@dodgeball/trust-sdk-server
Advanced tools
The Dodgeball Server Trust SDK allows you to decouple trust and safety requirements from your application code. Dodgeball serves as an abstraction layer for the various integrations your application requires when performing risky actions. For example, instead of directly integrating fraud engines, 2FA, KYC providers, and bot prevention solutions into your application, use Dodgeball to decouple these requirements from your application code. Your trust and safety teams focus on ensuring your application is safe and secure, and you focus on your application's business logic. When threats evolve or new vulnerabilities are identified, your application can be updated to mitigate these risks without having to change a single line of code or add support for a new integration.
Check out the Dodgeball Trust Client SDK for how to integrate Dodgeball into your client applications.
Use npm to install the Dodgeball module:
npm install @dodgeball/trust-sdk-server
Alternatively, using yarn:
yarn add @dodgeball/trust-sdk-server
import { Dodgeball } from '@dodgeball/trust-sdk-server';
import express from 'express';
const app = express();
const dodgeball = new Dodgeball(process.env.DODGEBALL_SECRET_KEY);
app.post('/api/orders', async (req, res) => {
// Call the Dodgeball API to verify the event is allowed to proceed
const verifyResponse = await dodgeball.verify({
workflow: {
type: 'PLACE_ORDER',
data: {
order: req.body.order
}
},
dodgeballId: req.body.dodgeballId,
useVerification: req.body.verification,
options: {
sync: true
}
});
if (dodgeball.isAllowed(verifyResponse)) {
const placedOrder = await database.createOrder(req.body.order); // Proceed with placing the order
return res.status(200).json({
order: placedOrder
});
} else if (dodgeball.isPending(verifyResponse)){
return res.status(202).json({
verification: verifyResponse.verification
});
} else if (dodgeball.isDenied(verifyResponse)){
return res.status(403).json({
verification: verifyResponse.verification
});
} else {
return res.status(500).json({
message: verifyResponse.errors
});
}
});
app.listen(process.env.APP_PORT, () => {
console.log(`Listening on port ${process.env.APP_PORT}`);
});
FAQs
Dodgeball Server SDK
The npm package @dodgeball/trust-sdk-server receives a total of 189 weekly downloads. As such, @dodgeball/trust-sdk-server popularity was classified as not popular.
We found that @dodgeball/trust-sdk-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.