// نیاز به نصب: npm init -y
// npm install http-proxy socksv5 basic-auth

const http = require('http');
const net = require('net');
const url = require('url');
const httpProxy = require('http-proxy');
const socks = require('socksv5'); // socksv5 package
const basicAuth = require('basic-auth');

// تنظیمات قابل تغییر
const HTTP_PORT = process.env.HTTP_PORT || 8080;
const SOCKS_PORT = process.env.SOCKS_PORT || 1080;
const AUTH_TOKEN = process.env.AUTH_TOKEN || "CHANGE_ME_TOKEN"; // توکن احراز هویت

// تابع ساده بررسی توکن (از هدر Authorization: Bearer <token> یا query token)
function checkAuth(req) {
  // 1) Bearer token در هدر Authorization
  const authHeader = (req.headers['authorization'] || '').trim();
  if (authHeader.toLowerCase().startsWith('bearer ')) {
    const token = authHeader.slice(7).trim();
    return token === AUTH_TOKEN;
  }

  // 2) Basic auth (username: token)
  const credentials = basicAuth(req);
  if (credentials && credentials.name && credentials.name === AUTH_TOKEN) {
    return true;
  }

  // 3) query ?token=...
  try {
    const parsed = url.parse(req.url, true);
    if (parsed.query && parsed.query.token === AUTH_TOKEN) return true;
  } catch (e) {}

  return false;
}

/* ---------- HTTP / HTTPS proxy (supports CONNECT) ---------- */

const proxy = httpProxy.createProxyServer({});

const httpServer = http.createServer((req, res) => {
  if (!checkAuth(req)) {
    res.writeHead(407, { 'Content-Type': 'text/plain', 'Proxy-Authenticate': 'Bearer' });
    res.end('Proxy authentication required.');
    return;
  }

  // برای درخواست‌های عادی HTTP، از http-proxy استفاده می‌کنیم
  const target = req.url;
  // اگر URL کامل نیست (مثلاً /path) باید از header host استفاده کنیم
  if (!/^https?:\/\//i.test(target)) {
    // ساخت target از host header
    const host = req.headers['host'];
    if (!host) {
      res.writeHead(400);
      res.end('Bad Request - no host header');
      return;
    }
    const full = `http://${host}${req.url}`;
    proxy.web(req, res, { target: full, changeOrigin: true }, (err) => {
      res.writeHead(502);
      res.end('Bad gateway: ' + err.message);
    });
    return;
  }

  proxy.web(req, res, { target, changeOrigin: true }, (err) => {
    res.writeHead(502);
    res.end('Bad gateway: ' + err.message);
  });
});

// پشتیبانی از CONNECT (برای HTTPS)
httpServer.on('connect', (req, clientSocket, head) => {
  // req.url === host:port
  // برای CONNECT احراز هویت هم بررسی می‌کنیم:
  if (!checkAuth(req)) {
    clientSocket.write(
      'HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Bearer\r\n\r\n'
    );
    clientSocket.end();
    return;
  }

  const [host, port] = req.url.split(':');
  const serverSocket = net.connect(Number(port) || 443, host, () => {
    clientSocket.write('HTTP/1.1 200 Connection Established\r\n\r\n');
    serverSocket.write(head);
    serverSocket.pipe(clientSocket);
    clientSocket.pipe(serverSocket);
  });

  serverSocket.on('error', (err) => {
    clientSocket.write('HTTP/1.1 502 Bad Gateway\r\n\r\n');
    clientSocket.end();
  });
});

httpServer.listen(HTTP_PORT, () => {
  console.log(`HTTP(S) proxy listening on port ${HTTP_PORT}`);
});

/* ---------- SOCKS5 server ---------- */

const socksServer = socks.createServer((info, accept, deny) => {
  // info contains: srcAddr, srcPort, dstAddr, dstPort, addressType
  // socksv5 package expects authentication handled separately
  const socket = accept(true);
  // socket is piped automatically by library
});

socksServer.useAuth(socks.auth.UserPassword((user, pass, cb) => {
  // ما از username=token یا password=token استفاده می‌کنیم
  if (user === AUTH_TOKEN || pass === AUTH_TOKEN) {
    return cb(true);
  }
  return cb(false);
}));

socksServer.listen(SOCKS_PORT, '0.0.0.0', () => {
  console.log(`SOCKS5 proxy listening on port ${SOCKS_PORT}`);
});

// خطاها را هندل کن
proxy.on('error', (err) => {
  console.error('Proxy error:', err);
});

console.error('Uncaught Exception:', err);
});
process.on('SIGINT', () => {
  console.log('Shutting down...');
  socksServer.close();
  httpServer.close();
  process.exit();
});

sudo apt update
sudo apt install -y nodejs build-essential

sudo chown $USER:$USER /opt/myproxy
cd /opt/myproxy
# سپس فایل proxy-server.js را با nano یا scp آپلود کن

npm install http-proxy socksv5 basic-auth

export HTTP_PORT=8080
export SOCKS_PORT=1080
node proxy-server.js