wdevs/whatshooked
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

feat(docker): 🚀 Update server port to 8025
Some checks failed
CI / Test (1.22) (push) Failing after -24m19s
Details
CI / Test (1.23) (push) Failing after -24m15s
Details
CI / Lint (push) Successful in -26m35s
Details
CI / Build (push) Successful in -26m34s
Details

Browse Source 
- Change default server port from 8080 to 8025 across all configurations.
- Update Dockerfile, docker-compose.yml, and related documentation.
- Ensure all CLI commands and API endpoints reflect the new port.
- Adjust example configurations and health check URLs accordingly.
This commit is contained in:
Hein
2026-02-04 13:37:38 +02:00
parent 947761313b
commit c1dbff318d
16 changed files with 270 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
README.md
View File

@@ -3,6 +3,7 @@
A Go library and service that connects to WhatsApp and forwards messages to registered webhooks. Supports both personal WhatsApp accounts (via whatsmeow) and WhatsApp Business API. Enables two-way communication by allowing webhooks to respond with messages to be sent through WhatsApp.
**Use WhatsHooked as:**
- 📦 **Go Library** - Import into your own applications for programmatic WhatsApp integration
- 🚀 **Standalone Server** - Run as a service with HTTP API and CLI management
- 🔧 **Custom Integration** - Mount individual handlers in your existing HTTP servers
@@ -59,7 +60,7 @@ Or with programmatic configuration:
```go
wh, err := whatshooked.New(
whatshooked.WithServer("0.0.0.0", 8080),
whatshooked.WithServer("0.0.0.0", 8025),
whatshooked.WithAuth("my-api-key", "", ""),
whatshooked.WithWhatsmeowAccount("personal", "+1234567890", "./session", true),
)
@@ -79,7 +80,9 @@ make build
When using personal WhatsApp accounts (whatsmeow), you'll need to pair the device on first launch. The QR code will be displayed in two ways:
### Terminal Display
The QR code is shown as ASCII art directly in the terminal:
```
========================================
WhatsApp QR Code for account: personal
@@ -89,25 +92,29 @@ Scan this QR code with WhatsApp on your phone:
[ASCII QR Code displayed here]
Or open in browser: http://localhost:8080/api/qr/personal
Or open in browser: http://localhost:8025/api/qr/personal
========================================
```
### Browser Display
For easier scanning, open the provided URL in your browser to view a larger PNG image:
- URL format: `http://localhost:8080/api/qr/{account_id}`
- URL format: `http://localhost:8025/api/qr/{account_id}`
- No authentication required for this endpoint
- The QR code updates automatically when a new code is generated
### Webhook Events
The QR code URL is also included in the `whatsapp.qr.code` event:
```json
{
"type": "whatsapp.qr.code",
"data": {
"account_id": "personal",
"qr_code": "2@...",
"qr_url": "http://localhost:8080/api/qr/personal"
"qr_url": "http://localhost:8025/api/qr/personal"
}
}
```
@@ -152,6 +159,7 @@ The system uses a central event bus to decouple components:
- Webhook responses trigger message sends
This architecture enables:
- Loose coupling between WhatsApp and webhooks
- Easy addition of new event subscribers
- Centralized event logging and monitoring
@@ -202,7 +210,7 @@ func main() {
// Your own handlers
mux.HandleFunc("/api/v1/custom", yourCustomHandler)
http.ListenAndServe(":8080", mux)
http.ListenAndServe(":8025", mux)
}
```
@@ -212,7 +220,7 @@ Configure WhatsHooked entirely in code without a config file:
```go
wh, err := whatshooked.New(
whatshooked.WithServer("0.0.0.0", 8080),
whatshooked.WithServer("0.0.0.0", 8025),
whatshooked.WithAuth("my-api-key", "", ""),
whatshooked.WithWhatsmeowAccount(
"personal",
@@ -347,6 +355,7 @@ make build
```
Or manually:
```bash
mkdir -p bin
go build -o bin/whatshook-server ./cmd/server
@@ -362,6 +371,7 @@ cp config.example.json config.json
```
Or use one of the HTTPS examples:
```bash
# Self-signed certificate (development)
cp config.https-self-signed.example.json config.json
@@ -379,7 +389,7 @@ Edit the configuration file to add your WhatsApp accounts and webhooks:
{
"server": {
"host": "localhost",
"port": 8080,
"port": 8025,
"default_country_code": "27"
},
"whatsapp": [
@@ -423,23 +433,27 @@ Edit the configuration file to add your WhatsApp accounts and webhooks:
### Configuration Options
**Server Configuration:**
- `host`: Server hostname (default: "localhost")
- `port`: Server port (default: 8080)
- `port`: Server port (default: 8025)
- `default_country_code`: Default country code for phone number formatting (e.g., "27" for South Africa, "1" for US/Canada)
- `username`: Username for HTTP Basic Authentication (optional)
- `password`: Password for HTTP Basic Authentication (optional)
- `auth_key`: API key for x-api-key header or Authorization Bearer token authentication (optional)
**WhatsApp Account Configuration:**
- `id`: Unique identifier for this account
- `type`: Client type - `"whatsmeow"` for personal or `"business-api"` for Business API (defaults to "whatsmeow")
- `phone_number`: Phone number with country code
**For whatsmeow (personal) accounts:**
- `session_path`: Path to store session data (default: `./sessions/{id}`)
- `show_qr`: Display QR code in terminal for pairing (default: false)
**For business-api accounts:**
- `business_api`: Business API configuration object
- `phone_number_id`: WhatsApp Business Phone Number ID from Meta
- `access_token`: Access token from Meta Business Manager
@@ -448,6 +462,7 @@ Edit the configuration file to add your WhatsApp accounts and webhooks:
- `verify_token`: Token for webhook verification (required for receiving messages)
**Hook Configuration:**
- `id`: Unique identifier for this hook
- `name`: Human-readable name
- `url`: Webhook URL to call
@@ -480,6 +495,7 @@ Automatically generates and manages self-signed certificates. Ideal for developm
```
Or programmatically:
```go
wh, err := whatshooked.New(
whatshooked.WithServer("0.0.0.0", 8443),
@@ -488,6 +504,7 @@ wh, err := whatshooked.New(
```
**Features:**
- Automatically generates certificates on first run
- Certificates valid for 1 year
- Auto-renewal when expiring within 30 days
@@ -516,6 +533,7 @@ Use your own certificate files from a trusted Certificate Authority (CA) or an e
```
Or programmatically:
```go
wh, err := whatshooked.New(
whatshooked.WithServer("0.0.0.0", 8443),
@@ -524,6 +542,7 @@ wh, err := whatshooked.New(
```
**Features:**
- Use certificates from any CA (Let's Encrypt, DigiCert, etc.)
- Full control over certificate lifecycle
- Validates certificate files on startup
@@ -551,6 +570,7 @@ Automatically obtains and renews SSL certificates from Let's Encrypt. Best for p
```
Or programmatically:
```go
wh, err := whatshooked.New(
whatshooked.WithServer("0.0.0.0", 443),
@@ -559,6 +579,7 @@ wh, err := whatshooked.New(
```
**Features:**
- Automatic certificate provisioning from Let's Encrypt
- Automatic certificate renewal before expiration
- Fully managed - no manual intervention required
@@ -566,6 +587,7 @@ wh, err := whatshooked.New(
- Production and staging modes available
**Requirements:**
- Server must be publicly accessible
- Port 443 (HTTPS) must be open
- Port 80 (HTTP) must be open for ACME challenges
@@ -573,6 +595,7 @@ wh, err := whatshooked.New(
- Email address for Let's Encrypt notifications
**Important Notes:**
- Set `production: false` for testing to use Let's Encrypt staging environment (avoids rate limits)
- Set `production: true` for production deployments to get trusted certificates
- Ensure your domain's DNS A/AAAA record points to your server's IP
@@ -586,21 +609,21 @@ All TLS configuration options:
{
"server": {
"tls": {
"enabled": true, // Enable HTTPS (default: false)
"mode": "self-signed", // Mode: "self-signed", "custom", or "autocert" (required if enabled)
"enabled": true, // Enable HTTPS (default: false)
"mode": "self-signed", // Mode: "self-signed", "custom", or "autocert" (required if enabled)
// Self-signed mode options
"cert_dir": "./data/certs", // Directory for generated certificates (default: ./data/certs)
"cert_dir": "./data/certs", // Directory for generated certificates (default: ./data/certs)
// Custom mode options
"cert_file": "/path/to/cert", // Path to certificate file (required for custom mode)
"key_file": "/path/to/key", // Path to private key file (required for custom mode)
"key_file": "/path/to/key", // Path to private key file (required for custom mode)
// Autocert mode options
"domain": "example.com", // Domain name (required for autocert mode)
"domain": "example.com", // Domain name (required for autocert mode)
"email": "admin@example.com", // Email for Let's Encrypt notifications (optional)
"cache_dir": "./data/autocert", // Cache directory for certificates (default: ./data/autocert)
"production": true // Use Let's Encrypt production (default: false/staging)
"production": true // Use Let's Encrypt production (default: false/staging)
}
}
}
@@ -614,7 +637,7 @@ To disable HTTPS and use HTTP, set `enabled: false` or omit the `tls` section en
{
"server": {
"host": "localhost",
"port": 8080
"port": 8025
}
}
```
@@ -624,13 +647,14 @@ To disable HTTPS and use HTTP, set `enabled: false` or omit the `tls` section en
The server supports two authentication methods to protect API endpoints:
#### 1. HTTP Basic Authentication
Set both `username` and `password` in the server configuration:
```json
{
"server": {
"host": "localhost",
"port": 8080,
"port": 8025,
"username": "admin",
"password": "secure_password"
}
@@ -638,31 +662,34 @@ Set both `username` and `password` in the server configuration:
```
Clients must provide credentials in the Authorization header:
```bash
curl -u admin:secure_password http://localhost:8080/api/hooks
curl -u admin:secure_password http://localhost:8025/api/hooks
```
#### 2. API Key Authentication
Set `auth_key` in the server configuration:
```json
{
"server": {
"host": "localhost",
"port": 8080,
"port": 8025,
"auth_key": "your-secret-api-key"
}
}
```
Clients can provide the API key using either:
- **x-api-key header**:
```bash
curl -H "x-api-key: your-secret-api-key" http://localhost:8080/api/hooks
curl -H "x-api-key: your-secret-api-key" http://localhost:8025/api/hooks
```
- **Authorization Bearer token**:
```bash
curl -H "Authorization: Bearer your-secret-api-key" http://localhost:8080/api/hooks
curl -H "Authorization: Bearer your-secret-api-key" http://localhost:8025/api/hooks
```
#### Authentication Notes
@@ -716,6 +743,7 @@ Add a Business API account to your `config.json`:
```
**Important Notes:**
- Use a **permanent access token**, not the temporary 24-hour token
- The `verify_token` is a random string you create - it will be used to verify Meta's webhook requests
- Keep your access token secure and never commit it to version control
@@ -727,7 +755,7 @@ To receive incoming messages from WhatsApp Business API, you must register your
1. **Start the WhatsHooked server** with your Business API configuration
2. **Ensure your server is publicly accessible** (use ngrok for testing):
```bash
ngrok http 8080
ngrok http 8025
```
3. **In Meta for Developers**, go to **WhatsApp** → **Configuration**
4. **Add Webhook URL**:
@@ -750,11 +778,13 @@ Once configured, start the server and the Business API account will connect auto
```
Look for logs indicating successful connection:
```
Business API client connected account_id=business phone=+1234567890
```
Send a test message:
```bash
./bin/whatshook-cli send
# Select your business account
@@ -765,6 +795,7 @@ Send a test message:
### Business API Features
**Supported:**
- ✅ Send/receive text messages
- ✅ Send/receive images with captions
- ✅ Send/receive videos with captions
@@ -783,6 +814,7 @@ Send a test message:
- ✅ Event publishing to webhooks (same format as whatsmeow)
**Differences from whatsmeow:**
- No QR code pairing (uses access token authentication)
- Rate limits apply based on your Meta Business tier
- Official support from Meta
@@ -816,6 +848,7 @@ You can run both personal (whatsmeow) and Business API accounts at the same time
```
Both accounts will:
- Receive messages independently
- Trigger the same webhooks
- Publish identical event formats
@@ -846,6 +879,7 @@ The QR code is also published as an event (`whatsapp.qr.code`) so you can handle
### Using the CLI
The CLI uses Cobra and supports configuration from multiple sources with the following priority:
1. Command-line flags (highest priority)
2. Environment variables
3. Configuration file (lowest priority)
@@ -853,34 +887,40 @@ The CLI uses Cobra and supports configuration from multiple sources with the fol
#### Configuration
Create a CLI configuration file (optional):
```bash
cp .whatshooked-cli.example.json .whatshooked-cli.json
```
Or set via environment variable:
```bash
export WHATSHOOKED_SERVER_URL=http://localhost:8080
export WHATSHOOKED_SERVER_URL=http://localhost:8025
```
Or use command-line flag:
```bash
./bin/whatshook-cli --server http://localhost:8080 health
./bin/whatshook-cli --server http://localhost:8025 health
```
#### Commands
Get help:
```bash
./bin/whatshook-cli --help
./bin/whatshook-cli hooks --help
```
Check server health:
```bash
./bin/whatshook-cli health
```
List all hooks:
```bash
./bin/whatshook-cli hooks list
# or just
@@ -888,16 +928,19 @@ List all hooks:
```
Add a new hook:
```bash
./bin/whatshook-cli hooks add
```
Remove a hook:
```bash
./bin/whatshook-cli hooks remove <hook_id>
```
List WhatsApp accounts:
```bash
./bin/whatshook-cli accounts list
# or just
@@ -905,11 +948,13 @@ List WhatsApp accounts:
```
Add a WhatsApp account:
```bash
./bin/whatshook-cli accounts add
```
Send a message:
```bash
./bin/whatshook-cli send
```
@@ -918,10 +963,10 @@ Send a message:
The CLI loads configuration with the following priority (highest to lowest):
1. **Command-line flags**: `--server http://example.com:8080`
2. **Environment variables**: `WHATSHOOKED_SERVER_URL=http://example.com:8080`
1. **Command-line flags**: `--server http://example.com:8025`
2. **Environment variables**: `WHATSHOOKED_SERVER_URL=http://example.com:8025`
3. **Config file**: `.whatshooked-cli.json` in current directory or `$HOME/.whatshooked/cli.json`
4. **Defaults**: `http://localhost:8080`
4. **Defaults**: `http://localhost:8025`
## Webhook Integration
@@ -968,6 +1013,7 @@ Or using full JID format:
```
Fields:
- `send_message`: Set to `true` to send a message
- `to`: Recipient phone number or JID. Can be:
- Plain phone number (e.g., `"0834606792"`) - will be formatted using `default_country_code`
@@ -989,6 +1035,7 @@ The server automatically formats phone numbers to WhatsApp JID format:
- Appends `@s.whatsapp.net` suffix
Examples with `default_country_code: "27"`:
- `0834606792` → `27834606792@s.whatsapp.net` (replaces leading 0 with 27)
- `083-460-6792` → `27834606792@s.whatsapp.net` (removes dashes, replaces 0)
- `27834606792` → `27834606792@s.whatsapp.net` (already has country code)
@@ -1000,12 +1047,14 @@ Examples with `default_country_code: "27"`:
The server exposes the following HTTP endpoints:
**Public Endpoints:**
- `GET /health` - Health check (no authentication required)
- `GET/POST /webhooks/whatsapp/{accountID}` - Business API webhook verification and events (no authentication, validated by Meta's verify_token)
**Protected Endpoints (require authentication if enabled):**
*Hooks & Accounts:*
_Hooks & Accounts:_
- `GET /api/hooks` - List all hooks
- `POST /api/hooks/add` - Add a new hook
- `POST /api/hooks/remove` - Remove a hook
@@ -1016,7 +1065,8 @@ The server exposes the following HTTP endpoints:
- `POST /api/accounts/disable` - Disable a WhatsApp account
- `POST /api/accounts/enable` - Enable a WhatsApp account
*Send Messages:*
_Send Messages:_
- `POST /api/send` - Send a text message
- `POST /api/send/image` - Send an image
- `POST /api/send/video` - Send a video
@@ -1031,12 +1081,14 @@ The server exposes the following HTTP endpoints:
- `POST /api/send/reaction` - React to a message with an emoji (Business API)
- `POST /api/messages/read` - Mark a message as read (Business API)
*Templates (Business API):*
_Templates (Business API):_
- `POST /api/templates` - List all message templates for an account
- `POST /api/templates/upload` - Create a new message template
- `POST /api/templates/delete` - Delete a template by name and language
*Flows (Business API):*
_Flows (Business API):_
- `POST /api/flows` - List all flows for an account
- `POST /api/flows/create` - Create a new flow
- `POST /api/flows/get` - Get details of a specific flow
@@ -1045,28 +1097,33 @@ The server exposes the following HTTP endpoints:
- `POST /api/flows/deprecate` - Deprecate a flow (blocks new sessions; existing sessions continue)
- `POST /api/flows/delete` - Permanently delete a flow
*Phone Numbers (Business API):*
_Phone Numbers (Business API):_
- `POST /api/phone-numbers` - List phone numbers for an account
- `POST /api/phone-numbers/request-code` - Request a verification code (SMS or VOICE)
- `POST /api/phone-numbers/verify-code` - Verify a phone number with the received code
*Business Profile (Business API):*
_Business Profile (Business API):_
- `POST /api/business-profile` - Retrieve the business profile for an account
- `POST /api/business-profile/update` - Update business profile fields (about, address, description, email, websites, vertical)
*Catalog / Commerce (Business API):*
_Catalog / Commerce (Business API):_
- `POST /api/catalogs` - List product catalogs linked to an account
- `POST /api/catalogs/products` - List products in a specific catalog
- `POST /api/send/catalog` - Send a catalog message (shares full product catalog)
- `POST /api/send/product` - Send a single-product interactive message
- `POST /api/send/product-list` - Send a multi-product list message (up to 30 products across 10 sections)
*Media:*
_Media:_
- `GET /api/media/{accountID}/{filename}` - Serve media files
- `POST /api/media/upload` - Upload a media file to Meta and return its media_id (Business API)
- `POST /api/media-delete` - Delete a previously uploaded media file from Meta (Business API)
*Message Cache:*
_Message Cache:_
- `GET /api/cache` - List cached events
- `GET /api/cache/stats` - Cache statistics
- `POST /api/cache/replay` - Replay all cached events
@@ -1135,6 +1192,7 @@ whatshooked/
The system publishes the following event types:
**WhatsApp Events:**
- `whatsapp.connected` - WhatsApp client connected
- `whatsapp.disconnected` - WhatsApp client disconnected
- `whatsapp.pair.success` - Device pairing successful
@@ -1145,11 +1203,13 @@ The system publishes the following event types:
- `whatsapp.pair.event` - Generic pairing event
**Message Events:**
- `message.received` - New message received from WhatsApp
- `message.sent` - Message successfully sent to WhatsApp
- `message.failed` - Message send failed
**Hook Events:**
- `hook.triggered` - Webhook is being called
- `hook.success` - Webhook responded successfully
- `hook.failed` - Webhook call failed