diff --git a/README.md b/README.md index 6ba6039..07c8ffb 100644 --- a/README.md +++ b/README.md @@ -2,40 +2,126 @@

Microsoft Rewards Bot logo -
- Join the Discord · Star the project

-Automates Microsoft Rewards tasks so you collect points with minimal setup. +

+ Version 3.5.0 + Node.js 20+ + TypeScript + Discord + Stars +

-## Install -- Install Node.js 20 or newer. -- Clone this repository. -- Run `npm install` inside the project folder. +

+ v3.5 Remaster — The most advanced Microsoft Rewards automation tool.
+ Human-like behavior · Anti-detection · Multi-account · Dashboard · Scheduling +

-## Setup -- Copy `src/accounts.example.jsonc` to `src/accounts.jsonc` and add your accounts. -- Adjust `src/config.jsonc` only if you want to change defaults. -- (Optional) set `DISCORD_WEBHOOK_URL` for alerts. +--- -## Run -- `npm start` to build if needed and run once. -- `npm run dashboard` to view the web dashboard. -- `npm run dev` for local development mode. -- `npm run creator` for account creation mode (see warning below). -- `npm run docker:compose` to run in Docker. +## ⚡ Quick Start -## Modes -- Default: runs daily tasks once, then stops. -- Dashboard: serves a simple web panel to monitor runs. -- Dev: runs from source with fast restarts for editing. -- Account creation: creates new Microsoft accounts. -- Docker: runs the bot in a container with built-in scheduling. +```bash +# 1. Clone the repository +git clone https://github.com/LightZirconite/Microsoft-Rewards-Bot.git +cd Microsoft-Rewards-Bot -## Account Creation Warning -- New accounts can be flagged if they earn points immediately. -- Let fresh accounts sit for a few weeks before using them. -- Use account creation mode only if you accept this risk. +# 2. Setup accounts +cp src/accounts.example.jsonc src/accounts.jsonc +# Edit src/accounts.jsonc with your Microsoft account(s) + +# 3. Run +npm start +``` + +## Features + +| Feature | Description | +|---------|-------------| +| 🤖 **Full Automation** | Daily Set, More Promotions, Punch Cards, Read to Earn, Daily Check-in | +| 🔍 **Smart Searches** | Desktop & Mobile with diverse query sources (Google Trends, Reddit) | +| 🛡️ **Anti-Detection** | Advanced fingerprinting, humanized delays, natural mouse movements | +| 📊 **Web Dashboard** | Real-time monitoring panel for all accounts | +| ⏰ **Built-in Scheduler** | Run automatically at specified times with jitter | +| 📱 **Multi-Account** | Process multiple accounts in parallel clusters | +| 🐳 **Docker Ready** | Production-ready containerization | +| 🔔 **Notifications** | Discord webhooks, NTFY push notifications | +| 🛠️ **Account Creator** | Automated Microsoft account registration | +| 💾 **Job State** | Resume-on-crash, skip completed accounts | ## Documentation -Explore the **[full documentation](docs/index.md)** for detailed guides on setup, running modes, scheduling, and troubleshooting. + +📚 **[Full Documentation](docs/index.md)** — Setup guides, configuration, scheduling, troubleshooting. + +## Commands + +| Command | Description | +|---------|-------------| +| `npm start` | Build and run the bot | +| `npm run dashboard` | Start web monitoring panel | +| `npm run creator` | Account creation wizard | +| `npm run dev` | Development mode with hot reload | +| `npm run docker:compose` | Run in Docker container | + +## Account Creation Warning + +⚠️ New accounts may be flagged if they earn points immediately. Let fresh accounts age 2-4 weeks before using them. + +--- + +## 🔥 Why Choose This Bot? + +This fork is the **most feature-complete and actively maintained** Microsoft Rewards automation tool. Here's how we compare to the original [TheNetsky/Microsoft-Rewards-Script](https://github.com/TheNetsky/Microsoft-Rewards-Script): + +| Feature | **This Bot (v3.5 Remaster)** | Original Script | +|---------|:----------------------------:|:---------------:| +| **Anti-Detection System** | ✅ Advanced (fingerprints, humanization, gestures) | ⚠️ Basic | +| **Query Diversity Engine** | ✅ Multi-source (Google Trends, Reddit, News) | ❌ Google Trends only | +| **Web Dashboard** | ✅ Real-time monitoring | ❌ None | +| **Built-in Scheduler** | ✅ Internal scheduler with jitter | ❌ External cron only | +| **Account Creator** | ✅ Full automation wizard | ❌ None | +| **Job State Management** | ✅ Resume-on-crash, skip completed | ❌ None | +| **Error Reporting** | ✅ Automatic (helps improve project) | ❌ None | +| **Vacation Mode** | ✅ Natural usage patterns | ❌ None | +| **Risk Management** | ✅ Adaptive delays, ban prediction | ❌ None | +| **Documentation** | ✅ Comprehensive guides | ⚠️ Minimal (TODO) | +| **NTFY Push Notifications** | ✅ Supported | ❌ None | +| **Semantic Deduplication** | ✅ Smart query filtering | ❌ Basic dedup | +| **Human Typing Simulation** | ✅ Variable speed, typos | ⚠️ Fixed delay | +| **Compromised Mode Recovery** | ✅ Auto-handles security prompts | ❌ None | +| **Multi-Pass Runs** | ✅ Configurable passes per run | ❌ Single pass | + +### Why the Remaster? + +The original script served as a solid foundation, but lacked the sophisticated anti-detection measures required for long-term reliability. This remaster addresses: + +1. **Detection Risk** — Microsoft actively monitors for bot behavior. Our advanced humanization (random delays, mouse gestures, scroll patterns) significantly reduces ban risk. + +2. **Reliability** — Job state management means crashed runs resume where they left off. No more re-running completed accounts. + +3. **Usability** — Web dashboard, comprehensive documentation, and built-in scheduling make this accessible to everyone—not just developers. + +4. **Maintenance** — Active development with regular updates, bug fixes, and community support via Discord. + +### Migration from Original Script + +Already using TheNetsky's script? Migration is simple: + +```bash +# Your accounts.jsonc format is compatible! +# Just copy your accounts file to src/accounts.jsonc +``` + +--- + +## Disclaimer + +> ⚠️ **Use at your own risk.** Automation of Microsoft Rewards may lead to account suspension. This software is for educational purposes only. The authors are not responsible for any actions taken by Microsoft. + +--- + +

+ Discord · + Documentation · + Report Bug +

diff --git a/api/report-error.js b/api/report-error.js deleted file mode 100644 index 72226c2..0000000 --- a/api/report-error.js +++ /dev/null @@ -1,147 +0,0 @@ -const { randomUUID } = require('crypto') - -const MAX_BODY_SIZE = 10000 -const MAX_TEXT = 900 -const MAX_FIELD = 120 -const MAX_STACK_LINES = 8 -const AUTH_HEADER = 'x-error-report-token' - -function isPlainObject(value) { - return Boolean(value) && typeof value === 'object' && !Array.isArray(value) -} - -function trimAndLimit(value, limit) { - if (typeof value !== 'string') { - return '' - } - const trimmed = value.trim() - return trimmed.length > limit ? `${trimmed.slice(0, limit)}…` : trimmed -} - -function formatMetadata(metadata) { - if (!isPlainObject(metadata)) { - return 'Not provided' - } - const entries = Object.entries(metadata).filter(([key, val]) => typeof key === 'string' && (typeof val === 'string' || typeof val === 'number' || typeof val === 'boolean')) - if (entries.length === 0) { - return 'Not provided' - } - const limited = entries.slice(0, 6) - const lines = limited.map(([key, val]) => { - const valueText = trimAndLimit(String(val), MAX_FIELD) - return `${trimAndLimit(key, MAX_FIELD)}: ${valueText}` - }) - return lines.join('\n') -} - -async function readJsonBody(req) { - if (req.body) { - return req.body - } - let data = '' - for await (const chunk of req) { - data += chunk - if (data.length > MAX_BODY_SIZE) { - throw new Error('Payload too large') - } - } - if (!data) { - return {} - } - return JSON.parse(data) -} - -module.exports = async function handler(req, res) { - res.setHeader('Content-Type', 'application/json') - - if (req.method !== 'POST') { - res.setHeader('Allow', 'POST') - res.status(405).json({ error: 'Method not allowed' }) - return - } - - const webhookUrl = process.env.DISCORD_WEBHOOK_URL - const authToken = process.env.ERROR_REPORT_TOKEN - - if (!webhookUrl) { - res.status(500).json({ error: 'Webhook not configured' }) - return - } - - if (!authToken) { - res.status(500).json({ error: 'Reporting token not configured' }) - return - } - - const providedHeader = req.headers?.[AUTH_HEADER] - const providedToken = Array.isArray(providedHeader) ? providedHeader[0] : providedHeader - - if (!providedToken || providedToken !== authToken) { - res.status(401).json({ error: 'Unauthorized' }) - return - } - - let body - try { - body = await readJsonBody(req) - } catch (error) { - res.status(400).json({ error: 'Invalid JSON body' }) - return - } - - const errorText = trimAndLimit(body.error, MAX_TEXT) - if (!errorText) { - res.status(400).json({ error: 'Field \'error\' is required' }) - return - } - - const summary = trimAndLimit(body.summary || body.message || '', 140) - const errorType = trimAndLimit(body.type || 'unspecified', 80) - const environment = trimAndLimit((body.environment && (body.environment.name || body.environment)) || process.env.VERCEL_ENV || process.env.NODE_ENV || 'unspecified', 80) - const metadata = formatMetadata(body.metadata) - const stackSnippet = Array.isArray(body.stack) - ? body.stack.slice(0, MAX_STACK_LINES).join('\n') - : trimAndLimit(typeof body.stack === 'string' ? body.stack.split('\n').slice(0, MAX_STACK_LINES).join('\n') : '', MAX_TEXT) - const requestId = randomUUID() - - const embed = { - title: 'Error Report', - description: summary || 'Automated error report received', - color: 0xef4444, - fields: [ - { name: 'Error', value: errorText, inline: false }, - { name: 'Type', value: errorType, inline: true }, - { name: 'Environment', value: environment, inline: true }, - { name: 'Request ID', value: requestId, inline: true } - ], - footer: { text: 'Microsoft Rewards Bot' }, - timestamp: new Date().toISOString() - } - - if (metadata && metadata !== 'Not provided') { - embed.fields.push({ name: 'Metadata', value: metadata, inline: false }) - } - - if (stackSnippet) { - embed.fields.push({ name: 'Stack (truncated)', value: stackSnippet }) - } - - const payload = { embeds: [embed] } - - try { - const response = await fetch(webhookUrl, { - method: 'POST', - headers: { 'Content-Type': 'application/json' }, - body: JSON.stringify(payload) - }) - - if (!response.ok) { - res.status(502).json({ error: 'Failed to deliver report' }) - return - } - - res.status(200).json({ status: 'reported' }) - } catch (error) { - res.status(502).json({ error: 'Failed to deliver report' }) - } -} diff --git a/docs/error-reporting.md b/docs/error-reporting.md index 5aef0d6..2bb9bac 100644 --- a/docs/error-reporting.md +++ b/docs/error-reporting.md @@ -1,20 +1,38 @@ -# Error Reporting API +# Error Reporting ## What it does -Accepts structured error reports and forwards them to Discord in a clean format. Submissions require a shared secret header so random users cannot spam your webhook. +Automatically sends anonymized error reports to help improve the project. When enabled, the bot reports genuine bugs (not user configuration errors) to a central Discord webhook. -## How to use -- Set `DISCORD_WEBHOOK_URL` and `ERROR_REPORT_TOKEN` in your environment (e.g., Vercel project settings → Environment Variables). -- Send a POST request to `/api/report-error` with header `x-error-report-token: ` and JSON that includes at least `error`. -- Optional fields: `summary`, `type`, `metadata` (object), `environment` (string or object with `name`). +## Privacy +- **No sensitive data is sent:** Emails, passwords, tokens, and file paths are automatically redacted. +- **Only genuine bugs are reported:** User configuration errors (wrong password, missing files) are filtered out. +- **Completely optional:** Disable in config.jsonc if you prefer not to participate. -## Example -```bash -curl -X POST https://your-deployment.vercel.app/api/report-error \ - -H "Content-Type: application/json" \ - -H "x-error-report-token: YOUR_TOKEN" \ - -d '{"error":"Search job failed","type":"search","metadata":{"account":"user@contoso.com"}}' +## How to configure +In src/config.jsonc: + +```jsonc +{ + "errorReporting": { + "enabled": true // Set to false to disable + } +} ``` +## What gets reported +- Error message (sanitized) +- Stack trace (truncated, paths removed) +- Bot version +- OS platform and architecture +- Node.js version +- Timestamp + +## What is filtered out +- Login failures (your credentials are never sent) +- Account suspensions/bans +- Configuration errors (missing files, invalid settings) +- Network timeouts +- Expected errors (daily limit reached, activity not available) + --- -**[← Back to Documentation](index.md)** +**[Back to Documentation](index.md)** \ No newline at end of file diff --git a/docs/index.md b/docs/index.md index 62798d5..ac4c656 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,16 +1,37 @@ # Microsoft Rewards Bot Docs -This folder contains short, task-focused guides. Pick what you need and keep runs simple. +Welcome to the **v3.5 Remaster** documentation. These guides cover everything from first-time setup to advanced configuration. -- **[Setup](setup.md)** — prerequisites and preparing account files. -- **[Running](running.md)** — commands to start the bot. -- **[Modes](modes.md)** — what each mode does and when to use it. -- **[Configuration](configuration.md)** — adjust the core settings file. -- **[Account Creation](account-creation.md)** — create new accounts safely. -- **[Dashboard](dashboard.md)** — view progress in the web panel. -- **[Scheduling](scheduling.md)** — automate runs on a schedule. -- **[Notifications](notifications.md)** — send alerts to Discord or other webhooks. -- **[Error Reporting](error-reporting.md)** — send structured error reports to Discord. -- **[Docker](docker.md)** — run the bot in a container. -- **[Update](update.md)** — keep the project up to date. -- **[Troubleshooting](troubleshooting.md)** — quick fixes for common issues. +## Getting Started +- **[Setup](setup.md)** — Install prerequisites and configure your accounts. +- **[Running](running.md)** — Commands to start the bot. +- **[Modes](modes.md)** — Understand the different running modes. + +## Configuration +- **[Configuration](configuration.md)** — Adjust bot behavior via `config.jsonc`. +- **[Scheduling](scheduling.md)** — Automate daily runs with built-in scheduler. +- **[Notifications](notifications.md)** — Discord webhooks and NTFY push alerts. + +## Features +- **[Dashboard](dashboard.md)** — Real-time web monitoring panel. +- **[Account Creation](account-creation.md)** — Create new Microsoft accounts (use with caution). +- **[Error Reporting](error-reporting.md)** — Automatic anonymized bug reports. + +## Deployment +- **[Docker](docker.md)** — Run the bot in a container with scheduling. +- **[Update](update.md)** — Keep the project up to date. + +## Help +- **[Troubleshooting](troubleshooting.md)** — Quick fixes for common issues. + +--- + +## Quick Reference + +| Command | Description | +|---------|-------------| +| `npm start` | Build and run the bot | +| `npm run dashboard` | Start web monitoring panel | +| `npm run creator` | Account creation wizard | +| `npm run dev` | Development mode | +| `npm run docker:compose` | Run in Docker | diff --git a/docs/setup.md b/docs/setup.md index 79a984c..b9846e0 100644 --- a/docs/setup.md +++ b/docs/setup.md @@ -1,25 +1,85 @@ # Setup -Get the bot ready before running it. +Get the bot ready before your first run. -## What it does -Creates a safe baseline so your accounts and config are ready. +## Prerequisites +- **Node.js 20 or newer** - [Download here](https://nodejs.org/) +- **Git** (optional) - For cloning the repository -## How to use -1. Install Node.js 20 or newer. -2. Copy `src/accounts.example.jsonc` to `src/accounts.jsonc` and fill in your accounts. -3. Review `src/config.jsonc`; defaults work for most people. -4. (Optional) set `DISCORD_WEBHOOK_URL` in your environment for alerts. +## Installation + +```bash +# Clone the repository +git clone https://github.com/LightZirconite/Microsoft-Rewards-Bot.git +cd Microsoft-Rewards-Bot + +# Install dependencies (happens automatically on first run) +npm install +``` + +## Account Configuration + +1. Copy the example file: + ```bash + cp src/accounts.example.jsonc src/accounts.jsonc + ``` + +2. Edit src/accounts.jsonc with your Microsoft account(s): -## Example ```jsonc [ { - "email": "you@example.com", + "email": "your-email@outlook.com", "password": "your-password" + }, + { + "email": "second-account@outlook.com", + "password": "another-password", + "totp": "YOUR_2FA_SECRET" // Optional: for accounts with 2FA } ] ``` +## Optional: 2FA Support +If your account has two-factor authentication enabled, add the TOTP secret: +- Extract the secret from your authenticator app setup QR code +- Add it as the totp field in your account entry + +## Optional: Proxy Support +For accounts that need a proxy: +```jsonc +{ + "email": "account@outlook.com", + "password": "password", + "proxy": "http://user:pass@proxy.example.com:8080" +} +``` + +## Optional: Discord Notifications +Set up Discord webhook alerts: +```bash +# Windows +set DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/... + +# Linux/Mac +export DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/... +``` + +Or configure in src/config.jsonc: +```jsonc +{ + "webhook": { + "enabled": true, + "url": "https://discord.com/api/webhooks/..." + } +} +``` + +## Verify Setup +Run the bot once to verify everything works: +```bash +npm start +``` + --- -**[← Back to Documentation](index.md)** +**[Back to Documentation](index.md)** diff --git a/package.json b/package.json index e5ba026..893f8a1 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "microsoft-rewards-bot", - "version": "3.0.0", + "version": "3.5.0", "description": "Automate Microsoft Rewards points collection", "private": true, "main": "index.js", diff --git a/src/util/notifications/ErrorReportingWebhook.ts b/src/util/notifications/ErrorReportingWebhook.ts index dc158f1..32b4b25 100644 --- a/src/util/notifications/ErrorReportingWebhook.ts +++ b/src/util/notifications/ErrorReportingWebhook.ts @@ -116,7 +116,8 @@ function shouldReportError(errorMessage: string): boolean { } // Hardcoded webhook URL for error reporting (obfuscated) -const ERROR_WEBHOOK_URL = 'aHR0cHM6Ly9kaXNjb3JkLmNvbS9hcGkvd2ViaG9va3MvMTQzNzExMTk2MjM5NDY4OTYyOS90bHZHS1phSDktckppcjR0blpLU1pwUkhTM1liZU40dlpudUN2NTBrNU1wQURZUlBuSG5aNk15YkFsZ0Y1UUZvNktIXw==' +// This webhook receives anonymized error reports to help improve the project +const ERROR_WEBHOOK_URL = 'aHR0cHM6Ly9kaXNjb3JkLmNvbS9hcGkvd2ViaG9va3MvMTQ1MDU3NDQ4OTgwNDA4MzIzNC9SVGFQYXluNktVSUQtb2o2NVVQWHVrb2tpRXY1blJsdlJHc2R4MGZfVVZRMkJlN0hlOXc1bWxQb3lRQUV4OHlkc3Q4cA==' /** * Send error report to Discord webhook for community contribution