plugins/cloudflare-bypass.js

const BASE_URL = 'https://herzaj-turnstile-solver.hf.space';

async function callBypassAPI(url, sitekey) {
    try {
        const submitResponse = await fetch(`${BASE_URL}/turnstile?url=${encodeURIComponent(url)}&sitekey=${encodeURIComponent(sitekey)}`, {
            headers: {
                'Accept': 'application/json',
                'Content-Type': 'application/json'
            }
        });
        
        const submitText = await submitResponse.text();
        let submitData;
        
        try {
            submitData = JSON.parse(submitText);
        } catch (e) {
            throw new Error(`API returned invalid response: ${submitText.substring(0, 100)}`);
        }
        
        if (!submitData.task_id) {
            throw new Error('Failed to get task_id from API');
        }

        const taskId = submitData.task_id;

        let attempts = 0;
        const maxAttempts = 30;
        
        while (attempts < maxAttempts) {
            await new Promise(resolve => setTimeout(resolve, 2000));
            
            const resultResponse = await fetch(`${BASE_URL}/result/${taskId}`, {
                headers: {
                    'Accept': 'application/json'
                }
            });
            
            const resultText = await resultResponse.text();
            let resultData;
            
            try {
                resultData = JSON.parse(resultText);
            } catch (e) {
                attempts++;
                continue;
            }
            
            if (resultData.value) {
                return {
                    token: resultData.value,
                    solved_time: resultData.elapsed_time
                };
            }
            
            attempts++;
        }
        
        throw new Error('Timeout: Could not solve turnstile within time limit');

    } catch (error) {
        throw error;
    }
}

const handler = async (req, res) => {
    try {
        const { url, sitekey } = req.query;

        if (!url) {
            return res.status(400).json({
                success: false,
                error: 'Missing required parameter: url'
            });
        }

        if (!sitekey) {
            return res.status(400).json({
                success: false,
                error: 'Missing required parameter: sitekey'
            });
        }

        const result = await callBypassAPI(url, sitekey);
        const solvedAt = new Date().toISOString();

        return res.json({
            author: "Herza",
            success: true,
            data: {
                token: result.token,
                solved_at: solvedAt,
                solved_time: result.solved_time
            }
        });

    } catch (error) {
        res.status(500).json({
            success: false,
            error: error.message,
            timestamp: new Date().toISOString()
        });
    }
};

module.exports = {
    name: 'Cloudflare Bypass',
    description: 'Bypass Cloudflare Turnstile protection',
    type: 'GET',
    routes: ['api/tools/bypass'],
    tags: ['security', 'bypass', 'turnstile'],
    parameters: ['url', 'sitekey'],
    limit: 8,
    enabled: true,
    main: ['tools'],
    handler
};