Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@dodgeball/trust-sdk-server

Package Overview
Dependencies
Maintainers
3
Versions
24
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@dodgeball/trust-sdk-server

Dodgeball Server SDK

  • 0.0.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
25
increased by212.5%
Maintainers
3
Weekly downloads
 
Created
Source

Dodgeball Server Trust SDK for NodeJS

The Dodgeball Server Trust SDK allows you to decouple trust and safety requirements from your application code. Dodgeball serves as an abstraction layer for the various integrations your application requires when performing risky actions. For example, instead of directly integrating fraud engines, 2FA, KYC providers, and bot prevention solutions into your application, use Dodgeball to decouple these requirements from your application code. Your trust and safety teams focus on ensuring your application is safe and secure, and you focus on your application's business logic. When threats evolve or new vulnerabilities are identified, your application can be updated to mitigate these risks without having to change a single line of code or add support for a new integration.

Check out the Dodgeball Trust Client SDK for how to integrate Dodgeball into your client applications.

Installation

Use npm to install the Dodgeball module:

npm install @dodgeball/trust-sdk-server

Alternatively, using yarn:

yarn add @dodgeball/trust-sdk-server

Usage

import { Dodgeball } from '@dodgeball/trust-sdk-server';
import express from 'express';

const app = express();
const dodgeball = new Dodgeball(process.env.DODGEBALL_SECRET_KEY);

app.post('/api/orders', async (req, res) => {
  const verifyEvent = {
    type: 'PLACE_ORDER',
    data: {
      order: req.body.order
    }
  };

  // Call the Dodgeball API to verify the event is allowed to proceed
  const verifyResponse = await dodgeball.verify({
    event: verifyEvent,
    sourceId: req.body.sourceId,
    useVerification: req.body.verification,
    options: {
      sync: true
    }
  });

  if (dodgeball.isAllowed(verifyResponse)) {
    const placedOrder = await database.createOrder(req.body.order); // Proceed with placing the order
    return res.status(200).json({
      order: placedOrder
    });
  } else if (dodgeball.isPending(verifyResponse)){
    return res.status(202).json({
      verification: verifyResponse.verification
    });
  } else if (dodgeball.isDenied(verifyResponse)){
    return res.status(403).json({
      verification: verifyResponse.verification
    });
  } else {
    return res.status(500).json({
      message: verifyResponse.errors
    });
  }
});

app.listen(process.env.APP_PORT, () => {
  console.log(`Listening on port ${process.env.APP_PORT}`);
});

FAQs

Package last updated on 10 Dec 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc