srizan/hctv
1
0
Fork 0
mirror of https://github.com/SrIzan10/hctv.git synced 2026-06-06 00:56:56 +00:00
Code Issues Packages Projects Releases 5 Wiki Activity

chore: update apps/docs/src/content/docs/api/chat.mdx

Browse Source 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This commit is contained in:
SrIzan10
2026-02-06 23:24:34 +01:00
committed by GitHub
parent 2dfbab5d0e
commit 7d350cfc04
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apps/docs/src/content/docs/api/chat.mdx
View File

@@ -14,12 +14,11 @@ The websocket server is located at `wss://hackclub.tv/api/chat/ws/:username`, wh
You'll need to provide authentication, which can be done by providing an `auth_session` cookie, just like the REST API.
<Aside type="tip">
Bot accounts are now supported. You can choose to connect as a bot by providing a bot account's API key in one of two ways:
- Using the `Authorization` header: `Bearer hctvb_xxxxxxx`
- Using the `?botAuth=hctvb_xxxxxxx` query parameter
Bot accounts are now supported. You should connect as a bot by providing a bot account's API key using the `Authorization` header:
**Security Note:** When using the `?botAuth=` query parameter, be aware that query parameters may be logged in server logs, and/or proxy logs. Use the `Authorization` header method whenever possible. The query parameter method should only be used when connecting from an environment where headers cannot be set.
- `Authorization: Bearer hctvb_xxxxxxx`
**Security Note:** Do not pass bot API keys in query parameters (for example, via a `?botAuth=` query string), because URLs and their query strings are much more likely to be logged or stored in browser history. Always use the `Authorization` header for bot authentication.
It is highly advised to use a bot account for any automated task, and to implement anything pointed out in this page.
</Aside>