const fetch = require('node-fetch'); const { encrypt, decrypt } = require('../lib/crypto'); const KEY = "jb%!SZfM%AwwS7JmdM!"; const VERSION = "1.0.9"; const FLAVOUR = "neoRed"; module.exports = async (req, res) => { // Enable CORS res.setHeader('Access-Control-Allow-Origin', '*'); res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS'); res.setHeader('Access-Control-Allow-Headers', 'Content-Type'); if (req.method === 'OPTIONS') { return res.status(200).end(); } try { const { wifi, lan } = req.query; if (!wifi || !lan) { return res.status(400).json({ error: "Missing wifi or lan parameters" }); } // 1. Prepare Authentication Payload const payload = `wifi=${wifi}&lan=${lan}&code=NAN&mobile=NAN&isMobile=false`; const encryptedE = encrypt(payload, KEY); // 2. Prepare Security Headers const headers = { "wifi": encrypt(wifi, KEY), "lan": encrypt(lan, KEY), "version": encrypt(VERSION, KEY), "flavour": encrypt(FLAVOUR, KEY), "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36", "Content-Type": "application/x-www-form-urlencoded" }; // 3. Call the Middleware const targetUrl = `http://918197185.com/api/v2-d/api.php?tag=UniTV_MAC`; const response = await fetch(targetUrl, { method: 'POST', headers: headers, body: `e=${encodeURIComponent(encryptedE)}` }); const encryptedText = await response.text(); // 4. Decrypt the response (UniTV returns Salted__ Base64) let decryptedData; try { const decryptedBody = decrypt(encryptedText.trim(), KEY); decryptedData = JSON.parse(decryptedBody); } catch (decError) { console.error("Decryption Failed:", decError); return res.status(500).json({ error: "Decryption failed", raw: encryptedText, msg: decError.message }); } // 5. Return the dynamic credentials to Roku return res.status(200).json(decryptedData); } catch (error) { console.error("Handshake Error:", error); return res.status(500).json({ error: error.message }); } };