feat(server/bots): enhance server count validation by allowing a difference based on actual count

Author: skyhancloud

server/src/routes/bots/[id]/stats.js

@@ -19,26 +19,30 @@ module.exports = {
     async (request, response) => {
       const { id, command_count, server_count } = matchedData(request);
 
-      if (!command_count && !server_count) return response.sendError('One of the following fields is required: command_count, server_count.', 400);
+      if (command_count === undefined && server_count === undefined) return response.sendError('One of the following fields is required: command_count, server_count.', 400);
 
       const apiKey = request.headers['authorization'];
       if (!apiKey) return response.sendError('Authorization header is required.', 401);
 
+      const decryptedApiKey = bot.getDecryptedApiKey(apiKey);
+      if (!decryptedApiKey) return response.sendError('Invalid API key.', 401);
+
       const botUser = client.users.cache.get(id) || await client.users.fetch(id).catch(() => null);
       if (!botUser) return response.sendError('Bot not found.', 404);
 
       const bot = await Bot.findOne({ id });
       if (!bot) return response.sendError('Bot not found.', 404);
 
-      const decryptedApiKey = bot.getDecryptedApiKey(apiKey);
-      if (!decryptedApiKey) return response.sendError('Invalid API key.', 401);
-
-      if (command_count) bot.command_count = { value: command_count, updatedAt: new Date() };
-      if (server_count) {
+      if (command_count !== undefined) bot.command_count = { value: command_count, updatedAt: new Date() };
+      if (server_count !== undefined) {
         const approximate_guild_count_data = await getApproximateGuildCount(id).catch(() => null);
         if (!approximate_guild_count_data) return response.sendError('Could not fetch server count.', 500);
 
-        if (Math.abs(server_count - approximate_guild_count_data.approximate_guild_count) > config.maxServerCountDifference) return response.sendError(`The server count provided (${server_count}) is too far off from the actual server count. It cannot differ by more than ${config.maxServerCountDifference} from the actual server count, which is ${approximate_guild_count_data.approximate_guild_count}.`, 400);
+        const actualGuildCount = approximate_guild_count_data.approximate_guild_count;
+        const maxDifference = Math.max(config.maxServerCountDifference, Math.floor(actualGuildCount * 0.1));
+        const countDifference = Math.abs(server_count - actualGuildCount);
+
+        if (countDifference > maxDifference) return response.sendError(`The server count provided (${server_count}) is too far off from the actual server count. It cannot differ by more than ${maxDifference} from the actual server count, which is ${actualGuildCount}.`, 400);
 
         bot.server_count = { value: server_count, updatedAt: new Date() };
       }

server/src/utils/bots/getApproximateGuildCount.js

@@ -5,6 +5,7 @@ async function getApproximateGuildCount(botId) {
   if (!process.env.DISCORD_BOT_GET_APPROXIMATE_GUILD_COUNT_API_SECRET) throw new Error('DISCORD_BOT_GET_APPROXIMATE_GUILD_COUNT_API_SECRET environment variable is missing');
 
   try {
+
     const response = await axios.get(`${process.env.DISCORD_BOT_GET_APPROXIMATE_GUILD_COUNT_API_URL}/bots/${botId}`, {
       headers: {
         'authorization': process.env.DISCORD_BOT_GET_APPROXIMATE_GUILD_COUNT_API_SECRET