- A bot to track available slots and book them automatically before any human around you does. :)
- Track upto 4 pincodes
- Can track all pincodes/age group from Cowin website
- Can download Certificate after vaccination
- A status message to display your session time, beneficiaries you're booking for, snooze time and many more
- User friendly and guiding commands in each message
- Fast and instant walkthrough to guide you at each step
- Snooze, to stop alerts for particular time without stopping the bot
- Can track specific age group, vaccine, dose and pincode
- You can view number of users on the bot from different states and cities.
- Automatic Slot booking
- Has Seperate bot's login panel to authenticate with cowin
- Has an API to build an autologin application. (Incomplete and abandoned)
- Has pincode and District caching
- Automatically divides slot tracking by just providing proxies in proxies.txt (Calculated from cowin's rate limit, But since govt removed rate limit on public API, Its deprecated.)
- Can bypass cache (Has a seperate description below.)
- Has seperate login panel to avoid authentication rate limiting from same IP, Instead a browser window will open and requests will be sent from user's device and token will be shared with bot after authentication.
- Cowin-like 180sec otp limiting.
- All the Phone, Pincode, State and other inputs are validated before proceeding further.
- A cron job to wipe server logs, Backup existing database and clear cache every midnight
- Admin restricted commands to broadcast messages to users, Check user availability, Logged in users, adjust sleeptime of tracker and tracker live status informer
- Snooze timestamp is stored in database and every slot availability message is checked before sending to user.
- A cron job to reset otp count of all users every night, Reason: Cowin bans account for 24hours if you requested more than 50 otp in 24 hours.
Depreacation
- Before knowing about Cache bypassing, I used user's token to fetch data from private API endpoint. For eg. There are 40-50 users booking vaccine slots using the bot, So during that I took any random valid auth token and requested on private API endpoint to fetch realtime data. But later I discovered cache bypass and reverted this logic.
-
The cowin server uses GoLang in backend and uses a module called dateparse This module can detect many date formats without even specifying.
- So passing a date
26/11/2021or26/11/21or26-11-21or even with zeros06/04/2021can be also written as6/4/21and so on - I created a date obfuscator present in
wrapper.jswith functiongetToday - The caching service uses, AWS. Which allowed cowin to cache request for few minutes. Now in this case those few minutes are cruicial.
- I examined the request and the only thing was API path + query params. And a reponse header
x-amzn-remapped-datewhich shows when the particular data was last cached on AWS servers.
- So passing a date
-
After using the date obfuscator that I had created, It successfully bypassed caching (you can check
x-amzn-remapped-date)
I know the coding structure is trash, I didn't follow the time complexity properly. But the code is not repetitive. But after all... I built this within a month, Moreover I released this bot in just 3 days after 18+ vaccination started. Since then I managed my worklife, real life and maintained this bot as well. So please bear with the code quality. :)
- Reel from Dhananjay Bhosale (Youtuber 300k+ subs): https://www.instagram.com/p/CSZXSyVHdtN/
- Reel from vivekartiste (Vivek Rajput) (15k+ insta followers): https://www.instagram.com/p/CSZbr_AJ-9D/
- Appreciation certificate from Jain University Bangalore. link
- Immense support from XDA-OFF TOPIC Group (Facebook.)
- 14k+ users on bot and 11k+ autobookings using the bot <3
Thanks for using and supporting. ❤️ This will remain my bestest work so far.
© Swapnil Soni (MIT) (If you plan to copy the code then link the credits in your bot with a link to my github repo.)