npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

lotayadingacuponsdk

v1.0.2

Published

Lotaya Dinga Gift Code SDK for partner apps

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

htetrkarlwinhtetrkarlwin

Keywords

lotayalotayadingagift-codesdkreact-nativejavascript

Readme

Lotaya Dinga Gift SDK

React Native / JavaScript SDK for generating Lotaya Dinga redeemable gift codes from partner apps.

Partner apps can use this SDK to request gift codes from the Lotaya Dinga Gift Code Network. Users redeem those codes inside the Lotaya Dinga app to receive points or rewards.

Installation

npm install lotayadingacuponsdk

For local testing before publishing to npm:

npm install /path/to/lotaya-gift-sdk/lotayadingacuponsdk-1.0.2.tgz

Example:

npm install /Users/rkar/lotaya-gift-sdk/lotayadingacuponsdk-1.0.2.tgz

Basic Usage

import { LotayaGiftSDK } from "lotayadingacuponsdk";

LotayaGiftSDK.init({
  appKey: "YOUR_PARTNER_APP_KEY",
  packageName: "YOUR_APP_PACKAGE_NAME",
});

const result = await LotayaGiftSDK.generateCode({
  sourceUserId: "partner_user_123",
  sourceDeviceId: "device_abc_123",
  sourceEmail: "[email protected]",
});

if (result.status) {
  console.log("Gift Code:", result.code);
  console.log("Reward Points:", result.reward_points);
  console.log("Expires At:", result.expires_at);
} else {
  console.log("Error:", result.message);
}

Example for TeleMusic:

LotayaGiftSDK.init({
  appKey: "YOUR_TELEMUSIC_PARTNER_APP_KEY",
  packageName: "io.telemusic.app",
});

React Native Example

import React, { useEffect, useState } from "react";
import { Alert, Button, Text, View } from "react-native";
import { LotayaGiftSDK } from "lotayadingacuponsdk";

export default function GiftCodeScreen() {
  const [giftCode, setGiftCode] = useState<string | null>(null);
  const [loading, setLoading] = useState(false);

  useEffect(() => {
    LotayaGiftSDK.init({
      appKey: "YOUR_PARTNER_APP_KEY",
      packageName: "YOUR_APP_PACKAGE_NAME",
    });
  }, []);

  const generateGiftCode = async () => {
    setLoading(true);
    const result = await LotayaGiftSDK.generateCode({
      sourceUserId: "partner_user_123",
      sourceDeviceId: "device_abc_123",
      sourceEmail: "[email protected]",
    });
    setLoading(false);

    if (result.status) {
      setGiftCode(result.code);
      Alert.alert(
        "Gift Code Generated",
        `Your code is ${result.code}. Redeem it in the Lotaya Dinga app.`
      );
    } else {
      Alert.alert("Error", result.message);
    }
  };

  return (
    <View style={{ padding: 20 }}>
      <Button
        title={loading ? "Generating..." : "Generate Gift Code"}
        onPress={generateGiftCode}
        disabled={loading}
      />
      {giftCode ? (
        <Text style={{ marginTop: 20, fontSize: 18, fontWeight: "bold" }}>
          Gift Code: {giftCode}
        </Text>
      ) : null}
    </View>
  );
}

SDK Configuration

LotayaGiftSDK.init({
  appKey: "YOUR_PARTNER_APP_KEY",
  packageName: "YOUR_APP_PACKAGE_NAME",
  timeoutMs: 15000,
});

| Option | Required | Description | | --- | --- | --- | | appKey | Yes | Partner app key from the Lotaya Dinga Admin Panel. | | packageName | Recommended | Partner app package name registered in the Lotaya Dinga Admin Panel. Sent as X-Package-Name. | | timeoutMs | No | Request timeout in milliseconds. Default is 15000. | | baseUrl | No | Advanced option for staging or private API environments. Must use HTTPS, except http://localhost for local testing. |

Advanced Custom API Environment

Most apps do not need to set baseUrl.

Use this only for staging, testing, or private API environments:

LotayaGiftSDK.init({
  appKey: "YOUR_PARTNER_APP_KEY",
  packageName: "YOUR_APP_PACKAGE_NAME",
  baseUrl: "https://api.lotayadinga.app/api",
});

Generate Code Parameters

const result = await LotayaGiftSDK.generateCode({
  sourceUserId: "partner_user_123",
  sourceDeviceId: "device_abc_123",
  sourceEmail: "[email protected]",
});

| Field | Required | Description | | --- | --- | --- | | sourceUserId | No | User ID from the partner app. | | sourceDeviceId | No | Device ID from the partner app. | | sourceEmail | No | User email from the partner app. |

Recommended: send at least sourceUserId or sourceDeviceId to help prevent duplicate gift code abuse. Some partner apps may require at least one of these fields, depending on the backend configuration.

Success Response

{
  "status": true,
  "existing": false,
  "code": "LD-TE-FIEFG0",
  "reward_points": 100,
  "expires_at": "2026-07-14 22:35:38",
  "source_app": {
    "id": 1,
    "name": "TeleMusic"
  },
  "redeem_message": "Redeem this code in Lotaya Dinga App."
}

Error Responses

Invalid app key:

{
  "status": false,
  "message": "Invalid app key"
}

Package name missing:

{
  "status": false,
  "message": "Package name header is required"
}

Package name mismatch:

{
  "status": false,
  "message": "Package name mismatch"
}

Daily limit reached:

{
  "status": false,
  "message": "Daily code limit reached"
}

Missing source identity:

{
  "status": false,
  "message": "source_user_id or source_device_id is required"
}

User daily limit reached:

{
  "status": false,
  "message": "Daily user code limit reached"
}

Device daily limit reached:

{
  "status": false,
  "message": "Daily device code limit reached"
}

Partner app paused or blocked:

{
  "status": false,
  "message": "Partner app is not active"
}

The SDK also normalizes client-side failures:

| Message | Meaning | | --- | --- | | Request timeout | The request exceeded timeoutMs. | | Network error or platform error text | The device could not reach the API. | | HTTP <status> | The server returned a non-contract HTTP error. | | Invalid server response | The server returned successful JSON that does not match the SDK response contract. |

Redeem Flow

The SDK only generates gift codes.

Users must redeem the generated code inside the Lotaya Dinga app.

Recommended user message inside partner apps:

Your Gift Code: LD-TE-FIEFG0
Open the Lotaya Dinga app and redeem this code to get reward points.

Security Notes

  • Each partner app must use its own partner app key.
  • The partner app key can only generate gift codes.
  • The partner app key cannot redeem codes, directly add points, or access admin data.
  • Redeem is only allowed inside the Lotaya Dinga app.
  • A gift code must be redeemable only once.
  • Partner app reward points, package name, daily limits, per-user/per-device limits, and status must be enforced by the Lotaya Dinga backend.
  • packageName is an additional validation layer. It helps prevent accidental misuse, but mobile app headers can still be spoofed.
  • Do not put admin keys, user tokens, private backend secrets, or service-role credentials inside partner apps.
  • Treat appKey as a public client credential, not as a backend secret. It must be rate-limited and revocable.

Backend Security Checklist

The SDK cannot fully protect reward abuse by itself because client apps can be reverse engineered. The backend should enforce:

  • HTTPS-only production API endpoints.
  • Per-app key status checks, key rotation, and revoke support.
  • Registered package name validation.
  • Daily and per-user/per-device generation limits.
  • Optional source identity requirement, requiring either sourceUserId or sourceDeviceId.
  • One-time redeem with an atomic database update.
  • Code expiration.
  • Duplicate generation protection using sourceUserId or sourceDeviceId.
  • Audit logs for generate and redeem events.
  • Abuse monitoring by app key, IP, user ID, device ID, and redeem velocity.
  • Optional mobile attestation such as Play Integrity or App Attest for higher-risk partner apps.

cURL Test

curl -X POST "https://api.lotayadinga.app/api/sdk/v1/gift-code/generate" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -H "X-App-Key: YOUR_PARTNER_APP_KEY" \
  -H "X-Package-Name: YOUR_APP_PACKAGE_NAME" \
  -d '{
    "source_user_id": "partner_user_123",
    "source_device_id": "device_abc_123",
    "source_email": "[email protected]"
  }'

Development

npm install
npm test
npm pack --dry-run

npm test builds dist and runs the SDK contract tests.

License

MIT