Skip to content

mrfr8nk/WA-OTP-BOT

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

57 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

πŸ“± WhatsApp OTP Verification Bot

WhatsApp OTP Bot

Node.js License Status

πŸ“‹ Overview

A powerful WhatsApp-based OTP (One-Time Password) verification system that seamlessly integrates phone number verification into your websites and applications. Send 6-digit verification codes via WhatsApp and verify them through simple API endpoints.

✨ Features

  • πŸ” Secure OTP Generation - Random 6-digit codes sent via WhatsApp
  • βœ… API-Based Verification - RESTful endpoints for easy integration
  • πŸ’Ύ MongoDB Storage - Secure and scalable OTP data management
  • ⏰ Auto-Expiration - OTPs expire after 10 minutes
  • πŸ›‘οΈ Rate Limiting - Maximum 5 verification attempts per OTP
  • πŸ“Š Real-time Dashboard - Monitor bot status and statistics
  • 🌍 International Support - Works with phone numbers worldwide
  • πŸ”Œ Plugin System - Extensible architecture for custom features
  • πŸ“± Multi-Session Support - Multiple session storage methods

πŸ› οΈ Tech Stack

Backend

  • Runtime: Node.js 20.x
  • WhatsApp Client: @whiskeysockets/baileys - WhatsApp Web API
  • Web Framework: Express.js 4.x
  • Database: MongoDB with Mongoose ODM

Authentication & Session

  • Multi-file auth state with Baileys
  • Session persistence across multiple providers:
    • GitHub Repository Storage
    • MongoDB API Storage
    • MEGA.nz Cloud Storage
    • Custom Ice/Darex Session Servers

Utilities

  • QR Code: qrcode-terminal - Terminal QR code generation
  • Image Processing: Jimp - Image manipulation
  • Date/Time: Moment.js - Time formatting and calculations
  • HTTP Client: Axios - API requests
  • File Type Detection: file-type
  • Logging: Pino (P)

Development

  • Package Manager: npm
  • Version Control: Git
  • Deployment: Replit (recommended)

πŸš€ Quick Start

Prerequisites

  1. WhatsApp account (phone number)
  2. MongoDB database (MongoDB Atlas recommended)
  3. Node.js environment (20.x or higher)

Installation

  1. Clone or Deploy

    git clone <repository-url>
    cd wa-otp-bot
  2. Install Dependencies

    npm install
  3. Configure Environment

    Add to Replit Secrets or create .env file:

    MONGODB_URI=your_mongodb_connection_string
    SESSION_ID=your_session_id (optional)
    PREFIX=. (default)
    MODE=public (public/private/inbox/groups)
  4. Start the Bot

    npm start
  5. Scan QR Code

    • Open WhatsApp on your phone
    • Go to Settings β†’ Linked Devices
    • Scan the QR code displayed in terminal
  6. Your OTP API is Live!

    https://your-replit-app.replit.app
    

πŸ“‘ API Endpoints

Base URL

https://your-replit-app.replit.app

1. Send OTP

GET /api/sendotp?number=263719647303

Response:

{
  "success": true,
  "message": "OTP sent successfully",
  "phoneNumber": "263719647303",
  "expiresIn": 600
}

2. Verify OTP

GET /api/verifyotp?number=263719647303&code=123456

Response:

{
  "success": true,
  "message": "OTP verified successfully",
  "phoneNumber": "263719647303"
}

3. Bot Status

GET /api/status

Response:

{
  "success": true,
  "bot": {
    "connected": true,
    "uptime": 3600,
    "phoneNumber": "1234567890"
  },
  "stats": {
    "total": 150,
    "verified": 120,
    "pending": 30,
    "last24Hours": 45
  }
}

πŸ’» Integration Examples

See demo:

Click me

HTML/JavaScript

<script>
const API_URL = 'https://your-app.replit.app';

async function sendOTP(phone) {
  const res = await fetch(`${API_URL}/api/sendotp?number=${phone}`);
  return await res.json();
}

async function verifyOTP(phone, code) {
  const res = await fetch(`${API_URL}/api/verifyotp?number=${phone}&code=${code}`);
  return await res.json();
}
</script>

React

const verifyPhone = async (phone, code) => {
  try {
    const response = await fetch(
      `${API_URL}/api/verifyotp?number=${phone}&code=${code}`
    );
    const data = await response.json();
    return data.success;
  } catch (error) {
    console.error('Verification failed:', error);
    return false;
  }
};

Node.js Backend

const axios = require('axios');

app.post('/verify-user', async (req, res) => {
  const { phone, otpCode } = req.body;
  
  const response = await axios.get(
    `${OTP_API}/api/verifyotp?number=${phone}&code=${otpCode}`
  );
  
  if (response.data.success) {
    // User verified, proceed with registration
    res.json({ verified: true });
  } else {
    res.status(400).json({ error: 'Invalid OTP' });
  }
});

πŸ—οΈ Project Structure

.
β”œβ”€β”€ index.js              # Main bot entry point & connection logic
β”œβ”€β”€ settings.js           # Configuration settings
β”œβ”€β”€ lib/
β”‚   β”œβ”€β”€ command.js        # Command registration system
β”‚   β”œβ”€β”€ functions.js      # Utility functions
β”‚   β”œβ”€β”€ msg.js            # Message handling utilities
β”‚   β”œβ”€β”€ otpRoutes.js      # API endpoints & web dashboard
β”‚   └── otpService.js     # OTP generation & MongoDB logic
β”œβ”€β”€ plugins/
β”‚   └── alive.js          # Bot status command plugin
β”œβ”€β”€ session/              # WhatsApp session data (auto-generated)
β”œβ”€β”€ docs.md               # Complete API documentation
└── package.json          # Dependencies & scripts

πŸ”§ Configuration

Environment Variables

Variable Description Default
MONGODB_URI MongoDB connection string Required
SESSION_ID WhatsApp session ID Optional
PREFIX Bot command prefix .
MODE Bot mode (public/private/inbox/groups) public
PORT Server port 5000

Bot Modes

  • public: Responds to everyone
  • private: Owner only
  • inbox: Private chats only
  • groups: Group chats only

πŸ“Š Database Schema

{
  phoneNumber: String,      // Formatted phone number
  code: String,            // 6-digit OTP code
  verified: Boolean,       // Verification status
  attempts: Number,        // Verification attempts count
  createdAt: Date,         // Creation timestamp
  expiresAt: Date,         // Expiration (10 mins)
  verifiedAt: Date         // Verification timestamp
}

πŸ”’ Security Features

  • βœ… HTTPS recommended for production
  • βœ… Rate limiting (max 5 attempts per OTP)
  • βœ… Auto-expiration (10 minutes)
  • βœ… Secure MongoDB storage
  • βœ… Phone number validation
  • βœ… No OTP reuse after verification

πŸ› Troubleshooting

Bot Not Connecting

  1. Verify WhatsApp Web is accessible
  2. Check session credentials
  3. Scan QR code again if needed
  4. Review console logs for errors

OTP Not Sending

  1. Confirm bot status via /api/status
  2. Verify phone number format (with country code)
  3. Ensure recipient is on WhatsApp
  4. Check MongoDB connection

Database Errors

  1. Verify MONGODB_URI is correct
  2. Check database permissions
  3. Ensure MongoDB cluster is running

πŸ“– Documentation

For complete API documentation and integration guides, see docs.md

🀝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

πŸ“ License

This project is open source and available under the MIT License.

πŸ‘¨β€πŸ’» Credits

Developer: Darrell Mucheri (Mr Frank)
Contact: +263719647303
GitHub: @mrfr8nk

Special Thanks

  • Baileys WhatsApp Web API team
  • Open source community
  • All contributors

Made with ❀️ by Mr Frank (Darrell Mucheri)

⭐ Star this repo if you find it helpful!

About

A whats bot using Baileys to send otp for third part sites.

Resources

Stars

8 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors