_id","screens_json":"{...}"}
func (h *Handlers) UploadFlowAsset(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
FlowID string `json:"flow_id"`
ScreensJSON string `json:"screens_json"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.FlowID == "" || req.ScreensJSON == "" {
http.Error(w, "flow_id and screens_json are required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.UpdateFlowAssets(r.Context(), req.FlowID, req.ScreensJSON); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// PublishFlow publishes a DRAFT flow.
// POST /api/flows/publish {"account_id","flow_id"}
func (h *Handlers) PublishFlow(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
FlowID string `json:"flow_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.FlowID == "" {
http.Error(w, "flow_id is required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.PublishFlow(r.Context(), req.FlowID); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// DeleteFlow permanently removes a flow.
// POST /api/flows/delete {"account_id","flow_id"}
func (h *Handlers) DeleteFlow(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
FlowID string `json:"flow_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.FlowID == "" {
http.Error(w, "flow_id is required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.DeleteFlow(r.Context(), req.FlowID); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// SendFlow sends an interactive flow message.
// POST /api/send/flow {"account_id","to","flow_id","flow_token","screen_name","data":{...}}
func (h *Handlers) SendFlow(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
FlowID string `json:"flow_id"`
FlowToken string `json:"flow_token"`
ScreenName string `json:"screen_name"`
Data map[string]any `json:"data"`
Header string `json:"header"`
Body string `json:"body"`
Footer string `json:"footer"`
Dynamic bool `json:"dynamic"` // if true, use type "unpublished"
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.FlowID == "" || req.Body == "" {
http.Error(w, "flow_id and body are required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
paramType := "payload"
if req.Dynamic {
paramType = "unpublished"
}
interactive := &businessapi.InteractiveObject{
Type: "flow",
Body: &businessapi.InteractiveBody{Text: req.Body},
Action: &businessapi.InteractiveAction{
Name: "flow",
Parameters: &businessapi.FlowActionParams{
Type: paramType,
FlowToken: req.FlowToken,
Name: req.ScreenName,
Data: req.Data,
},
},
}
if req.Header != "" {
interactive.Header = &businessapi.InteractiveHeader{Type: "text", Text: req.Header}
}
if req.Footer != "" {
interactive.Footer = &businessapi.InteractiveFooter{Text: req.Footer}
}
if _, err := baClient.SendInteractive(r.Context(), jid, interactive); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}

19
pkg/handlers/handlers.go
View File

@@ -2,12 +2,14 @@ package handlers
import (
"encoding/json"
"fmt"
"net/http"
"git.warky.dev/wdevs/whatshooked/pkg/config"
"git.warky.dev/wdevs/whatshooked/pkg/hooks"
"git.warky.dev/wdevs/whatshooked/pkg/logging"
"git.warky.dev/wdevs/whatshooked/pkg/whatsapp"
"git.warky.dev/wdevs/whatshooked/pkg/whatsapp/businessapi"
)
// Handlers holds all HTTP handlers with their dependencies
@@ -57,6 +59,23 @@ func (h *Handlers) WithAuthConfig(cfg *AuthConfig) *Handlers {
return h
}
// getBusinessAPIClient looks up an account and asserts it is a Business API client.
// Returns a typed *businessapi.Client or an error with an appropriate message.
func (h *Handlers) getBusinessAPIClient(accountID string) (*businessapi.Client, error) {
if accountID == "" {
return nil, fmt.Errorf("account_id is required")
}
client, exists := h.whatsappMgr.GetClient(accountID)
if !exists {
return nil, fmt.Errorf("account %s not found", accountID)
}
baClient, ok := client.(*businessapi.Client)
if !ok {
return nil, fmt.Errorf("account %s is not a Business API account (type: %s)", accountID, client.GetType())
}
return baClient, nil
}
// writeJSON is a helper that writes JSON response and logs errors
func writeJSON(w http.ResponseWriter, v interface{}) {
if err := json.NewEncoder(w).Encode(v); err != nil {

42
pkg/handlers/media_management.go Normal file
View File

@@ -0,0 +1,42 @@
package handlers
import (
"encoding/json"
"net/http"
)
// DeleteMediaFile deletes a previously uploaded media file from Meta's servers.
// POST /api/media-delete {"account_id","media_id"}
func (h *Handlers) DeleteMediaFile(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
MediaID string `json:"media_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.MediaID == "" {
http.Error(w, "media_id is required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.DeleteMedia(r.Context(), req.MediaID); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}

115
pkg/handlers/phone_numbers.go Normal file
View File

@@ -0,0 +1,115 @@
package handlers
import (
"encoding/json"
"net/http"
)
// ListPhoneNumbers returns all phone numbers for the account.
// POST /api/phone-numbers {"account_id"}
func (h *Handlers) ListPhoneNumbers(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
resp, err := baClient.ListPhoneNumbers(r.Context())
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, resp)
}
// RequestVerificationCode sends a verification code to a phone number.
// POST /api/phone-numbers/request-code {"account_id","phone_number_id","method":"SMS"|"VOICE"}
func (h *Handlers) RequestVerificationCode(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
PhoneNumberID string `json:"phone_number_id"`
Method string `json:"method"` // "SMS" or "VOICE"
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.PhoneNumberID == "" || req.Method == "" {
http.Error(w, "phone_number_id and method are required", http.StatusBadRequest)
return
}
if req.Method != "SMS" && req.Method != "VOICE" {
http.Error(w, "method must be SMS or VOICE", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.RequestVerificationCode(r.Context(), req.PhoneNumberID, req.Method); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// VerifyCode verifies a phone number with the code received.
// POST /api/phone-numbers/verify-code {"account_id","phone_number_id","code"}
func (h *Handlers) VerifyCode(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
PhoneNumberID string `json:"phone_number_id"`
Code string `json:"code"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.PhoneNumberID == "" || req.Code == "" {
http.Error(w, "phone_number_id and code are required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.VerifyCode(r.Context(), req.PhoneNumberID, req.Code); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}

316
pkg/handlers/send_extended.go Normal file
View File

@@ -0,0 +1,316 @@
package handlers
import (
"encoding/base64"
"encoding/json"
"net/http"
"git.warky.dev/wdevs/whatshooked/pkg/utils"
"git.warky.dev/wdevs/whatshooked/pkg/whatsapp/businessapi"
"go.mau.fi/whatsmeow/types"
)
// SendAudio sends an audio message via Business API.
// POST /api/send/audio {"account_id","to","audio_data"(base64),"mime_type"}
func (h *Handlers) SendAudio(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
AudioData string `json:"audio_data"`
MimeType string `json:"mime_type"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
audioData, err := base64.StdEncoding.DecodeString(req.AudioData)
if err != nil {
http.Error(w, "Invalid base64 audio data", http.StatusBadRequest)
return
}
if req.MimeType == "" {
req.MimeType = "audio/mpeg"
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
if _, err := baClient.SendAudio(r.Context(), jid, audioData, req.MimeType); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// SendSticker sends a sticker message via Business API.
// POST /api/send/sticker {"account_id","to","sticker_data"(base64),"mime_type"}
func (h *Handlers) SendSticker(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
StickerData string `json:"sticker_data"`
MimeType string `json:"mime_type"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
stickerData, err := base64.StdEncoding.DecodeString(req.StickerData)
if err != nil {
http.Error(w, "Invalid base64 sticker data", http.StatusBadRequest)
return
}
if req.MimeType == "" {
req.MimeType = "image/webp"
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
if _, err := baClient.SendSticker(r.Context(), jid, stickerData, req.MimeType); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// SendLocation sends a location message via Business API.
// POST /api/send/location {"account_id","to","latitude","longitude","name","address"}
func (h *Handlers) SendLocation(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
Latitude float64 `json:"latitude"`
Longitude float64 `json:"longitude"`
Name string `json:"name"`
Address string `json:"address"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
if _, err := baClient.SendLocation(r.Context(), jid, req.Latitude, req.Longitude, req.Name, req.Address); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// SendContacts sends contact card(s) via Business API.
// POST /api/send/contacts {"account_id","to","contacts":[...]}
func (h *Handlers) SendContacts(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
Contacts []businessapi.SendContactObject `json:"contacts"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if len(req.Contacts) == 0 {
http.Error(w, "at least one contact is required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
if _, err := baClient.SendContacts(r.Context(), jid, req.Contacts); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// SendInteractive sends an interactive message (buttons, list, or flow).
// POST /api/send/interactive {"account_id","to","interactive":{...}}
func (h *Handlers) SendInteractive(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
Interactive *businessapi.InteractiveObject `json:"interactive"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.Interactive == nil {
http.Error(w, "interactive object is required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
if _, err := baClient.SendInteractive(r.Context(), jid, req.Interactive); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// SendReaction sends a reaction (emoji) to an existing message.
// POST /api/send/reaction {"account_id","to","message_id","emoji"}
func (h *Handlers) SendReaction(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
MessageID string `json:"message_id"`
Emoji string `json:"emoji"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.MessageID == "" || req.Emoji == "" {
http.Error(w, "message_id and emoji are required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
if err := baClient.SendReaction(r.Context(), jid, req.MessageID, req.Emoji); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// MarkAsRead marks a received message as read.
// POST /api/messages/read {"account_id","message_id"}
func (h *Handlers) MarkAsRead(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
MessageID string `json:"message_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.MessageID == "" {
http.Error(w, "message_id is required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.MarkAsRead(r.Context(), req.MessageID); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}

158
pkg/handlers/templates.go Normal file
View File

@@ -0,0 +1,158 @@
package handlers
import (
"encoding/json"
"net/http"
"git.warky.dev/wdevs/whatshooked/pkg/utils"
"git.warky.dev/wdevs/whatshooked/pkg/whatsapp/businessapi"
"go.mau.fi/whatsmeow/types"
)
// ListTemplates returns all message templates for the account.
// POST /api/templates {"account_id"}
func (h *Handlers) ListTemplates(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
resp, err := baClient.ListTemplates(r.Context())
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, resp)
}
// UploadTemplate creates a new message template.
// POST /api/templates/upload {"account_id","name","language","category","components",[...]}
func (h *Handlers) UploadTemplate(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
businessapi.TemplateUploadRequest
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.Name == "" || req.Language == "" || req.Category == "" {
http.Error(w, "name, language, and category are required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
resp, err := baClient.UploadTemplate(r.Context(), req.TemplateUploadRequest)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, resp)
}
// DeleteTemplate deletes a template by name and language.
// POST /api/templates/delete {"account_id","name","language"}
func (h *Handlers) DeleteTemplate(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
Name string `json:"name"`
Language string `json:"language"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.Name == "" || req.Language == "" {
http.Error(w, "name and language are required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if err := baClient.DeleteTemplate(r.Context(), req.Name, req.Language); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}
// SendTemplate sends a template message.
// POST /api/send/template {"account_id","to","template":{...}}
func (h *Handlers) SendTemplate(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
var req struct {
AccountID string `json:"account_id"`
To string `json:"to"`
Template *businessapi.TemplateMessageObject `json:"template"`
}
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
if req.Template == nil || req.Template.Name == "" {
http.Error(w, "template with name is required", http.StatusBadRequest)
return
}
baClient, err := h.getBusinessAPIClient(req.AccountID)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode))
if err != nil {
http.Error(w, "Invalid phone number", http.StatusBadRequest)
return
}
if _, err := baClient.SendTemplateMessage(r.Context(), jid, req.Template); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
writeJSON(w, map[string]string{"status": "ok"})
}