@dodgeball/trust-sdk-server
Advanced tools
The Dodgeball Server Trust SDK allows you to decouple trust and safety requirements from your application code. Dodgeball serves as an abstraction layer for the various integrations your application requires when performing risky actions. For example, instead of directly integrating fraud engines, 2FA, KYC providers, and bot prevention solutions into your application, use Dodgeball to decouple these requirements from your application code. Your trust and safety teams focus on ensuring your application is safe and secure, and you focus on your application's business logic. When threats evolve or new vulnerabilities are identified, your application can be updated to mitigate these risks without having to change a single line of code or add support for a new integration.
Check out the Dodgeball Trust Client SDK for how to integrate Dodgeball into your client applications.
Use npm to install the Dodgeball module:
npm install @dodgeball/trust-sdk-server
Alternatively, using yarn:
yarn add @dodgeball/trust-sdk-server
import { Dodgeball } from '@dodgeball/trust-sdk-server';
import express from 'express';
const app = express();
const dodgeball = new Dodgeball(process.env.DODGEBALL_SECRET_KEY);
app.post('/api/orders', async (req, res) => {
const verifyEvent = {
type: 'PLACE_ORDER',
data: {
order: req.body.order
}
};
// Call the Dodgeball API to verify the event is allowed to proceed
const verifyResponse = await dodgeball.verify({
event: verifyEvent,
sourceId: req.body.sourceId,
useVerification: req.body.verification,
options: {
sync: true
}
});
if (dodgeball.isAllowed(verifyResponse)) {
const placedOrder = await database.createOrder(req.body.order); // Proceed with placing the order
return res.status(200).json({
order: placedOrder
});
} else if (dodgeball.isPending(verifyResponse)){
return res.status(202).json({
verification: verifyResponse.verification
});
} else if (dodgeball.isDenied(verifyResponse)){
return res.status(403).json({
verification: verifyResponse.verification
});
} else {
return res.status(500).json({
message: verifyResponse.errors
});
}
});
app.listen(process.env.APP_PORT, () => {
console.log(`Listening on port ${process.env.APP_PORT}`);
});
FAQs
Dodgeball Server SDK
The npm package @dodgeball/trust-sdk-server receives a total of 23 weekly downloads. As such, @dodgeball/trust-sdk-server popularity was classified as not popular.
We found that @dodgeball/trust-sdk-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.