LightZirconite/Microsoft-Rewards-Bot
1
1
Fork 0
mirror of https://github.com/LightZirconite/Microsoft-Rewards-Bot.git synced 2026-01-09 17:06:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add error reporting token validation and update documentation

Browse Source
This commit is contained in:
LightZirconite
2025-12-06 13:32:02 +01:00
parent b562af43ca
commit 0c8fcfc597
3 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
api/report-error.js
View File

@@ -1,6 +1,7 @@
const MAX_BODY_SIZE = 10000
const MAX_TEXT = 900
const MAX_FIELD = 120
const AUTH_HEADER = 'x-error-report-token'
function isPlainObject(value) {
return Boolean(value) && typeof value === 'object' && !Array.isArray(value)
@@ -57,11 +58,26 @@ module.exports = async function handler(req, res) {
}
const webhookUrl = process.env.DISCORD_WEBHOOK_URL
const authToken = process.env.ERROR_REPORT_TOKEN
if (!webhookUrl) {
res.status(500).json({ error: 'Webhook not configured' })
return
}
if (!authToken) {
res.status(500).json({ error: 'Reporting token not configured' })
return
}
const providedHeader = req.headers?.[AUTH_HEADER]
const providedToken = Array.isArray(providedHeader) ? providedHeader[0] : providedHeader
if (!providedToken || providedToken !== authToken) {
res.status(401).json({ error: 'Unauthorized' })
return
}
let body
try {
body = await readJsonBody(req)

7
docs/error-reporting.md
View File

@@ -1,17 +1,18 @@
# Error Reporting API
## What it does
Accepts structured error reports and forwards them to Discord in a clean format.
Accepts structured error reports and forwards them to Discord in a clean format. Submissions require a shared secret header so random users cannot spam your webhook.
## How to use
- Set `DISCORD_WEBHOOK_URL` in your environment.
- Send a POST request to `/api/report-error` with JSON that includes at least `error`.
- Set `DISCORD_WEBHOOK_URL` and `ERROR_REPORT_TOKEN` in your environment (e.g., Vercel project settings → Environment Variables).
- Send a POST request to `/api/report-error` with header `x-error-report-token: <your token>` and JSON that includes at least `error`.
- Optional fields: `summary`, `type`, `metadata` (object), `environment` (string or object with `name`).
## Example
```bash
curl -X POST https://your-deployment.vercel.app/api/report-error \
-H "Content-Type: application/json" \
-H "x-error-report-token: YOUR_TOKEN" \
-d '{"error":"Search job failed","type":"search","metadata":{"account":"user@contoso.com"}}'
```

2
docs/scheduling.md
View File

@@ -7,6 +7,8 @@ Runs the bot automatically at set times.
- Turn on scheduling in `src/config.jsonc` under `scheduling.enabled`.
- Choose a time using the cron or Task Scheduler fields already in the config.
- Leave the machine or container running so the schedule can trigger.
- Check the console after start: it prints the next run time. If you close the window or stop the container, the scheduler stops.
- Serverless hosts (e.g., Vercel) will not keep the scheduler alive; run on a machine or container that stays on.
## Example
```jsonc