xiaokang/lotteryAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(docs, agents, risk): enhance documentation, API queries, and UI components

Browse Source 
Updated the public documentation site with improved layout and accessibility, including new sections for client integration and admin guides. Enhanced API queries by adding 'active_only' and 'group_by' parameters for better data filtering in risk management. Refined UI components for agent management, ensuring consistent styling and improved user experience across the application. Added localization support for new documentation content in English and Nepali.
This commit is contained in:
kang
2026-06-15 17:21:50 +08:00
parent 17335cb47a
commit 641c87ff50
107 changed files with 5114 additions and 943 deletions
Download Patch File Download Diff File Expand all files Collapse all files

566
src/i18n/locales/ne/integrationDocs.json
View File

@@ -1,13 +1,15 @@
{
"shell": {
"title": "Integration API",
"admin": "Admin"
"title": "लटरी इन्टिग्रेसन दस्तावेज",
"admin": "Admin",
"adminLogin": "Admin console"
},
"nav": {
"overview": "अवलोकन",
"api": "API",
"ship": "लाइभ",
"home": "सारांश",
"delivery": "इन्टिग्रेसन वितरण",
"quickstart": "छिटो सुरु",
"fundamentals": "रकम मोडेल",
"setup": "सेटअप",
@@ -16,7 +18,11 @@
"wallet": "वालेट गेटवे",
"transfer": "स्थानान्तरण (सन्दर्भ)",
"errors": "त्रुटि कोड",
"golive": "लाइभ सूची"
"troubleshooting": "समस्या निवारण",
"golive": "लाइभ सूची",
"operations": "सञ्चालन",
"adminGuide": "Admin Guide",
"apiReference": "API Reference"
},
"headers": {
"component": ["कम्पोनेन्ट", "भूमिका", "मालिक"],
@@ -35,337 +41,427 @@
"envMap": ["वस्तु", "Admin साइट", "मुख्य .env", "नोट"],
"account": ["प्रयोगकर्ता", "पासवर्ड", "site_player_id"],
"contract": ["परिदृश्य", "HTTP", "Body"],
"adminField": ["फिल्ड", "नोट", "उदाहरण"]
"adminField": ["फिल्ड", "नोट", "उदाहरण"],
"handoffTable": ["वस्तु", "विवरण", "जिम्मेवार"],
"env": ["Environment", "Address example", "Note"],
"envelopeTable": ["Dir", "Message fields", "Note"],
"faq": ["Symptom", "Troubleshooting"]
},
"pages": {
"overview": {
"title": "Integration",
"description": "मुख्य साइट SSO + वालेट गेटवे। पहिचान JWT; रकम मुख्य वालेट र लटरी भित्रको ब्यालेन्समा विभाजित।",
"roles": "भूमिका",
"flow": "प्रवाह",
"e2eSequence": "End-to-end क्रम",
"conventions": "सम्झौता",
"readingOrder": "पढ्ने क्रम",
"title": "Integration overview",
"description": "For main-site developers / integration engineers. You implement: JWT signing + wallet gateway; lottery provides H5 and API.",
"roles": "Roles",
"flow": "Business flow",
"e2eSequence": "End-to-end sequence",
"conventions": "Conventions",
"readingOrder": "Suggested reading order",
"matrix": [
["मुख्य साइट", "JWT जारी; वालेट गेटवे कार्यान्वयन", "साझेदार"],
["लटरी API", "JWT प्रमाणीकरण, खेल, स्थानान्तरण, बेट", "हामी"],
["लटरी H5", "H5 / iframe", "हामी"]
["Main site (partner)", "User login; server-side JWT; wallet gateway", "Partner"],
["Lottery API (us)", "JWT verify, transfer, bet, draw, settlement", "Us"],
["Lottery H5 (us)", "Player UI; iframe or URL entry", "Us"]
],
"flowItems": [
"मुख्य साइट लगइन → JWT जारी",
"लटरी प्रवेश (URL वा iframe)",
"transfer-in → मुख्य डेबिट + लटरी क्रेडिट",
"बेट / सेटल (लटरी ब्यालेन्स)",
"transfer-out → लटरी डेबिट + मुख्य क्रेडिट"
"User logs in on main site → main site server issues short-lived JWT",
"Enter lottery H5 (iframe embed or URL ?token= redirect)",
"Player taps transfer-in in H5 → lottery calls main site debit → lottery balance credited",
"Player bets / wins in H5 (uses lottery balance)",
"(Optional) Player taps transfer-out in H5 → lottery calls main site credit"
],
"e2eRows": [
["1", "मुख्य साइट", "लगइन; JWT जारी"],
["2", "मुख्य साइट", "iframe वा ?token= प्रवेश"],
["3", "लटरी H5", "token + GET /api/v1/player/me"],
["4", "प्लेयर", "H5 मा transfer-in"],
["5", "लटरी API", "POST /wallet/debit-for-lottery"],
["6", "साझेदार वालेट", "main_balance घटाउने"],
["7", "लटरी API", "लटरी भित्र क्रेडिट"],
["8", "प्लेयर", "H5 मा बेट"],
["9", "प्लेयर", "(वैकल्पिक) H5 transfer-out"],
["10", "लटरी API", "POST /wallet/credit-from-lottery"]
["1", "Main site", "User login; server issues JWT (site_code, site_player_id)"],
["2", "Main site", "Embed lottery H5 iframe, or redirect to lottery_h5_base_url/?token="],
["3", "Lottery H5", "Receives JWT; calls GET /api/v1/player/me to verify and auto-provision"],
["4", "Player", "Taps transfer-in in H5"],
["5", "Lottery API", "Server calls main site POST /wallet/debit-for-lottery"],
["6", "Main wallet", "Debit main_balance; return success: true"],
["7", "Lottery API", "Credit lottery balance"],
["8", "Player", "Bets / waits for settlement in H5"],
["9", "Player", "(Optional) taps transfer-out in H5"],
["10", "Lottery API", "Calls main site POST /wallet/credit-from-lottery"]
],
"conventionRows": [
["रकम", "Minor इकाई (पूर्णांक), जस्तै 2000 = 20.00"],
["एन्कोडिङ", "UTF-8 JSON"],
["समय", "JWT: Unix सेकेन्ड (iat / exp)"],
["Auth", "प्लेयर API: Bearer JWT; गेटवे: Bearer wallet_api_key"]
["Amount", "Minor integer units, e.g. 2000 = 20.00 NPR"],
["Encoding", "UTF-8 JSON"],
["Time", "JWT uses Unix seconds (iat / exp); recommend exp - iat ≤ 300 seconds"],
["Player API auth", "Authorization: Bearer {JWT} (main site signs, lottery verifies)"],
["Wallet gateway auth", "Authorization: Bearer {wallet_api_key} (lottery sends on callback)"]
],
"readingItems": ["छिटो सुरु → सेटअप → SSO → iframe → वालेट → त्रुटि → लाइभ"]
"readingItems": [
"Integration delivery — confirm deliverables and environment URLs",
"Quick start — first integration pass",
"Setup — admin site provisioning and key mapping",
"SSO → iframe protocol → wallet gateway",
"Troubleshooting — common issues",
"Go-live checklist — production release checks"
]
},
"delivery": {
"title": "Integration delivery",
"description": "Before integration testing, confirm the following deliverables with sales / support. Test and production environments must be fully isolated.",
"handoffScope": "Integration scope (what you need to do)",
"weProvide": "We provide",
"youProvide": "Partner provides",
"environment": "Environment URLs",
"process": "Typical integration process",
"note": "Secrets (sso_jwt_secret, wallet_api_key) are shown only once after creation — save them securely immediately. Store secrets on the main-site server only; never in frontend or mobile apps. URLs below are Tanumo current defaults; partner deployments follow sales delivery.",
"handoffRows": [
["JWT signing", "Main site server issues HS256 JWT after login; no token-exchange login API", "Partner"],
["Wallet gateway", "Implement balance / debit / credit over HTTPS", "Partner"],
["iframe or URL entry", "Embed lottery H5 or redirect with JWT", "Partner"],
["Lottery H5 + API", "Games, transfer, bet, draw", "Us"],
["Integration site & keys", "Create site_code and deliver secrets", "Us (super admin)"]
],
"provideRows": [
["site_code", "Site code written into JWT"],
["sso_jwt_secret", "JWT signing secret (held by main site)"],
["wallet_api_key", "Bearer secret when lottery calls wallet gateway"],
["lottery_h5_base_url", "Lottery H5 entry; default https://front.tanumo.com"],
["lottery_api_base_url", "Lottery API base; default https://lotterylaravel.tanumo.com"]
],
"submitRows": [
["wallet_api_url", "Partner wallet gateway HTTPS root (publicly reachable)"],
["iframe_allowed_origins", "Main-site origin allowlist (required for iframe; one per line)"],
["Test accounts", "Several site_player_id values with initial main_balance"],
["Egress IP (if needed)", "If gateway uses IP allowlist, request lottery server egress IP"]
],
"environmentRows": [
["Lottery API", "https://lotterylaravel.tanumo.com", "curl: GET /api/v1/player/me"],
["Lottery H5 entry", "https://front.tanumo.com", "iframe / ?token=; wallet example /wallet"],
["Integration docs", "https://lotteryadmin.tanumo.com/docs/integration", "Public documentation"],
["Admin console", "https://lotteryadmin.tanumo.com/admin", "Super admin; Config → Integration sites"],
["Production", "Separate domain and secrets", "site_code, secrets, domains not shared with staging"]
],
"processSteps": [
"Sales opens integration → our super admin creates integration site and delivers keys + H5 URL",
"Partner implements three wallet endpoints on public HTTPS (tunnel OK for staging)",
"Partner fills wallet_api_url, iframe_allowed_origins in admin; run connectivity test",
"Partner implements JWT signing and iframe postMessage (or URL redirect)",
"Complete integration using Quick start acceptance checklist",
"Production: new site, new secrets, full end-to-end retest before go-live"
]
},
"quickstart": {
"title": "छिटो सुरु",
"description": "स्थानीय इन्टिग्रेसन। repo मा main-site/ सन्दर्भ कार्यान्वयन; गोप्य कुञ्जी admin वा lottery .env सँग मिल्नुपर्छ।",
"description": "Assumes Integration delivery is done and you have site_code, secrets, and H5 URL. Follow these steps for first integration pass.",
"prereq": "पूर्वशर्त",
"steps": "इन्टिग्रेसन चरण",
"testAccounts": "परीक्षण खाता (main-site)",
"reference": "सन्दर्भ कार्यान्वयन",
"note": "प्रोडक्सनमा HTTPS र अलग site_code/गोप्य। स्थानीयमा wallet_api_url बिना lottery API stub हुन सक्छ (non-production)।",
"steps": "Integration steps",
"acceptance": "Acceptance checklist",
"note": "JWT must be signed on the main-site server only — never hard-code sso_jwt_secret in frontend. Production wallet_api_url must be public HTTPS.",
"prereqItems": [
"लटरी API (lotterLaravel) र lotteryfront चलिरहेको",
"main-site चलिरहेको (http://localhost:5173)",
"admin मा इन्टिग्रेसन साइट, वा lottery .env MAIN_SITE_* मिलेको"
"Received site_code, sso_jwt_secret, wallet_api_key, lottery_h5_base_url",
"Main site implements GET /wallet/balance, POST /wallet/debit-for-lottery, POST /wallet/credit-from-lottery",
"Admin integration site has wallet_api_url and iframe_allowed_origins; connectivity test passed",
"At least one test site_player_id with sufficient main_balance"
],
"stepItems": [
"सुपर एडमिनले admin मा इन्टिग्रेसन साइट सिर्जना",
"गोप्य .env मा; admin मा wallet_api_url र iframe_allowed_origins",
"लगइन → iframe मा लटरी H5",
"LOTTERY_READY पछि MAIN_INIT_TOKEN",
"H5 मा transfer-in → debit-for-lottery कलब्याक",
"H5 मा बेट",
"(वैकल्पिक) H5 transfer-out",
"acceptance curl जाँच"
"Main-site server implements JWT signing (see SSO jsonwebtoken example)",
"Self-test with curl: Bearer JWT on GET https://lotterylaravel.tanumo.com/api/v1/player/me → code=0",
"Embed <iframe src=\"https://front.tanumo.com\"> on main site; listen for postMessage",
"After LOTTERY_READY, send MAIN_INIT_TOKEN (token at message top level — see iframe page)",
"After H5 enters hall, initiate transfer-in in H5",
"Confirm main site receives POST /wallet/debit-for-lottery with success: true",
"Confirm lottery balance increases in H5; try a bet",
"(Optional) transfer-out in H5; confirm POST /wallet/credit-from-lottery callback",
"Check off acceptance checklist below"
],
"accountRows": [
["alice", "alice123", "10001"],
["bob", "bob123", "10002"],
["demo", "demo123", "10003"]
],
"referenceItems": [
"कोड: monorepo मा main-site/",
"मुख्य: http://localhost:5173; लटरी H5: http://localhost:3800",
"main-site README: env र postMessage",
"सेटअप पृष्ठमा config mapping तालिका"
],
"acceptance": "स्वीकृति सूची",
"acceptanceItems": [
"JWT → curl /player/me code=0",
"debit self-test success:true",
"idempotent_key replay एउटै नतिजा",
"iframe: LOTTERY_READY → MAIN_INIT_TOKEN",
"H5 transfer-in: debit लग"
"JWT self-test: curl https://lotterylaravel.tanumo.com/api/v1/player/me returns code=0, data.site_player_id correct",
"Wallet self-test: curl POST /wallet/debit-for-lottery returns success:true, main_balance debited correctly",
"Idempotency: same idempotent_key replay returns same response, no double debit",
"iframe: LOTTERY_READY → MAIN_INIT_TOKEN → H5 hall loads",
"Transfer-in: success in H5; main-site gateway logs show debit-for-lottery",
"Refresh: after JWT near expiry or LOTTERY_TOKEN_NEEDED, MAIN_REFRESH_TOKEN succeeds"
]
},
"fundamentals": {
"title": "Money model",
"balances": "दुई तह ब्यालेन्स",
"calls": "कल दिशा",
"note": "सबै रकम minor पूर्णांक। क्रेडिट-लाइन प्लेयर यो दस्तावेज बाहिर।",
"balances": "Two balance layers",
"calls": "Call directions",
"note": "All amounts use minor integers. Credit-line (agent) players are out of scope; this doc covers main-site wallet mode only.",
"balanceRows": [
["main_balance", "मुख्य वालेट", "साझेदार गेटवे; लटरी कलब्याक"],
["lottery balance", "लटरी भित्रको ब्यालेन्स", "transfer-in पछि बेटिङ"]
["main_balance", "Main wallet", "Partner gateway; lottery server callbacks debit/credit"],
["lottery balance", "In-lottery balance", "Used for betting after transfer-in; shown in lottery H5"]
],
"callRows": [
["लटरी → मुख्य", "balance / debit / credit", "wallet_api_key"],
["लटरी H5 → लटरी API", "me / transfer / bet", "प्लेयर JWT (मुख्य होइन)"]
["Lottery → main", "GET balance / POST debit / POST credit", "Bearer wallet_api_key"],
["Lottery H5 → lottery API", "me / transfer / bet / balance", "Bearer player JWT (main site not involved)"]
]
},
"setup": {
"title": "Setup",
"description": "इन्टिग्रेसन साइट सिर्जना पछि गोप्य कुञ्जी एक पटक मात्र देखाइन्छ। तुरुन्त सुरक्षित राख्नुहोस्।",
"weProvide": "हामी दिन्छौं",
"youProvide": "साझेदारले दिन्छ",
"defaultPaths": "पूर्वनिर्धारित वालेट पथ",
"description": "Our super admin creates the integration site in admin. Secrets are shown only once — save immediately.",
"weProvide": "After site creation we provide",
"youProvide": "Partner fills / provides",
"defaultPaths": "Default wallet paths",
"envMapping": "Config mapping",
"note": "परीक्षण/प्रोडक्सन अलग। गोप्य मुख्य साइट .env मा म्यानुअल। स्थानीयमा lottery .env MAIN_SITE_* fallback।",
"adminSop": "Admin provisioning (our super admin)",
"network": "Network requirements",
"note": "Test and production site_code, secrets, and domains must be fully isolated. Secrets go in main-site server config — not auto-synced from admin.",
"receiveRows": [
["site_code", "साइट कोड"],
["sso_jwt_secret", "JWT हस्ताक्षर गोप्य (मुख्य साइट)"],
["wallet_api_key", "वालेट कलब्याक auth (मुख्य साइट जाँच)"],
["lottery_h5_base_url", "लटरी प्रवेश URL"]
["site_code", "Site code written into JWT"],
["sso_jwt_secret", "JWT signing secret (main site holds)"],
["wallet_api_key", "Wallet callback auth (main site verifies)"],
["lottery_h5_base_url", "Lottery H5 entry URL"]
],
"provideRows": [
["wallet_api_url", "HTTPS वालेट आधार URL"],
["परीक्षण खाता", "site_player_id + सुरु ब्यालेन्स"],
["iframe origin", "एम्बेड गर्दा मुख्य origin"]
["wallet_api_url", "Partner wallet gateway HTTPS root (no path suffix)"],
["iframe_allowed_origins", "Main-site origin allowlist (iframe mode)"],
["Test accounts", "site_player_id list + initial balance"]
],
"pathRows": [
["GET", "/wallet/balance", "ब्यालेन्स"],
["POST", "/wallet/debit-for-lottery", "डेबिट"],
["POST", "/wallet/credit-from-lottery", "क्रेडिट"]
["GET", "/wallet/balance", "Balance query"],
["POST", "/wallet/debit-for-lottery", "Debit (transfer-in)"],
["POST", "/wallet/credit-from-lottery", "Credit (transfer-out)"]
],
"envMappingRows": [
["site_code", "site_code", "MAIN_SITE_CODE", "JWT + प्लेयर; मिल्नुपर्छ"],
["SSO गोप्य", "sso_jwt_secret", "MAIN_SITE_SSO_JWT_SECRET", "मुख्य हस्ताक्षर; लटरी जाँच"],
["वालेट auth", "wallet_api_key", "MAIN_SITE_WALLET_API_KEY", "लटरी कलब्याक; मुख्य जाँच"],
["वालेट URL", "wallet_api_url", "—", "साझेदार HTTPS आधार"],
["लटरी प्रवेश", "lottery_h5_base_url", "NEXT_PUBLIC_LOTTERY_IFRAME_URL", "redirect/iframe"],
["iframe allowlist", "iframe_allowed_origins", "NEXT_PUBLIC_LOTTERY_ORIGIN", "एम्बेड origin"],
["लटरी API", "—", "LOTTERY_API_BASE_URL", "सन्दर्भ कार्यान्वयन मात्र"]
["site_code", "code", "MAIN_SITE_CODE", "JWT and player provisioning; must match both sides"],
["SSO secret", "sso_jwt_secret", "MAIN_SITE_SSO_JWT_SECRET", "Main site signs JWT; lottery verifies"],
["Wallet auth", "wallet_api_key", "MAIN_SITE_WALLET_API_KEY", "Lottery sends Bearer on callback"],
["Wallet root URL", "wallet_api_url", "(main site deploy)", "Partner HTTPS root; lottery appends /wallet/*"],
["Lottery API", "—", "—", "Default https://lotterylaravel.tanumo.com; player/wallet API root"],
["Lottery H5", "lottery_h5_base_url", "(main site iframe src)", "Default https://front.tanumo.com"],
["iframe allowlist", "iframe_allowed_origins", "(main site origin)", "Must match actual main-site origin"]
],
"adminSop": "Admin provisioning",
"adminSopSteps": [
"सुपर एडमिन → Config → Integration sites",
"साइट सिर्जना: code, name, currency",
"wallet_api_url, lottery_h5_base_url, iframe_allowed_origins",
"sso_jwt_secret, wallet_api_key एक पटक सुरक्षित",
"connectivity test (GET /wallet/balance)",
"प्रोडक्सन: सार्वजनिक HTTPS wallet_api_url"
"Super admin → Config → Integration sites",
"Create site: site_code, name, default currency",
"Fill wallet_api_url (HTTPS root), lottery_h5_base_url, iframe_allowed_origins",
"Save sso_jwt_secret, wallet_api_key shown once after creation",
"Deliver secrets securely to partner; partner configures main-site server",
"Run connectivity test on site list (probes GET /wallet/balance)"
],
"adminFieldRows": [
["code", "JWT site_code", "demo"],
["wallet_api_url", "HTTPS wallet base", "https://wallet.partner.com"],
["lottery_h5_base_url", "H5 entry", "https://lottery.partner.com"],
["iframe_allowed_origins", "Parent origins", "https://www.partner.com"],
["sso_jwt_secret", "एक पटक", "—"],
["wallet_api_key", "एक पटक", "—"]
["code", "Site code for JWT site_code", "partner_demo"],
["wallet_api_url", "Partner wallet gateway HTTPS root", "https://wallet.partner.com"],
["lottery_h5_base_url", "Lottery H5 entry", "https://front.tanumo.com"],
["iframe_allowed_origins", "Allowed parent origins", "https://www.partner.com"],
["sso_jwt_secret", "Shown once after creation", "—"],
["wallet_api_key", "Shown once after creation", "—"]
],
"network": "Network",
"networkItems": [
"वालेट कलब्याक server-to-server",
"प्रोडक्सन: HTTPS सार्वजनिक मात्र",
"पथ: /wallet/balance, debit, credit",
"timeout ≤ 10s"
"Wallet callbacks originate from lottery server (not player browser); gateway must be reachable from lottery servers",
"Production wallet_api_url must be public HTTPS (no localhost / private IP)",
"Default paths /wallet/balance, /wallet/debit-for-lottery, /wallet/credit-from-lottery (path prefix configurable in admin)",
"Recommend timeout ≤ 10 seconds; timeout may leave transfer in pending reconciliation"
]
},
"sso": {
"title": "SSO",
"description": "HS256 JWT। मुख्य साइट हस्ताक्षर; लटरी प्रमाणीकरण। प्रवेश: URL वा iframe postMessage",
"claims": "Claims",
"sign": "Sign",
"entryA": "Entry A — redirect",
"entryB": "Entry B — iframe",
"noExchangeNote": "लटरीमा token-exchange login API छैन। मुख्य साइट लगइन पछि JWT जारी गर्नुहोस्; player API मा Authorization: Bearer। पहिलो वैध GET /api/v1/player/me ले प्लेयर auto-provision गर्छ।",
"entryApi": "Entry API (लटरी)",
"entryApiNote": "वैकल्पिक: लगइन पछि मुख्य साइटले एक पटक server-side कल गर्न सक्छ (main-site हेर्नुहोस्)। दैनिक play API लटरी H5 ले कल गर्छ।",
"publicApis": "सार्वजनिक API (token बिना)",
"h5ScopeNote": "स्थानान्तरण, बेट, लटरी ब्यालेन्स हाम्रो H5 ले JWT सँग कल गर्छ — मुख्य साइट इन्टिग्रेसन दायरा बाहिर। तपाईंले JWT जारी र वालेट गेटवे मात्र।",
"partnerApis": "मुख्य साइट API (साझेदार कार्यान्वयन)",
"refreshNote": "iframe refresh: LOTTERY_TOKEN_NEEDED मा नयाँ JWT जारी गरी MAIN_REFRESH_TOKEN पठाउनुहोस्। main-site POST /api/auth/refresh हेर्नुहोस्।",
"authResponse": "Auth असफल response",
"errors": "Errors",
"iframeNote": "iframe_allowed_origins सेट गर्नुहोस्। token पछि LOTTERY_READY दोहोर्याउनुहोस्।",
"description": "HS256 JWT. Main site signs; lottery verifies. Entry: URL ?token= or iframe postMessage.",
"claims": "JWT claims",
"sign": "Signing example (Node.js)",
"entryA": "Method A — URL redirect",
"entryB": "Method B — iframe postMessage",
"noExchangeNote": "Lottery has no token-exchange login API. Main site issues JWT after login; player APIs use Authorization: Bearer with the same JWT. First valid GET /api/v1/player/me auto-provisions the player — no separate login call.",
"entryApi": "Verify and provision",
"entryApiNote": "Optional: main site may call GET /api/v1/player/me once server-side after login as a pre-check. Daily play (transfer, bet) is called by lottery H5 with JWT — main site does not integrate those APIs.",
"publicApis": "Public APIs (no token)",
"h5ScopeNote": "Transfer, bet, in-lottery balance queries are called by our H5 with JWT — outside main-site integration scope. Main site only: ① issue JWT ② implement wallet gateway.",
"refreshNote": "iframe refresh: on LOTTERY_TOKEN_NEEDED or LOTTERY_TOKEN_REFRESH_REQUEST, re-issue JWT and send MAIN_REFRESH_TOKEN. See iframe protocol page.",
"authResponse": "Auth failure example",
"errors": "SSO error codes",
"iframeNote": "Configure iframe_allowed_origins. Pass token via postMessage top-level field token — not inside payload.",
"claimRows": [
["site_code", "string", "Y", "इन्टिग्रेसन साइट कोड"],
["site_player_id", "string", "Y", "स्थिर मुख्य साइट प्रयोगकर्ता ID"],
["iat", "number", "Y", "जारी समय (सेकेन्ड)"],
["exp", "number", "Y", "म्याद (सेकेन्ड); ≤ 300s"]
["site_code", "string", "Y", "Integration site code matching admin"],
["site_player_id", "string", "Y", "Stable main-site user ID"],
["iat", "number", "Y", "Issued at (Unix seconds)"],
["exp", "number", "Y", "Expiry (Unix seconds); exp - iat ≤ 300"]
],
"messageRows": [
["→ मुख्य", "LOTTERY_READY", "चाइल्ड तयार"],
["→ मुख्य", "LOTTERY_TOKEN_NEEDED", "रिफ्रेस अनुरोध"],
["→ लटरी", "MAIN_INIT_TOKEN", "{ token }"],
["→ लटरी", "MAIN_REFRESH_TOKEN", "{ token }"]
["→ main", "LOTTERY_READY", "Child ready; requests token"],
["→ main", "LOTTERY_TOKEN_NEEDED", "Token invalid; requests refresh"],
["→ lottery", "MAIN_INIT_TOKEN", "Top-level token field"],
["→ lottery", "MAIN_REFRESH_TOKEN", "Top-level token field"]
],
"publicApiRows": [
["GET", "/api/v1/player/ping", "Player API connectivity"],
["GET", "/api/v1/integration/runtime-origins", "iframe allowlist origins"]
],
"partnerApiRows": [
["POST", "/api/auth/refresh", "(सन्दर्भ) JWT re-issue → MAIN_REFRESH_TOKEN"]
["GET", "/api/v1/player/ping", "Player API connectivity probe"],
["GET", "/api/v1/integration/runtime-origins", "iframe allowed embed origins"]
],
"errorRows": [
["8001", "Authorization छैन"],
["8002", "JWT अमान्य वा म्याद सकियो"],
["8003", "प्लेयर छैन"],
["8004", "SSO गोप्य सेट छैन"],
["8005", "खाता निलम्बित"]
["8001", "Missing Authorization header"],
["8002", "JWT invalid or expired (wrong secret, exp passed, bad signature)"],
["8003", "Player not provisioned (SSO me auto-provisions; rare in normal flow)"],
["8004", "SSO secret not configured (site issue — contact us)"],
["8005", "Account suspended (site disabled or player frozen)"]
]
},
"iframe": {
"title": "iframe protocol",
"description": "H5 embed गर्दा postMessage। URL redirect मात्र भए यो अध्याय छोड्न सकिन्छ।",
"sequence": "क्रम",
"envelope": "सन्देश संरचना",
"childMessages": "लटरी → मुख्य",
"parentMessages": "मुख्य → लटरी",
"targetOrigin": "targetOrigin",
"envelopeNote": "JSON। लटरी LOTTERY_*; मुख्य MAIN_*। timestamp र source सिफारिस।",
"targetOriginNote": "targetOrigin ठोस origin हुनुपर्छ, * होइन। iframe_allowed_origins मा मात्र।",
"timingNote": "MAIN_INIT_TOKEN पछि LOTTERY_READY दोहोर्याउनुहोस्। LOTTERY_TOKEN_NEEDED / LOTTERY_TOKEN_REFRESH_REQUEST → MAIN_REFRESH_TOKEN।",
"description": "postMessage contract when main site embeds lottery H5. Skip this chapter if using URL ?token= redirect only.",
"sequence": "Recommended sequence",
"envelopeSection": "Message format (note direction differences)",
"childMessages": "Lottery → main",
"parentMessages": "Main → lottery",
"example": "Main-site integration example",
"targetOrigin": "targetOrigin security",
"envelopeNote": "Common mistake: putting token in payload.token. Lottery H5 reads data.token at the message top level.",
"targetOriginNote": "postMessage second argument must be lottery H5 origin (default https://front.tanumo.com), never *. Main site validates event.origin; iframe_allowed_origins is the main-site origin.",
"timingNote": "After MAIN_INIT_TOKEN the lottery child does not send LOTTERY_READY again. Refresh: LOTTERY_TOKEN_NEEDED → main sends MAIN_REFRESH_TOKEN (top-level token).",
"sequenceSteps": [
"iframe embed",
"LOTTERY_READY",
"MAIN_INIT_TOKEN",
"/player/me",
"LOTTERY_TOKEN_NEEDED → MAIN_REFRESH_TOKEN"
"Embed <iframe src=\"{lottery_h5_base_url}\">",
"Lottery H5 validates allowlist and sends LOTTERY_READY",
"Main listens for message, validates origin, sends MAIN_INIT_TOKEN (top-level token)",
"Lottery H5 stores token, calls GET /api/v1/player/me to enter",
"JWT nearing expiry: lottery sends LOTTERY_TOKEN_NEEDED → main sends MAIN_REFRESH_TOKEN"
],
"envelopeRows": [
["Lottery → main", "type + payload + timestamp", "e.g. LOTTERY_READY; business data in payload"],
["Main → lottery", "type + token + timestamp", "token must be top-level, not nested in payload"]
],
"childMessageRows": [
["→ मुख्य", "LOTTERY_READY", "तयार"],
["→ मुख्य", "LOTTERY_TOKEN_NEEDED", "रिफ्रेस"],
["→ मुख्य", "LOTTERY_TOKEN_REFRESH_REQUEST", "सक्रिय रिफ्रेस"],
["→ मुख्य", "LOTTERY_HEARTBEAT", "हार्टबिट"],
["→ मुख्य", "LOTTERY_TOKEN_REFRESHED", "रिफ्रेस सफल"]
["→ main", "LOTTERY_READY", "Child ready; requests token"],
["→ main", "LOTTERY_TOKEN_NEEDED", "Token invalid; requests refresh"],
["→ main", "LOTTERY_TOKEN_REFRESH_REQUEST", "Active refresh request"],
["→ main", "LOTTERY_HEARTBEAT", "Heartbeat (may ignore)"],
["→ main", "LOTTERY_TOKEN_REFRESHED", "Refresh succeeded (child → main)"]
],
"parentMessageRows": [
["→ लटरी", "MAIN_INIT_TOKEN", "{ token }"],
["→ लटरी", "MAIN_REFRESH_TOKEN", "{ token }"],
["→ लटरी", "MAIN_REQUEST_STATUS", "स्थिति"],
["→ लटरी", "MAIN_NAVIGATE", "{ path }"]
["→ lottery", "MAIN_INIT_TOKEN", "First delivery; top-level token field"],
["→ lottery", "MAIN_REFRESH_TOKEN", "Refresh; top-level token field"],
["→ lottery", "MAIN_REQUEST_STATUS", "Request child status"],
["→ lottery", "MAIN_NAVIGATE", "Navigate to path"]
]
},
"wallet": {
"title": "Wallet gateway",
"description": "साझेदारले कार्यान्वयन। लटरी server-to-server। Auth: Bearer wallet_api_key",
"balance": "GET balance",
"debit": "POST debit",
"credit": "POST credit",
"response": "Response",
"description": "Implemented by partner. Called by lottery server (not player browser). Auth: Authorization: Bearer {wallet_api_key}.",
"balance": "Query balance",
"debit": "Debit (transfer-in)",
"credit": "Credit (transfer-out)",
"response": "Response example",
"httpContract": "HTTP contract",
"httpErrors": "HTTP errors",
"creditNote": "Body debit जस्तै; transfer-out वा refund।",
"idempotentNote": "idempotent_key: एउटै key + operation ले पहिलो JSON (HTTP 200); दोहोरो लेखा निषेध।",
"creditNote": "Same body as debit; used for transfer-out or rollback credit.",
"idempotentNote": "idempotent_key: same key + same amount must return first JSON (HTTP 200), no double booking; same key different amount → success: false.",
"queryRows": [
["site_code", "string", ""],
["site_player_id", "string", ""],
["currency_code", "string", ""]
["site_code", "string", "Site code"],
["site_player_id", "string", "Main-site user ID"],
["currency_code", "string", "Currency code"]
],
"fieldRows": [
["site_code", "string", ""],
["site_player_id", "string", ""],
["player_id", "number", "लटरी प्लेयर ID"],
["currency_code", "string", ""],
["amount_minor", "integer", "धनात्मक minor"],
["idempotent_key", "string", "इडेम्पोटेन्सी"]
["site_code", "string", "Site code"],
["site_player_id", "string", "Main-site user ID"],
["player_id", "number", "Lottery player ID (reference)"],
["currency_code", "string", "Currency code"],
["amount_minor", "integer", "Positive minor integer"],
["idempotent_key", "string", "Idempotency key, globally unique"]
],
"httpErrorRows": [
["401", "unauthorized", "API Key गलत"],
["422", "invalid request", "फिल्ड/रकम गलत"],
["409", "main balance insufficient", "व्यापार अस्वीकार; data.main_balance हुन सक्छ"]
["401", "unauthorized", "wallet_api_key wrong or missing"],
["422", "invalid request", "Missing fields or invalid amount_minor"],
["409", "main balance insufficient", "Business rejection e.g. insufficient balance"]
],
"httpContractRows": [
["डेबिट/क्रेडिट सफल", "200", "success: true; external_ref_no + data.main_balance"],
["ब्यालेन्स सफल", "200", "success: true; data.main_balance + currency_code"],
["अमान्य params", "422", "success: false; message: invalid request"],
["Unauthorized", "401", "success: false; message: unauthorized"],
["व्यापार अस्वीकार", "409", "success: false; message"],
["इडेम्पोटेन्ट replay", "200", "पहिलो response जस्तै JSON"]
["Debit/credit success", "200", "success: true; external_ref_no (recommended) + data.main_balance"],
["Balance success", "200", "success: true; data.main_balance + currency_code"],
["Invalid params", "422", "success: false; message: invalid request"],
["Auth failure", "401", "success: false; message: unauthorized"],
["Business rejection", "409", "success: false; message explains reason"],
["Idempotent replay", "200", "Identical to first success/rejection response"]
]
},
"transfer": {
"title": "स्थानान्तरण (सन्दर्भ)",
"description": "आन्तरिक: लटरी H5 ले कल गर्छ, साझेदार इन्टिग्रेसन होइन।",
"outOfScopeNote": "साझेदारले यी API कार्यान्वयन गर्नुपर्दैन। transfer हाम्रो H5 ले JWT सँग कल गर्छ; तपाईंले वालेट गेटवे debit/credit मात्र।",
"requestFields": "अनुरोध फिल्ड",
"transferIn": "transfer-in",
"transferOut": "transfer-out",
"transferResponse": "सफल response",
"errors": "सामान्य त्रुटि",
"inNote": "लटरी debit-for-lottery → लटरी भित्र क्रेडिट।",
"outNote": "लटरी डेबिट → credit-from-lottery",
"responseNote": "transfer-in/out एउटै संरचना; direction in/out। इडेम्पोटेन्ट replay एउटै data",
"description": "For understanding how funds move between sides — not a partner integration surface.",
"outOfScopeNote": "Partner does not implement these APIs. Transfer-in/out is called by our H5 with player JWT; partner only implements wallet gateway debit/credit.",
"requestFields": "Request fields",
"transferIn": "Transfer-in (main → lottery)",
"transferOut": "Transfer-out (lottery → main)",
"transferResponse": "Success response",
"errors": "Common error codes",
"inNote": "Flow: player H5 initiates transfer-in → lottery calls main debit-for-lottery → lottery balance credited.",
"outNote": "Flow: player H5 initiates transfer-out → lottery debits → lottery calls main credit-from-lottery.",
"responseNote": "Transfer-in and transfer-out share the same response shape; direction is in / out. Idempotent replay returns same data.",
"requestFieldRows": [
["amount", "integer", "धनात्मक minor"],
["currency", "string", "वैकल्पिक; default_currency"],
["idempotent_key", "string", "अद्वितीय; retry एउटै नतिजा"]
["amount", "integer", "Positive minor integer"],
["currency", "string", "Optional; defaults to player default_currency"],
["idempotent_key", "string", "Globally unique; retries must return same result"]
],
"errorRows": [
["1001", "लटरी ब्यालेन्स अपर्याप्त (transfer-out)"],
["1009", "मुख्य वालेट असफल"],
["1010", "इडेम्पोटेन्सी द्वन्द्व"],
["2003", "पहिले transfer-in"]
["1001", "Insufficient lottery balance (transfer-out)"],
["1009", "Main wallet processing failed (gateway unreachable, 401, timeout, etc.)"],
["1010", "Idempotency conflict (same key, different amount)"],
["2003", "Transfer in before betting"]
]
},
"errors": {
"title": "Errors",
"sso": "SSO",
"lotteryWallet": "Lottery wallet",
"gateway": "Wallet gateway (HTTP)",
"idempotentNote": "एउटै idempotent_key ले एउटै नतिजा; फरक रकम → 1010।",
"sso": "SSO auth",
"lotteryWallet": "Lottery wallet / transfer",
"gateway": "Partner wallet gateway (HTTP)",
"idempotentNote": "Idempotency: same idempotent_key + same amount → same result; same key different amount → 1010 or success:false.",
"ssoRows": [
["8001", "Authorization छैन"],
["8002", "JWT अमान्य वा म्याद सकियो"],
["8003", "प्लेयर छैन"],
["8004", "SSO गोप्य सेट छैन"],
["8005", "खाता निलम्बित"]
["8001", "Missing Authorization header"],
["8002", "JWT invalid or expired"],
["8003", "Player not provisioned (SSO me auto-provisions in normal flow)"],
["8004", "SSO secret not configured"],
["8005", "Account suspended"]
],
"lotteryRows": [
["1001", "लटरी ब्यालेन्स अपर्याप्त"],
["1009", "मुख्य वालेट असफल"],
["1010", "इडेम्पोटेन्सी द्वन्द्व"],
["2003", "पहिले transfer-in"]
["1001", "Insufficient lottery balance"],
["1009", "Main wallet processing failed"],
["1010", "Idempotency conflict"],
["2003", "Transfer in before betting"]
],
"gatewayRows": [
["401", "unauthorized", "API Key गलत"],
["422", "invalid request", "फिल्ड/रकम गलत"],
["409", "—", "व्यापार अस्वीकार"]
["401", "unauthorized", "API Key wrong"],
["422", "invalid request", "Invalid field or amount"],
["409", "—", "Business rejection (e.g. insufficient balance)"]
]
},
"troubleshooting": {
"title": "Troubleshooting",
"description": "Match symptoms below. If still stuck, contact integration support with site_code, timestamp, and request ID.",
"faq": "FAQ",
"jwt": "JWT / entry",
"iframe": "iframe",
"wallet": "Wallet gateway",
"note": "During integration, verify JWT (/player/me) and wallet (/wallet/balance) with curl separately before full iframe flow.",
"faqRows": [
["curl /player/me returns 8002", "Check sso_jwt_secret matches admin site; site_code matches; exp not passed (≤300s)"],
["iframe blank / no hall", "Check token is postMessage top-level; MAIN_INIT_TOKEN after LOTTERY_READY; iframe_allowed_origins includes main origin"],
["Transfer-in fails 1009", "Can lottery server reach wallet_api_url; wallet_api_key correct; debit returns 200 + success:true"],
["Connectivity test fails", "wallet_api_url must be public HTTPS; GET /wallet/balance reachable with Bearer wallet_api_key"],
["8005 account frozen", "Check integration site enabled in admin; site_player_id not frozen"]
],
"jwtRows": [
["8002 Token invalid", "Wrong secret / exp passed / wrong site_code / algorithm not HS256"],
["8004 SSO not configured", "Contact us to confirm site sso_jwt_secret is set"],
["me code=0 but H5 still fails", "iframe token differs from curl test token, or token nested in payload not top-level"]
],
"iframeRows": [
["No LOTTERY_READY", "iframe src is lottery_h5_base_url; H5 finished loading"],
["postMessage no response", "targetOrigin is lottery H5 origin (not main-site origin)"],
["Repeated token spam", "After MAIN_INIT_TOKEN child should not send LOTTERY_READY again"],
["Refresh fails", "Main listens for LOTTERY_TOKEN_NEEDED and replies MAIN_REFRESH_TOKEN"]
],
"walletRows": [
["401 unauthorized", "wallet_api_key does not match admin site"],
["409 insufficient balance", "Test account main_balance too low; check amount_minor units"],
["Double debit", "idempotent_key not idempotent; same key must return first response"],
["Lottery never calls debit", "wallet_api_url unreachable or connectivity test not passed"]
]
},
"golive": {
"title": "Go-live",
"checklist": "Checklist",
"description": "Before production release, confirm integration passed with account manager and complete checks below.",
"deliveryChecklist": "Delivery and process",
"checklist": "Technical checklist",
"deliveryItems": [
"Production integration site created separately (site_code, secrets isolated from staging)",
"Secrets stored securely in main-site production config (not frontend)",
"wallet_api_url is production public HTTPS; connectivity test passed",
"iframe_allowed_origins includes production main-site origin",
"Full integration log archived (transfer-in → bet → settlement → transfer-out)"
],
"items": [
"परीक्षण/प्रोडक्सन site_code, गोप्य, डोमेन अलग",
"JWT सर्वर-साइड मात्र, TTL ≤ 5min",
"वालेट HTTPS, timeout ≤ 10s",
"idempotent_key इडेम्पोटेन्सी",
"iframe: iframe_allowed_origins",
"पूर्ण: transfer-in → bet → settle → transfer-out"
"JWT server-side only, TTL ≤ 5 minutes",
"Wallet three endpoints HTTPS, timeout ≤ 10s, idempotency implemented",
"iframe: postMessage token top-level, origin validation enabled",
"Test vs production: site_code, secrets, domains fully separated",
"Monitoring: wallet gateway 4xx/5xx and debit/credit log alerts",
"Rollback plan: can temporarily disable integration site"
]
}
}