Initial commit

2026-01-10 17:26:17 +00:00 · 2025-11-01 20:44:31 +01:00
commit 6d549e6590
91 changed files with 20404 additions and 0 deletions
--- a/docs/accounts.md
+++ b/docs/accounts.md
@@ -0,0 +1,168 @@
+# 👤 Accounts & 2FA Setup
+
+**Add your Microsoft accounts with secure TOTP authentication**
+
+---
+
+## 📍 Quick Start
+
+### Basic Setup (No 2FA)
+
+**Edit** `src/accounts.json`:
+```json
+{
+  "accounts": [
+    {
+      "email": "your@email.com",
+      "password": "your_password",
+      "recoveryEmail": "backup@email.com"
+    }
+  ]
+}
+```
+
+> ℹ️ `recoveryEmail` is **mandatory**. It lets the bot verify Microsoft’s masked hint during login and alert you if the recovery address ever changes.
+
+**That's it!** Run `npm start` to test.
+
+---
+
+## 🔐 Add 2FA/TOTP (Recommended)
+
+### Why Use TOTP?
+- ✅ **Automated login** — No manual code entry
+- ✅ **More secure** — Better than SMS
+- ✅ **Works 24/7** — Scheduler-friendly
+
+### How to Get Your TOTP Secret
+
+1. **Open** https://account.live.com/proofs/Manage/additional (Security → Advanced security options → Additional security).
+2. Enable two-step verification and click **Next** until you see the setup wizard.
+3. Click the blue link **"Set up a different authenticator app"**.
+4. On the next screen click **"I can't scan the bar code"** to reveal the Base32 secret.
+5. Scan the QR with your preferred authenticator (Google Authenticator recommended to keep data separate from Microsoft) **and** copy the secret:
+  - The same secret can stay in your app and be saved in this file (multiple authenticators can share it).
+6. Enter the 6-digit code in Microsoft’s wizard to finish pairing.
+7. **Add the secret to** `accounts.json`:
+
+```json
+{
+  "accounts": [
+    {
+      "email": "your@email.com",
+      "password": "your_password",
+      "recoveryEmail": "backup@email.com",
+      "totp": "JBSWY3DPEHPK3PXP"
+    }
+  ]
+}
+```
+
+---
+
+## 🎯 Multiple Accounts
+
+```json
+{
+  "accounts": [
+    {
+      "email": "account1@email.com",
+      "password": "password1",
+      "recoveryEmail": "backup1@email.com",
+      "totp": "SECRET1"
+    },
+    {
+      "email": "account2@email.com",
+      "password": "password2",
+      "recoveryEmail": "backup2@email.com",
+      "totp": "SECRET2"
+    }
+  ]
+}
+```
+
+---
+
+## 🌐 Per-Account Proxy (Optional)
+
+```json
+{
+  "accounts": [
+    {
+      "email": "your@email.com",
+      "password": "password",
+      "recoveryEmail": "backup@email.com",
+      "totp": "",
+      "proxy": {
+        "proxyAxios": true,
+        "url": "proxy.example.com",
+        "port": 8080,
+        "username": "proxyuser",
+        "password": "proxypass"
+      }
+    }
+  ]
+}
+```
+
+→ **[Full Proxy Guide](./proxy.md)**
+
+---
+
+## 🔒 Environment Variables (Docker/CI)
+
+### Option 1: File Path
+```bash
+export ACCOUNTS_FILE=/path/to/accounts.json
+```
+
+### Option 2: Inline JSON
+```bash
+export ACCOUNTS_JSON='{"accounts":[{"email":"test@example.com","password":"pass"}]}'
+```
+
+---
+
+## 🛠️ Troubleshooting
+
+| Problem | Solution |
+|---------|----------|
+| **"accounts.json not found"** | Create file or set `ACCOUNTS_FILE` env var |
+| **"2FA prompt not auto-filled"** | Check TOTP secret is valid Base32 |
+| **"Invalid TOTP"** | Verify system time is correct |
+| **"Account locked"** | Manually unlock in Microsoft Account |
+| **"Login timeout"** | Check internet connection, try proxy |
+
+### 2FA Not Working?
+
+1. **Check secret format** — Should be Base32 (only letters/numbers, no spaces)
+2. **Verify system time** — Must be accurate (NTP sync)
+3. **Test manually** — Use authenticator app to verify code works
+4. **Remove backup codes** — Some security settings block TOTP
+
+---
+
+## 🔒 Security Tips
+
+- 🔐 **Use strong passwords** — Unique for each account
+- 🔑 **Enable TOTP** — More secure than SMS
+- 📁 **Restrict file permissions** — `chmod 600 accounts.json` (Linux)
+- 🔄 **Rotate passwords** — Change every 90 days
+- 🚫 **Never commit** — Add `accounts.json` to `.gitignore`
+
+---
+
+## 📚 Next Steps
+
+**TOTP setup?**  
+→ **[Security Guide](./security.md)** for best practices
+
+**Ready for automation?**  
+→ **[Scheduler Setup](./schedule.md)**
+
+**Need proxies?**  
+→ **[Proxy Guide](./proxy.md)**
+
+---
+
+**[← Back to Hub](./index.md)** | **[Getting Started](./getting-started.md)**