whekin/household-bot
1
0
Fork 0
mirror of https://github.com/whekin/household-bot.git synced 2026-03-31 10:24:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(review): harden miniapp auth and finance flows

Browse Source
This commit is contained in:
whekin
2026-03-09 00:30:31 +04:00
parent 91a040f2ee
commit c8b17136be
22 changed files with 327 additions and 157 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/runbooks/iac-terraform.md
View File

@@ -48,8 +48,13 @@ Keep bot runtime config that is not secret in your `*.tfvars` file:
- `bot_household_id`
- `bot_household_chat_id`
- `bot_purchase_topic_id`
- optional `bot_feedback_topic_id`
- `bot_mini_app_allowed_origins`
- optional `bot_parser_model`
Set `bot_mini_app_allowed_origins` to the exact mini app origins you expect in each environment.
Do not rely on permissive origin reflection in production.
## Reminder jobs
Terraform provisions three separate Cloud Scheduler jobs:
@@ -67,6 +72,7 @@ They target the bot runtime endpoints:
Recommended rollout:
- keep `scheduler_paused = true` and `scheduler_dry_run = true` on first apply
- confirm `bot_mini_app_allowed_origins` is set for the environment before exposing the mini app
- validate job responses and logs
- unpause when the delivery side is ready
- disable dry-run only after production verification

2
docs/specs/HOUSEBOT-040-miniapp-shell.md
View File

@@ -39,7 +39,7 @@ Build the first usable SolidJS mini app shell with a real Telegram initData veri
- Telegram initData is verified with the bot token before membership lookup.
- Mini app access depends on an actual household membership match.
- CORS can be limited via `MINI_APP_ALLOWED_ORIGINS`; if unset, the endpoint falls back to permissive origin reflection for deployment simplicity.
- CORS can be limited via `MINI_APP_ALLOWED_ORIGINS`; local development may use permissive origin reflection, but production must use an explicit allow-list.
## UX Notes