Overview
nepseman-api is a production-grade async REST and WebSocket API that reverse-engineers nepalstock.com.np's authentication system — including its WASM-based token obfuscation and salt-based payload signing — to serve live NEPSE market data with no dependency on any third-party NEPSE library.
Problem Solved
Nepal Stock Exchange has no public API. Existing npm/pip packages rely on brittle scraping and break silently when NEPSE rotates its auth tokens. nepseman-api solves this by reimplementing the authentication layer from scratch using NEPSE's own WASM binary, making it robust to token rotation by design.
Key Modules
WASM Auth Engine
Reverse-engineered NEPSE's WASM-based token obfuscation using wasmtime. Implements the full salt-based payload signing algorithm from scratch — no third-party NEPSE dependency anywhere in the codebase.
Full Market Coverage
Endpoints for live prices, top gainers/losers/turnover, market summary, supply-demand, NEPSE index and sub-indices, index graphs, securities list, OHLCV history, market depth, floorsheet, and bulk parallel OHLCV fetching.
PostgreSQL Persistence
Every price fetch auto-saved via SQLAlchemy async ORM. Queryable snapshots with pagination, symbol filtering, and date filtering. Schema versioned with Alembic migrations.
WebSocket Live Stream
Connect to /ws and subscribe to live market data channels with configurable polling intervals. Supports subscribe, unsubscribe, and on-demand route calls.
Technical Architecture
Core auth logic lives in app/core/auth.py — WASM token parser and payload calculator. An async authenticated httpx session handles all outbound requests. Services layer caches results with a TTL decorator. PostgreSQL persistence is handled via async SQLAlchemy with a repository pattern. Routes are split by domain: market, prices, indices, securities, floorsheet, and WebSocket.
Design Language
API-only service. Documentation auto-generated via FastAPI's OpenAPI integration at /docs.