Core Functions
The Shopify Module provides several public functions that can be used to interact with Shopify’s checkout system.
startTask()
The main entry point for executing a checkout task. This function orchestrates the entire checkout process from product search to payment submission.
Location: Preload.js:41
Signature:
async function startTask()
- Product search and variant selection
- Cart management
- Account authentication (if required)
- Checkpoint/queue handling
- Address submission
- Shipping rate selection
- Payment processing
Example:
const { startTask } = require('./Preload');
await startTask();
item object with the following structure:
Direct product URL (e.g., https://kith.com/products/product-handle)
Space-separated keywords for product search. Use + for required terms and - for exclusions (e.g., +yeezy +350 -toddler)
Size/variant to purchase. Can be numeric (9, 10, 11) or text (S, M, L, XL, OneSize)
If true, selects a random available variant
Delay in milliseconds before submitting checkout
Domain name (e.g., www.kith.com)
Shopify account email for authenticated checkouts
Shopify account password for authenticated checkouts
Billing and shipping profile informationPhone number (digits only)
Apartment/suite number (optional)
State/province code (e.g., NY, CA)
Country code (e.g., US, CA)
Credit card number (no spaces)
Name as it appears on card
Expiration year (last 2 digits, e.g., 22 for 2022)
Card type (visa, mastercard, amex, discover)
Proxy username for authentication
Proxy password for authentication
getUA()
Returns the user agent string used for all HTTP requests.
Location: Preload.js:24
Signature:
User agent string for Chrome 87 on macOS
const userAgent = getUA();
// Returns: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36..."
getCaptcha()
Hook function for integrating captcha solving services. This function is called when a captcha challenge is detected.
Location: Preload.js:36
Signature:
function getCaptcha(domain, sitekeylocal)
The domain where the captcha needs to be solved
The reCAPTCHA site key extracted from the page
The captcha token to submit with the request
function getCaptcha(domain, sitekeylocal) {
// Integrate your captcha solving service here
// Example: 2Captcha, Anti-Captcha, CapMonster, etc.
return await captchaSolver.solve({
websiteURL: domain,
websiteKey: sitekeylocal,
type: 'ReCaptchaV2'
});
}
- Account login challenge (
/challenge endpoint)
- Checkpoint verification (
/checkpoint endpoint)
- First-step captcha on checkout page
logCookies()
Utility function to extract and format cookies from a request jar.
Location: Preload.js:6
Signature:
The request-promise cookie jar instance
Comma-separated string of all cookies in the jar
const cookieJar = request.jar();
const cookies = await logCookies(cookieJar);
console.log(cookies);
// Output: "_shopify_y=abc123, cart=xyz789, ..."
setRunningStatus()
Logs status messages to the console during task execution.
Location: Preload.js:32
Signature:
function setRunningStatus(str)
Status message to display
setRunningStatus('Searching For Product...');
setRunningStatus('Adding to Cart...');
setRunningStatus('Submitting Address...');
"Searching For Product...""Found Test Product...""Preloading Cart...""Generating Checkout Link...""Signing Into Account...""Adding to Cart Real Product...""Going to Checkout...""Polling Queue X...""Submitting Address...""Getting Shipping Rates...""Submitting Shipping...""Vaulting Card Info...""Checking Out...""Polling Checkout X..."
endRun()
Terminates the task execution and logs an error message.
Location: Preload.js:28
Signature:
function endRun(err = 'error')
if (response.includes('out of stock')) {
endRun('Product Out of Stock');
}
if (response.includes('no shipping methods')) {
endRun('There are no shipping methods available');
}
Request Configuration
Basic Setup
All requests use request-promise with specific defaults:
const request = require('request-promise').defaults({
followAllRedirects: true,
resolveWithFullResponse: true,
proxy: proxyUrl // Optional
});
const cookieJar = request.jar();
Proxy Configuration
Proxies are configured in the format:
const proxyUrl = `http://${proxyUser}:${proxyPass}@${proxyIp}:${proxyPort}`;
if (proxyIp && proxyPort) {
request.defaults({ strictSSL: false });
}
Cookie Jar Usage
All requests should include the cookie jar to maintain session state:
await request.get({
url: 'https://example.com',
jar: cookieJar,
headers: { 'user-agent': getUA() }
});
Checkout Flow Endpoints
Direct Product URL:
GET {productUrl}.js
Content-Type: application/json
GET https://{domain}/products.json?limit=250&page=1&order=updated_at
2. Add to Cart
POST https://{domain}/cart/add.js
Content-Type: application/x-www-form-urlencoded
Form Data:
id: {variantId}
quantity: "1"
3. Generate Checkout
POST https://{domain}/cart/checkout
Content-Type: application/x-www-form-urlencoded
Form Data:
updates[]: 1
attributes[checkout_clicked]: true
checkout: ""
4. Account Login (if required)
POST https://{domain}/account/login
Content-Type: application/x-www-form-urlencoded
Form Data:
form_type: customer_login
utf8: ✓
customer[email]: {email}
customer[password]: {password}
checkout_url: {encodedCheckoutUrl}
5. Submit Address
POST https://{domain}/wallets/checkouts/{token}.json
Authorization: Basic {base64(apiToken)}
Content-Type: application/x-www-form-urlencoded
Form Data:
_method: patch
authenticity_token: {token}
previous_step: contact_information
step: shipping_method
checkout[email_or_phone]: {email}
checkout[shipping_address][first_name]: {firstName}
checkout[shipping_address][last_name]: {lastName}
checkout[shipping_address][address1]: {address}
checkout[shipping_address][city]: {city}
checkout[shipping_address][country]: {country}
checkout[shipping_address][province]: {state}
checkout[shipping_address][zip]: {zipCode}
checkout[shipping_address][phone]: {phoneNumber}
6. Get Shipping Rates
GET https://{domain}/api/2020-10/checkouts/{token}/shipping_rates.json
Authorization: Basic {base64(apiToken)}
7. Submit Shipping
PUT https://{domain}/api/2020-10/checkouts/{token}.json
Authorization: Basic {base64(apiToken)}
Content-Type: application/json
JSON Body:
{
"checkout": {
"token": "{token}",
"shipping_line": {
"handle": "{shippingRateId}"
}
}
}
8. Vault Payment
POST https://deposit.us.shopifycs.com/sessions
Content-Type: application/json
JSON Body:
{
"credit_card": {
"month": 12,
"name": "John Doe",
"number": "4242424242424242",
"verification_value": "123",
"year": 2025
}
}
Vaulted session ID to use in checkout submission
9. Submit Payment
POST https://{domain}/checkouts/{checkoutId}
Content-Type: application/x-www-form-urlencoded
Form Data:
_method: patch
authenticity_token: {token}
previous_step: payment_method
step: ""
s: {vaultedSessionId}
checkout[payment_gateway]: {gatewayId}
checkout[credit_card][vault]: false
checkout[different_billing_address]: false
complete: 1
10. Poll Checkout Status
GET https://{domain}/checkouts/{checkoutId}/processing
If redirect contains thank_you or orders, checkout succeeded
Queue Handling
Detecting Queue
When checkoutURL contains /throttle/queue, the module enters queue polling mode.
GraphQL Queue Poll
POST https://{domain}/queue/poll
Content-Type: application/json
JSON Body:
{
"query": "{ poll(token: $token) { token pollAfter } }",
"variables": { "token": "{queueToken}" }
}
{
"data": {
"poll": {
"__typename": "PollContinue",
"token": "new-token",
"pollAfter": "2024-01-01T12:00:00Z"
}
}
}
__typename is no longer "PollContinue".
Legacy Queue Poll
GET https://{domain}/checkout/poll?js_poll=1
Retry-After header and status code. Continue until status is 200.
Error Handling
Common Error Checks
// No shipping methods available
if (response.includes('There are no shipping methods available')) {
endRun('There are no shipping methods available for your cart or address');
}
// PayPal only (no credit card)
if (!response.includes('data-gateway-name="credit_card"') &&
response.includes('data-select-gateway=')) {
endRun('Paypal Only');
}
// Payment declined
if (response.includes('<p class="notice__text">')) {
const errorMessage = response
.split('<p class="notice__text">')[1]
.split('</p>')[0];
console.log(errorMessage);
}
Success Detection
if (finalUrl.includes('thank_you') || finalUrl.includes('orders')) {
console.log('Success');
return;
}