app.py

from flask import Flask, render_template, request, redirect, url_for, jsonify
from flask_sqlalchemy import SQLAlchemy
import uuid
from datetime import datetime
import requests
import time
import threading
from cryptography.fernet import Fernet
import os

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///astrapay.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SECRET_KEY'] = 'your-secret-key-here'

db = SQLAlchemy(app)

def get_encryption_key():
    key_file = 'encryption.key'
    if os.path.exists(key_file):
        with open(key_file, 'rb') as f:
            return f.read()
    else:
        key = Fernet.generate_key()
        with open(key_file, 'wb') as f:
            f.write(key)
        return key

ENCRYPTION_KEY = get_encryption_key()
cipher_suite = Fernet(ENCRYPTION_KEY)

def encrypt_value(value):
    if isinstance(value, str):
        value = value.encode()
    return cipher_suite.encrypt(value).decode()

def decrypt_value(encrypted_value):
    return cipher_suite.decrypt(encrypted_value.encode()).decode()

ENCRYPTED_CONNECT_SID = encrypt_value('s%3A7Bwbww_JK7pW55D-B57-3b7bi-FzrzEZ.ezXPafCUs8%2B9L632zAZaBD51TQfSnUXUwbga8Z9kyAo')
ENCRYPTED_API_URL = encrypt_value('https://astra-bank-moh1812.replit.app/api/transactions')
ENCRYPTED_REFERER = encrypt_value('https://astra-bank-moh1812.replit.app/')
ENCRYPTED_ETAG = encrypt_value('W/"6e3-L0zHI4rHMa4nHmyewyA/4y+lL6c"')

class PaymentLink(db.Model):
    id = db.Column(db.String(36), primary_key=True, default=lambda: str(uuid.uuid4()))
    amount = db.Column(db.Integer, nullable=False)
    description = db.Column(db.String(500), nullable=False)
    recipient_email = db.Column(db.String(255), nullable=True)
    created_at = db.Column(db.DateTime, default=datetime.utcnow)
    paid = db.Column(db.Boolean, default=False)

    def __repr__(self):
        return f'<PaymentLink {self.id}: {self.amount} Astras>'

def get_transactions():
    url = decrypt_value(ENCRYPTED_API_URL)
    referer = decrypt_value(ENCRYPTED_REFERER)
    etag = decrypt_value(ENCRYPTED_ETAG)
    connect_sid = decrypt_value(ENCRYPTED_CONNECT_SID)

    headers = {
        'accept': '*/*',
        'accept-language': 'en-US,en;q=0.9',
        'if-none-match': etag,
        'priority': 'u=1, i',
        'referer': referer,
        'sec-ch-ua': '"Chromium";v="142", "Google Chrome";v="142", "Not_A Brand";v="99"',
        'sec-ch-ua-mobile': '?0',
        'sec-ch-ua-platform': '"macOS"',
        'sec-fetch-dest': 'empty',
        'sec-fetch-mode': 'cors',
        'sec-fetch-site': 'same-origin',
        'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36'
    }

    cookies = {
        'sidebar_state': 'true',
        'connect.sid': connect_sid
    }

    try:
        response = requests.get(url, headers=headers, cookies=cookies, timeout=10)
        return response.json()
    except Exception as e:
        print(f"Error fetching transactions: {e}")
        return []

def check_for_payment(amount, existing_transaction_ids):
    try:
        transactions = get_transactions()

        for transaction in transactions:
            transaction_id = transaction.get('id')
            if (transaction_id not in existing_transaction_ids and
                transaction.get('amount') == amount and
                transaction.get('transactionType') == 'received'):
                return transaction

        return None
    except Exception as e:
        print(f"Error checking for payment: {e}")
        return None

with app.app_context():
    db.create_all()

@app.route('/')
def home():
    return render_template('home.html')

@app.route('/create-payment-link', methods=['POST'])
def create_payment_link():
    try:
        data = request.get_json()

        if not data or 'amount' not in data or 'description' not in data:
            return jsonify({'error': 'Missing required fields'}), 400

        amount = data['amount']
        description = data['description']
        recipient_email = data.get('recipient_email', '').strip() if data.get('recipient_email') else None

        if not isinstance(amount, int) or amount <= 0:
            return jsonify({'error': 'Invalid amount'}), 400

        if not description or len(description.strip()) == 0:
            return jsonify({'error': 'Description cannot be empty'}), 400

        payment_link = PaymentLink(
            amount=amount,
            description=description.strip(),
            recipient_email=recipient_email if recipient_email else None
        )

        db.session.add(payment_link)
        db.session.commit()

        payment_url = url_for('view_payment', payment_id=payment_link.id, _external=True)

        return jsonify({
            'success': True,
            'payment_id': payment_link.id,
            'payment_url': payment_url
        })

    except Exception as e:
        db.session.rollback()
        return jsonify({'error': str(e)}), 500

@app.route('/init-payment-check/<payment_id>')
def init_payment_check(payment_id):
    try:
        payment_link = PaymentLink.query.get_or_404(payment_id)

        transactions = get_transactions()
        existing_ids = [tx.get('id') for tx in transactions]

        return jsonify({
            'existing_transaction_ids': existing_ids,
            'amount': payment_link.amount
        })

    except Exception as e:
        return jsonify({'error': str(e)}), 500

@app.route('/check-payment/<payment_id>')
def check_payment_status(payment_id):
    try:
        payment_link = PaymentLink.query.get_or_404(payment_id)

        existing_ids_str = request.args.get('existing_ids', '')
        if existing_ids_str:
            existing_ids = existing_ids_str.split(',')
        else:
            transactions = get_transactions()
            existing_ids = [tx.get('id') for tx in transactions]

        payment_transaction = check_for_payment(payment_link.amount, existing_ids)

        if payment_transaction:
            return jsonify({
                'payment_received': True,
                'transaction': {
                    'id': payment_transaction.get('id'),
                    'amount': payment_transaction.get('amount'),
                    'from_email': payment_transaction.get('counterpartEmail'),
                    'description': payment_transaction.get('description')
                }
            })
        else:
            return jsonify({'payment_received': False})

    except Exception as e:
        return jsonify({'error': str(e)}), 500

@app.route('/pay/<payment_id>', methods=['POST'])
def process_payment(payment_id):
    try:
        payment_link = PaymentLink.query.get_or_404(payment_id)

        if payment_link.paid:
            return jsonify({'error': 'Payment already completed'}), 400

        payment_link.paid = True
        db.session.commit()

        return jsonify({'success': True, 'message': 'Payment confirmed successfully'})

    except Exception as e:
        db.session.rollback()
        return jsonify({'error': str(e)}), 500

@app.route('/pay/<payment_id>')
def view_payment(payment_id):
    payment_link = PaymentLink.query.get_or_404(payment_id)
    return render_template('payment.html',
                                amount=payment_link.amount,
                                description=payment_link.description,
                                paid=payment_link.paid,
                                payment_id=payment_link.id,
                                recipient_email=payment_link.recipient_email)

@app.route('/bank')
def bank():
    return render_template('bank.html')

if __name__ == '__main__':
    app.run(debug=True, host='0.0.0.0', port=5000)