请求格式

REST 通用

Content-Type: application/json
Authorization: Bearer <JWT>   # Admin / submit-answer

verify-code

{ code: string; playerId: string; }  // code: 6 digits, playerId: UUID

next-question

{ question: string; optionA: string; optionB: string; }

submit-answer

{ answer: 'A' | 'B'; }

JWT Payload

interface JWTPayload {
  email: string;       // player:uuid@game.local 或 staff email
  id: string;
  isAdmin?: boolean;
  isDisplay?: boolean;
  iss: 'lottery-frontend';
  aud: 'lottery-backend';
}

NextAuth Credentials

player-code

{ code: string; playerId: string; }

staff-credentials

{ email: string; password: string; }

内部 email 格式

player:<uuid>@game.local

由 player-registry.ts → toInternalEmail() 生成。

题目 ID

q_<Date.now()>