RubberDuckCrew · IamPekka058 · Apr 30, 2026 · Apr 30, 2026 · Apr 30, 2026 · Apr 30, 2026
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -1,7 +1,5 @@
 {
 	"$schema": "https://docs.renovatebot.com/renovate-schema.json",
-	"extends": [
-		"github>RubberDuckCrew/.github//configs/renovate/renovate-rubberduckcrew.json"
-	],
+	"extends": ["github>RubberDuckCrew/.github//configs/renovate/renovate-rubberduckcrew.json"],
 	"reviewers": ["team:cloudflare-worker-development"]
 }
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -10,4 +10,4 @@
 		"**/Thumbs.db": false
 	},
 	"explorerExclude.backup": {}
-}
+}
diff --git a/README.md b/README.md
@@ -1 +1,40 @@
-# gitdone-cloudflare-worker
+# gitdone-cloudflare-worker
+
+Cloudflare Worker for the GitDone login flow. The worker accepts an OAuth callback POST request, validates the payload, rate-limits requests per IP, and exchanges the `code` for a GitHub access token.
+
+## Required secrets
+
+The worker expects these environment values:
+
+- `CLIENT_ID`
+- `CLIENT_SECRET`
+
+## API
+
+### Request
+
+- **Method:** `POST`
+- **Content-Type:** `application/json`
+
+Example body:
+
+```json
+{
+	"code": "oauth_code_from_callback",
+	"code_verifier": "pkce_verifier"
+}
+```
+
+### Responses
+
+- `200 OK` – GitHub OAuth response returned as JSON
+- `400 Bad Request` – invalid JSON or missing fields
+- `405 Method Not Allowed` – when the request is not `POST`
+- `429 Too Many Requests` – rate limit exceeded
+- `500 Internal Server Error` – missing GitHub credentials
+
+## Rate limiting
+
+- Counted per IP address using `CF-Connecting-IP`
+- Window: **10 minutes**
+- Maximum: **10 requests** per IP per window
diff --git a/eslint.config.mjs b/eslint.config.mjs
@@ -2,7 +2,4 @@ import js from '@eslint/js';
 import { defineConfig } from 'eslint/config';
 import tseslint from 'typescript-eslint';
 
-export default defineConfig(
-	js.configs.recommended,
-	tseslint.configs.recommended,
-);
+export default defineConfig(js.configs.recommended, tseslint.configs.recommended);
diff --git a/src/index.ts b/src/index.ts
@@ -44,7 +44,7 @@ export default {
 		const githubRes = await fetch('https://github.com/login/oauth/access_token', {
 			method: 'POST',
 			headers: {
-				'Accept': 'application/json',
+				Accept: 'application/json',
 				'Content-Type': 'application/x-www-form-urlencoded',
 			},
 			body: params.toString(),

diff --git a/src/types.ts b/src/types.ts
@@ -15,4 +15,3 @@ export type OAuthRequestBody = {
 	code: string;
 	code_verifier: string;
 };
-
diff --git a/tsconfig.json b/tsconfig.json
@@ -36,9 +36,7 @@
 
 		/* Skip type checking all .d.ts files. */
 		"skipLibCheck": true,
-		"types": [
-			"./worker-configuration.d.ts"
-		]
+		"types": ["./worker-configuration.d.ts"]
 	},
 	"exclude": ["test"],
 	"include": ["worker-configuration.d.ts", "src/**/*.ts"]
-Original file line number
+Diff line change
@@ Expand Up / @@ -10,4 +10,4 @@ @@
     		"**/Thumbs.db": false
     	},
     	"explorerExclude.backup": {}
-    }
+    }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -15,4 +15,3 @@ export type OAuthRequestBody = {
		code: string;
		code_verifier: string;
		};