package handlers import ( "encoding/base64" "encoding/json" "net/http" "git.warky.dev/wdevs/whatshooked/pkg/utils" "git.warky.dev/wdevs/whatshooked/pkg/whatsapp/businessapi" "go.mau.fi/whatsmeow/types" ) // SendAudio sends an audio message via Business API. // POST /api/send/audio {"account_id","to","audio_data"(base64),"mime_type"} func (h *Handlers) SendAudio(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } var req struct { AccountID string `json:"account_id"` To string `json:"to"` AudioData string `json:"audio_data"` MimeType string `json:"mime_type"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } baClient, err := h.getBusinessAPIClient(req.AccountID) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } audioData, err := base64.StdEncoding.DecodeString(req.AudioData) if err != nil { http.Error(w, "Invalid base64 audio data", http.StatusBadRequest) return } if req.MimeType == "" { req.MimeType = "audio/mpeg" } jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode)) if err != nil { http.Error(w, "Invalid phone number", http.StatusBadRequest) return } if _, err := baClient.SendAudio(r.Context(), jid, audioData, req.MimeType); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } writeJSON(w, map[string]string{"status": "ok"}) } // SendSticker sends a sticker message via Business API. // POST /api/send/sticker {"account_id","to","sticker_data"(base64),"mime_type"} func (h *Handlers) SendSticker(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } var req struct { AccountID string `json:"account_id"` To string `json:"to"` StickerData string `json:"sticker_data"` MimeType string `json:"mime_type"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } baClient, err := h.getBusinessAPIClient(req.AccountID) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } stickerData, err := base64.StdEncoding.DecodeString(req.StickerData) if err != nil { http.Error(w, "Invalid base64 sticker data", http.StatusBadRequest) return } if req.MimeType == "" { req.MimeType = "image/webp" } jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode)) if err != nil { http.Error(w, "Invalid phone number", http.StatusBadRequest) return } if _, err := baClient.SendSticker(r.Context(), jid, stickerData, req.MimeType); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } writeJSON(w, map[string]string{"status": "ok"}) } // SendLocation sends a location message via Business API. // POST /api/send/location {"account_id","to","latitude","longitude","name","address"} func (h *Handlers) SendLocation(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } var req struct { AccountID string `json:"account_id"` To string `json:"to"` Latitude float64 `json:"latitude"` Longitude float64 `json:"longitude"` Name string `json:"name"` Address string `json:"address"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } baClient, err := h.getBusinessAPIClient(req.AccountID) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode)) if err != nil { http.Error(w, "Invalid phone number", http.StatusBadRequest) return } if _, err := baClient.SendLocation(r.Context(), jid, req.Latitude, req.Longitude, req.Name, req.Address); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } writeJSON(w, map[string]string{"status": "ok"}) } // SendContacts sends contact card(s) via Business API. // POST /api/send/contacts {"account_id","to","contacts":[...]} func (h *Handlers) SendContacts(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } var req struct { AccountID string `json:"account_id"` To string `json:"to"` Contacts []businessapi.SendContactObject `json:"contacts"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } if len(req.Contacts) == 0 { http.Error(w, "at least one contact is required", http.StatusBadRequest) return } baClient, err := h.getBusinessAPIClient(req.AccountID) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode)) if err != nil { http.Error(w, "Invalid phone number", http.StatusBadRequest) return } if _, err := baClient.SendContacts(r.Context(), jid, req.Contacts); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } writeJSON(w, map[string]string{"status": "ok"}) } // SendInteractive sends an interactive message (buttons, list, or flow). // POST /api/send/interactive {"account_id","to","interactive":{...}} func (h *Handlers) SendInteractive(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } var req struct { AccountID string `json:"account_id"` To string `json:"to"` Interactive *businessapi.InteractiveObject `json:"interactive"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } if req.Interactive == nil { http.Error(w, "interactive object is required", http.StatusBadRequest) return } baClient, err := h.getBusinessAPIClient(req.AccountID) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode)) if err != nil { http.Error(w, "Invalid phone number", http.StatusBadRequest) return } if _, err := baClient.SendInteractive(r.Context(), jid, req.Interactive); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } writeJSON(w, map[string]string{"status": "ok"}) } // SendReaction sends a reaction (emoji) to an existing message. // POST /api/send/reaction {"account_id","to","message_id","emoji"} func (h *Handlers) SendReaction(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } var req struct { AccountID string `json:"account_id"` To string `json:"to"` MessageID string `json:"message_id"` Emoji string `json:"emoji"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } if req.MessageID == "" || req.Emoji == "" { http.Error(w, "message_id and emoji are required", http.StatusBadRequest) return } baClient, err := h.getBusinessAPIClient(req.AccountID) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } jid, err := types.ParseJID(utils.FormatPhoneToJID(req.To, h.config.Server.DefaultCountryCode)) if err != nil { http.Error(w, "Invalid phone number", http.StatusBadRequest) return } if err := baClient.SendReaction(r.Context(), jid, req.MessageID, req.Emoji); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } writeJSON(w, map[string]string{"status": "ok"}) } // MarkAsRead marks a received message as read. // POST /api/messages/read {"account_id","message_id"} func (h *Handlers) MarkAsRead(w http.ResponseWriter, r *http.Request) { if r.Method != http.MethodPost { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) return } var req struct { AccountID string `json:"account_id"` MessageID string `json:"message_id"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } if req.MessageID == "" { http.Error(w, "message_id is required", http.StatusBadRequest) return } baClient, err := h.getBusinessAPIClient(req.AccountID) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } if err := baClient.MarkAsRead(r.Context(), req.MessageID); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } writeJSON(w, map[string]string{"status": "ok"}) }