Package Exports
- sulyap-fca
- sulyap-fca/dist/index.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (sulyap-fca) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
Sulyap - Complete Facebook Chat API Library
███████╗██╗ ██╗██╗ ██╗ ██╗ █████╗ ██████╗
██╔════╝██║ ██║██║ ╚██╗ ██╔╝██╔══██╗██╔══██╗
███████╗██║ ██║██║ ╚████╔╝ ███████║██████╔╝
╚════██║██║ ██║██║ ╚██╔╝ ██╔══██║██╔═══╝
███████║╚██████╔╝███████╗██║ ██║ ██║██║
╚══════╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝ ╚═╝╚═╝ Unofficial Facebook Chat API for Node.js
Ang Sulyap ay isang complete unofficial Facebook Chat API library na ginawa para sa mga Filipino developers na nais gumawa ng automated bots at applications para sa Facebook Messenger. Ito ay lubos na sumusuporta sa Messenger Groups, Private Messages, at iba't ibang uri ng conversations gamit ang personal Facebook accounts.
IMPORTANT: Sulyap ay gumagamit ng unofficial/reverse-engineered API. Ito ay direct na nakikipag-communicate sa Facebook Messenger servers gamit ang private endpoints at protocols na ginagamit ng Facebook mobile/web apps.
Installation
npm install sulyapQuick Start
Using AppState (Recommended)
const login = require('sulyap');
const fs = require('fs');
// Load saved session
const appState = JSON.parse(fs.readFileSync('appstate.json', 'utf8'));
login({ appState }, (err, api) => {
if (err) return console.error(err);
console.log('Logged in as:', api.getCurrentUserID());
// Listen for messages using MQTT (recommended)
api.listenMqtt((err, event) => {
if (err) return console.error(err);
if (event.type === 'message') {
console.log(`${event.senderID}: ${event.body}`);
// Echo bot example
if (event.body === '/ping') {
api.sendMessage('Pong!', event.threadID);
}
}
});
});Using Email/Password
const login = require('sulyap');
login({
email: 'your_email@example.com',
password: 'your_password'
}, (err, api) => {
if (err) {
if (err.error === 'login-approval') {
console.log('2FA required. Please use appState login.');
}
return console.error(err);
}
// Save session for future use
const fs = require('fs');
fs.writeFileSync('appstate.json', JSON.stringify(api.getAppState()));
console.log('Logged in successfully!');
});Complete API Functions
Core Functions
| Function | Description |
|---|---|
login(credentials, callback) |
Main login function for authentication |
api.getAppState() |
Get current session cookies/appState |
api.getCurrentUserID() |
Get the user ID of currently logged-in account |
api.logout(callback) |
Logout and clear session |
api.setOptions(options) |
Configure API behavior |
Messaging Functions
| Function | Description |
|---|---|
api.sendMessage(message, threadID, callback, messageID) |
Send text, attachments, stickers, URLs, emojis |
api.sendTypingIndicator(threadID, callback) |
Send typing indicator |
api.setMessageReaction(reaction, messageID, callback, forceCustomReaction) |
React to messages with emoji. Supports shortcuts: :love:, :haha:, :wow:, :sad:, 😠, :like:, :dislike:, ❤️, :glowingheart: |
api.unsendMessage(messageID, callback) |
Unsend/delete sent messages |
api.editMessage(message, messageID, callback) |
Edit previously sent messages |
api.forwardAttachment(attachmentID, users, callback) |
Forward attachments to other users |
Group/Thread Management
| Function | Description |
|---|---|
api.addUserToGroup(userID, threadID, callback) |
Add user(s) to group chat |
api.removeUserFromGroup(userID, threadID, callback) |
Remove user from group chat |
api.changeAdminStatus(threadID, adminIDs, status, callback) |
Promote/demote admins |
api.changeGroupImage(image, threadID, callback) |
Change group profile picture |
api.changeNickname(nickname, threadID, userID, callback) |
Change user nickname in thread |
api.changeThreadColor(color, threadID, callback) |
Change thread color theme |
api.changeThreadEmoji(emoji, threadID, callback) |
Change default thread emoji |
api.setTitle(newTitle, threadID, callback) |
Change group chat name |
api.muteThread(threadID, muteSeconds, callback) |
Mute thread notifications |
api.createNewGroup(participantIDs, title, callback) |
Create new group chat |
api.createPoll(title, threadID, options, callback) |
Create poll in thread |
api.changeArchivedStatus(threads, archive, callback) |
Archive/unarchive threads |
api.changeBlockedStatus(userID, block, callback) |
Block/unblock user |
api.deleteThread(threads, callback) |
Delete conversation(s) |
api.handleMessageRequest(threadID, accept, callback) |
Accept/decline message requests |
api.changeApprovalMode(approve, threadID, callback) |
Enable/disable group approval mode |
Message Status Functions
| Function | Description |
|---|---|
api.markAsRead(threadID, callback) |
Mark messages as read |
api.markAsReadAll(callback) |
Mark all messages as read |
api.markAsSeen(callback) |
Mark inbox as seen |
api.markAsDelivered(threadID, messageID, callback) |
Mark message as delivered |
Information Retrieval
| Function | Description |
|---|---|
api.getUserID(name, callback) |
Get user ID from name |
api.getUserInfo(userIDs, callback) |
Get detailed user information |
api.getFriendsList(callback) |
Get complete friends list |
api.getThreadInfo(threadID, callback) |
Get thread/conversation details |
api.getThreadList(limit, timestamp, tags, callback) |
Get list of conversations |
api.getThreadHistory(threadID, amount, timestamp, callback) |
Get message history |
api.getThreadPictures(threadID, offset, limit, callback) |
Get photos shared in thread |
api.getEmojiUrl(emoji, size, callback) |
Get URL of emoji image |
api.searchForThread(query, callback) |
Search for threads by name |
api.resolvePhotoUrl(photoID, callback) |
Get direct URL of photo |
Listen Functions
| Function | Description |
|---|---|
api.listen(callback) |
Listen using HTTP polling (legacy) |
api.listenMqtt(callback) |
Listen using MQTT (recommended, auto anti-ban) |
api.getProtectionStats() |
Get anti-ban/anti-detection protection statistics |
api.getCookieRefreshStats() |
Get cookie refresh statistics |
Message Types
Regular Text Message
api.sendMessage('Hello, World!', threadID);Message with Attachment
const fs = require('fs');
api.sendMessage({
body: 'Check out this photo!',
attachment: fs.createReadStream('image.jpg')
}, threadID);Sticker
api.sendMessage({
sticker: '767334476626295'
}, threadID);URL Share
api.sendMessage({
url: 'https://example.com'
}, threadID);Emoji with Size
api.sendMessage({
emoji: '👍',
emojiSize: 'large' // 'small', 'medium', 'large'
}, threadID);Message with Mentions
api.sendMessage({
body: 'Hello @John!',
mentions: [{
tag: '@John',
id: '123456789',
fromIndex: 6
}]
}, threadID);Reply to Message
api.sendMessage('This is a reply!', threadID, null, originalMessageID);Message Reactions
// React with emoji directly
api.setMessageReaction('❤️', messageID);
// Use reaction shortcuts (like biar-fca)
api.setMessageReaction(':love:', messageID); // 😍
api.setMessageReaction(':haha:', messageID); // 😆
api.setMessageReaction(':wow:', messageID); // 😮
api.setMessageReaction(':sad:', messageID); // 😢
api.setMessageReaction('😠', messageID); // 😠
api.setMessageReaction(':like:', messageID); // 👍
api.setMessageReaction(':dislike:', messageID); // 👎
api.setMessageReaction('❤️', messageID); // ❤
api.setMessageReaction(':glowingheart:', messageID); // 💗
// Remove reaction
api.setMessageReaction('', messageID);
// Force custom emoji (bypass validation)
api.setMessageReaction('🔥', messageID, null, true);Event Types
When using listenMqtt, you'll receive various event types:
api.listenMqtt((err, event) => {
switch (event.type) {
case 'message':
// New message received
console.log(`From ${event.senderID}: ${event.body}`);
break;
case 'message_reaction':
// Someone reacted to a message
console.log(`${event.senderID} reacted with ${event.reaction}`);
break;
case 'message_unsend':
// Message was unsent/deleted
console.log(`Message ${event.messageID} was unsent`);
break;
case 'typ':
// Typing indicator
console.log(`${event.from} is ${event.isTyping ? 'typing' : 'stopped typing'}`);
break;
case 'read_receipt':
// Read receipt
console.log(`${event.reader} read messages in ${event.threadID}`);
break;
case 'presence':
// Online/offline status
console.log(`${event.userID} is ${event.statuses ? 'online' : 'offline'}`);
break;
case 'event':
// Group events (title change, member added/removed, etc.)
console.log(`Event: ${event.logMessageType}`);
break;
}
});API Options
api.setOptions({
// Logging level: 'silent', 'error', 'warn', 'info', 'debug', 'verbose'
logLevel: 'info',
// Listen to your own messages
selfListen: false,
// Receive group events (joins, leaves, title changes)
listenEvents: true,
// Set online status
online: true,
// Update presence information
updatePresence: true,
// Auto-approve login from new device
forceLogin: false,
// Custom user agent
userAgent: 'Mozilla/5.0 ...',
// Automatically mark messages as delivered
autoMarkDelivery: true,
// Automatically mark messages as read
autoMarkRead: false,
// Proxy URL for requests
proxy: 'http://proxy:8080',
// Anti-Ban & Anti-Detection Options (all enabled by default)
cookieRefreshInterval: 20000, // Cookie refresh interval in ms (default: 20 seconds)
sessionRotationInterval: 14400000, // Session rotation interval in ms (default: 4 hours)
autoRotateSession: true, // Enable automatic session rotation (default: true)
});Features
Anti-Ban System (Automatic)
Sulyap includes a comprehensive anti-ban protection system that is automatically enabled when you use listenMqtt(). No configuration needed!
- Automatic Cookie Refresh - Refreshes cookies every 20 seconds to prevent session expiration
- Session Fingerprint Rotation - Automatically rotates session fingerprints every 4 hours
- Multiple Refresh Endpoints - Uses randomized Facebook endpoints for cookie refresh
- Connection Keep-Alive - Maintains persistent connection to prevent timeout
- Meta Platform Compatible - Updated for latest Meta/Facebook security measures
// Anti-ban is AUTOMATICALLY ENABLED - just use listenMqtt!
api.listenMqtt((err, event) => {
// Protection is active - cookies auto-refresh every 20s
console.log(event);
});
// Check protection status anytime
const stats = api.getProtectionStats();
console.log('Anti-ban active:', stats.antiBanEnabled);
console.log('Cookie refreshes:', stats.cookieRefreshCount);Anti-Detection System (Automatic)
Advanced anti-detection features that make your bot appear like a real human user:
- Session Fingerprint Management - Realistic browser fingerprints with auto-rotation
- Header Randomization - Meta-specific Sec-Ch-Ua headers matching real browsers
- Pattern Diffusion - Adaptive delays and randomization to avoid detection patterns
- Request Obfuscation - Multi-layer obfuscation with entropy injection
- Timing Jitter - Random delays between requests to prevent predictable patterns
- Behavioral Signature - Simulates realistic user behavior patterns
- User Agent Rotation - Updated Chrome/Firefox/Safari user agents for 2025
- Smart Rate Limiting - Intelligent message pacing to avoid spam detection
// All anti-detection features are automatically enabled!
// You can customize intervals if needed:
login({ appState }, {
cookieRefreshInterval: 20000, // Refresh cookies every 20 seconds (default)
sessionRotationInterval: 14400000, // Rotate session every 4 hours (default)
autoRotateSession: true, // Enable session rotation (default: true)
}, (err, api) => {
// Full protection is now active
});Keep-Alive System
- Dual Mechanism - Cookie refresh + MQTT pings
- Auto Cookie Refresh - Refreshes every 20 seconds to maintain valid authentication
- Connection Health Monitoring - Real-time failure tracking with auto-recovery
- Automatic Reconnection - Handles disconnections gracefully with exponential backoff
MQTT/Delta Protocol
- Real-time message delivery via Facebook's MQTT servers
- Delta protocol support for efficient updates
- WebSocket fallback for compatibility
- Automatic reconnection with exponential backoff
Beautiful Logging
███████╗██╗ ██╗██╗ ██╗ ██╗ █████╗ ██████╗
██╔════╝██║ ██║██║ ╚██╗ ██╔╝██╔══██╗██╔══██╗
███████╗██║ ██║██║ ╚████╔╝ ███████║██████╔╝
╚════██║██║ ██║██║ ╚██╔╝ ██╔══██║██╔═══╝
███████║╚██████╔╝███████╗██║ ██║ ██║██║
╚══════╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝ ╚═╝╚═╝
[12:34:56.789] INFO Sulyap Connecting to Facebook MQTT...
[12:34:57.123] OK Sulyap MQTT connected successfully
┌──────────────────────────────────────┐
│ MQTT Status │
├──────────────────────────────────────┤
│ User ID: 123456789 │
│ Session: abc123... │
│ Status: Connected │
│ Mode: Long Polling │
└──────────────────────────────────────┘Compatibility
- Node.js: 14.x, 16.x, 18.x, 20.x, 22.x+
- OS: Windows, macOS, Linux, Docker
- Cloud: Heroku, Replit, Railway, Render, AWS, GCP, Azure
Getting AppState
There are several ways to get your Facebook appState:
- c3c-fbstate - Browser extension to export cookies
- EditThisCookie - Chrome extension for cookie management
- Manual extraction - Use browser DevTools to copy cookies
AppState Format
[
{
"key": "c_user",
"value": "123456789",
"domain": ".facebook.com",
"path": "/"
},
{
"key": "xs",
"value": "...",
"domain": ".facebook.com",
"path": "/"
}
]Important Notes
Disclaimer: Ito ay unofficial library at HINDI affiliated sa Meta/Facebook. Ginagamit nito ang reverse-engineered protocols ng Facebook Messenger para sa personal Facebook accounts.
Account Safety:
- Gamitin ng responsibly
- Sundin ang Facebook Terms of Service
- Huwag gawing spam tool
- Maaaring ma-ban ang account kung hindi ginagamit ng tama
Anti-Detection: Kahit may advanced anti-detection features, walang 100% guarantee na hindi ma-detect. Use at your own risk.
License
MIT License - Free to use, modify, and distribute.
Credits
- Inspired by fca-unofficial
- Built for the Filipino developer community
Sulyap - The complete Facebook Chat API solution with 30+ functions for full Messenger automation!