# Next Session: Zomato MCP — Build Telegram Ordering UX

## Context
Session 397 (2026-04-03) completed ALL Zomato API testing (items 1-4). Session 396 authenticated + checkout tested. Read `memory/project_zomato_mcp_integration.md` for ALL technical details.

## Session 397 Results (2026-04-03)
- **`pay_later` DOES NOT WORK**: Silently overridden to `upi_qr`. Rajesh likely doesn't have Zomato postpaid enabled.
- **Order history WORKS**: Requires `address_id`. Supports `search_query`, `start_date`/`end_date`, pagination. Goes back to 2021.
- **Price comparison DONE**: Zomato ₹227.58 vs Swiggy ₹228.00 for Fries (Large) — identical MRP, negligible platform fee difference.
- **Offers WORK**: BINGE100 (₹100 off, MOV ₹649) applied via `promo_code` in `create_cart`. But auto-offers can be BETTER than manual promos.
- **Prototype created**: `scripts/prototypes/zomato_prototype.py` — raw httpx MCP client, 5 CLI commands.
- **Reports saved**: `scripts/prototypes/reports/zomato_*.json` (discovery, exploration, comparison).

## Remaining TODO (in order)
1. **Build Telegram ordering UX** — Annie sends order summary, Rajesh confirms, Annie places via MCP (TWF handler pattern)
2. **Zepto + Blinkit login** on Pixel (pending from session 393)
3. **Test Swiggy Instamart** `your_go_to_items` — grocery restock intelligence
4. **Test Swiggy Dineout** `get_available_slots` + `book_table` — table booking
5. **ADB order history scraping** — full history from all apps (months/years)

## Key Technical Details

### Zomato MCP Connection (WORKING)
```python
headers = {
    'Authorization': f'Bearer {token}',
    'Content-Type': 'application/json',
    'Accept': 'application/json, text/event-stream',
}
# POST to https://mcp-server.zomato.com/mcp with JSON-RPC
# Response is SSE: parse "data: {...}" lines
```

### Zomato vs Swiggy
| Feature | Swiggy | Zomato |
|---------|--------|--------|
| Token | 5 days, no refresh | **30 days + refresh** |
| Cart via MCP | Useless (phone overwrites) | **Works (create_cart)** |
| Payment | COD only | **upi_qr, pay_later** |
| Order history | Active only (Food) | **Full with search** |
| Checkout | place_food_order (COD) | **checkout_cart → Reorder flow** |

### Rajesh's Zomato Address
- Home HSR: `address_id: 233093817`

### McDonald's on Zomato
- res_id: 53910
- Fries (Large): item_id=ctl_682772299, variant_id=v_918068117, ₹161.90

### Swiggy Cart Sync (DEFINITIVELY ZERO)
- MCP↔Phone: NO SYNC (both directions, 7 rounds)
- MCP↔Pixel: NO SYNC (all conditions)
- Phone is master cart, MCP is read-only mirror
- MCP `update_food_cart` is useless — phone overwrites it

### OAuth Re-Auth (both platforms)
```bash
# Swiggy: raw PKCE + browser (Playwright or Chrome)
# Zomato: raw PKCE + Playwright (localhost redirect works!)
# Both use: generate PKCE → navigate auth URL → login + OTP → extract code from callback → exchange
```

## Files to Read
- `memory/project_zomato_mcp_integration.md` — COMPLETE Zomato config, all tools, checkout behavior
- `memory/project_swiggy_mcp_integration.md` — Swiggy config, cart sync findings, ADB flow
- `memory/feedback_never_add_blck.md` — Never add BLCK subscription to cart
- `~/.her-os/annie/mcp-tokens/zomato_tokens.json` — Zomato token (30-day, check expiry)
- `~/.her-os/annie/mcp-tokens/swiggy_tokens.json` — Swiggy token (5-day, check expiry)

## Pixel Status
- Swiggy: logged in (fresh OTP this session)
- Zomato: logged in (session 393)
- Zepto: login pending (phone number entry)
- Blinkit: login not started