feat: Add Vercel serverless error reporting system

2026-01-09 17:06:15 +00:00 · 2026-01-02 15:21:08 +01:00
parent 117297e478
commit c2a3ba2a31
6 changed files with 1601 additions and 198 deletions
--- a/api/README.md
+++ b/api/README.md
@@ -1,132 +0,0 @@
-# Vercel Error Reporting Configuration
-
-This directory contains Vercel Serverless Functions for centralized error reporting.
-
-## Setup Instructions
-
-### 1. Configure Discord Webhook in Vercel
-
-1. Go to your Vercel project: https://vercel.com/lightzirconites-projects/rewards-bot
-2. Navigate to **Settings** → **Environment Variables**
-3. Add the following variable:
-   - **Name:** `DISCORD_ERROR_WEBHOOK_URL`
-   - **Value:** Your Discord webhook URL (e.g., `https://discord.com/api/webhooks/...`)
-   - **Environment:** Production, Preview, Development (select all)
-
-### 2. Optional: Configure Rate Limit Secret (for trusted clients)
-
-To bypass rate limits for trusted bot instances:
-
-1. Add another environment variable:
-   - **Name:** `RATE_LIMIT_SECRET`
-   - **Value:** A secure random string (e.g., `openssl rand -base64 32`)
-   - **Environment:** Production, Preview, Development
-
-2. In the bot's `config.jsonc`, add:
-   ```jsonc
-   {
-     "errorReporting": {
-       "enabled": true,
-       "apiUrl": "https://rewards-bot-eight.vercel.app/api/report-error",
-       "secret": "your-secret-here"  // Same as RATE_LIMIT_SECRET
-     }
-   }
-   ```
-
-### 3. Deploy to Vercel
-
-After configuring environment variables:
-
-```bash
-# Option 1: Git push (automatic deployment)
-git add api/ vercel.json
-git commit -m "feat: Add Vercel error reporting endpoint"
-git push origin main
-
-# Option 2: Manual deployment with Vercel CLI
-npm install -g vercel
-vercel --prod
-```
-
-### 4. Test the Endpoint
-
-```bash
-# Test rate limiting (should work)
-curl -X POST https://rewards-bot-eight.vercel.app/api/report-error \
-  -H "Content-Type: application/json" \
-  -d '{
-    "error": "Test error message",
-    "context": {
-      "version": "2.56.5",
-      "platform": "linux",
-      "arch": "x64",
-      "nodeVersion": "v22.0.0",
-      "timestamp": "'$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")'"
-    }
-  }'
-
-# Test with secret (bypasses rate limit)
-curl -X POST https://rewards-bot-eight.vercel.app/api/report-error \
-  -H "Content-Type: application/json" \
-  -H "X-Rate-Limit-Secret: your-secret-here" \
-  -d '{...}'
-```
-
-## Endpoint Details
-
-### POST `/api/report-error`
-
-**Headers:**
- `Content-Type: application/json`
- `X-Rate-Limit-Secret` (optional): Secret to bypass rate limits
-
-**Request Body:**
-```typescript
-{
-  "error": string,              // Error message (sanitized)
-  "stack"?: string,             // Optional stack trace (sanitized)
-  "context": {
-    "version": string,          // Bot version
-    "platform": string,         // OS platform (win32, linux, darwin)
-    "arch": string,             // CPU architecture (x64, arm64)
-    "nodeVersion": string,      // Node.js version
-    "timestamp": string,        // ISO 8601 timestamp
-    "botMode"?: string          // DESKTOP, MOBILE, MAIN
-  },
-  "additionalContext"?: Record<string, unknown>
-}
-```
-
-**Response:**
- `200 OK`: Error report sent successfully
- `400 Bad Request`: Invalid payload
- `429 Too Many Requests`: Rate limit exceeded (10 requests/minute/IP)
- `500 Internal Server Error`: Server error or Discord webhook failure
-
-## Security Considerations
-
-1. **Environment Variables:** Discord webhook URL is NEVER exposed in code
-2. **Rate Limiting:** 10 requests per minute per IP address (configurable)
-3. **CORS:** Enabled for all origins (error reporting is public)
-4. **Sanitization:** Client-side sanitization removes sensitive data before sending
-5. **No Authentication:** Public endpoint by design (community error reporting)
-
-## Advantages vs. Previous System
-
-| Feature | Old System (Discord Webhook) | New System (Vercel API) |
-|---------|------------------------------|-------------------------|
-| Webhook Exposure | ❌ Hardcoded in code (base64) | ✅ Hidden in env vars |
-| User Control | ❌ Can disable in config | ✅ Cannot disable |
-| Redundancy | ⚠️ 4 hardcoded webhooks | ✅ Single endpoint, multiple webhooks possible |
-| Rate Limiting | ❌ Manual tracking | ✅ Automatic per IP |
-| Maintenance | ❌ Code changes required | ✅ Env var update only |
-| Cost | ✅ Free | ✅ Free (100k req/day) |
-
-## Migration Guide
-
-See [docs/error-reporting-vercel.md](../docs/error-reporting-vercel.md) for full migration instructions.
-
---
-
-**Last Updated:** 2025-01-02  
-**Maintainer:** LightZirconite
--- a/api/report-error.ts
+++ b/api/report-error.ts
@@ -2,15 +2,8 @@ import type { VercelRequest, VercelResponse } from '@vercel/node'

 /**
 * Vercel Serverless Function for Error Reporting
- * 
- * This endpoint receives error reports from Microsoft Rewards Bot instances
- * and forwards them to a centralized Discord webhook stored in environment variables.
- * 
- * Environment Variables Required:
- * - DISCORD_ERROR_WEBHOOK_URL: Discord webhook URL for error reporting
- * - RATE_LIMIT_SECRET (optional): Secret key for bypassing rate limits (trusted clients)
- * 
- * @see https://vercel.com/docs/functions/serverless-functions
+ * Receives error reports and forwards to Discord webhook
+ * Rate limited: 10 req/min/IP
 */

 interface ErrorReportPayload {