@simplr-ai/node 1.0.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +132 -2
- package/dist/index.cjs +524 -2
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +401 -2
- package/dist/index.d.ts +401 -2
- package/dist/index.js +519 -2
- package/dist/index.js.map +1 -1
- package/package.json +14 -3
package/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Simplr's **server-side** SDK for Node.js — run fraud/identity checks, score orders, ingest edge logs, and verify webhook signatures, all with your secret key.
|
|
4
4
|
|
|
5
|
-
> This is the backend SDK. For client-side device signals, RUM, and feature-flag evaluation use [`@simplr-ai/
|
|
5
|
+
> This is the backend SDK. For client-side device signals, RUM, and feature-flag evaluation use [`@simplr-ai/js`](https://www.npmjs.com/package/@simplr-ai/js) (browser) or `simplr_fraud` (Flutter).
|
|
6
6
|
|
|
7
7
|
Docs: https://docs.simplr.so/docs/sdks/node
|
|
8
8
|
|
|
@@ -73,7 +73,7 @@ import { Simplr } from "@simplr-ai/node";
|
|
|
73
73
|
const simplr = new Simplr({ apiKey: process.env.SIMPLR_API_KEY! });
|
|
74
74
|
const app = express();
|
|
75
75
|
|
|
76
|
-
app.post("/hooks/
|
|
76
|
+
app.post("/hooks/simplr", express.raw({ type: "application/json" }), (req, res) => {
|
|
77
77
|
const sig = req.header("X-Simplr-Signature")!;
|
|
78
78
|
try {
|
|
79
79
|
const event = simplr.webhooks.constructEvent(req.body, sig, process.env.SIMPLR_WEBHOOK_SECRET!);
|
|
@@ -87,6 +87,136 @@ app.post("/hooks/simplify", express.raw({ type: "application/json" }), (req, res
|
|
|
87
87
|
|
|
88
88
|
`verify(payload, header, secret, { toleranceSec })` returns a boolean; `constructEvent(...)` returns the parsed event or throws `WebhookVerificationError`.
|
|
89
89
|
|
|
90
|
+
## Server-side feature flags
|
|
91
|
+
|
|
92
|
+
Evaluate flags on the backend. Flag config is read with a **public** key (`pk_…`), so pass one alongside your secret key; evaluation is local and deterministic (same bucketing as the browser SDK).
|
|
93
|
+
|
|
94
|
+
```ts
|
|
95
|
+
const simplr = new Simplr({
|
|
96
|
+
apiKey: process.env.SIMPLR_API_KEY!, // sk_… for checks/orders/etc.
|
|
97
|
+
publicKey: process.env.SIMPLR_PUBLIC_KEY!, // pk_… for flags
|
|
98
|
+
});
|
|
99
|
+
|
|
100
|
+
await simplr.flags.initialize();
|
|
101
|
+
simplr.flags.setUser("user_123");
|
|
102
|
+
|
|
103
|
+
if (simplr.flags.isEnabled("new-checkout")) {
|
|
104
|
+
// gate a backend code path
|
|
105
|
+
}
|
|
106
|
+
simplr.flags.isEnabled("beta", { userId: "u1", attributes: { plan: "growth" } });
|
|
107
|
+
```
|
|
108
|
+
|
|
109
|
+
### Targeting a named environment
|
|
110
|
+
|
|
111
|
+
`environment` accepts a named environment slug (e.g. `"dev"`, `"uat"`, `"prod"`) as well as the legacy `"live"`/`"test"` key modes. When omitted, the API falls back to the public key's own live/test mode.
|
|
112
|
+
|
|
113
|
+
```ts
|
|
114
|
+
// On the Simplr client (forwarded to simplr.flags):
|
|
115
|
+
const simplr = new Simplr({ apiKey, publicKey, environment: "uat" });
|
|
116
|
+
|
|
117
|
+
// Or standalone:
|
|
118
|
+
import { SimplrFlags } from "@simplr-ai/node";
|
|
119
|
+
const flags = new SimplrFlags({ publicKey, environment: "uat" });
|
|
120
|
+
await flags.initialize();
|
|
121
|
+
```
|
|
122
|
+
|
|
123
|
+
You can also use `SimplrFlags` standalone.
|
|
124
|
+
|
|
125
|
+
## Profiles (`simplr.profiles`)
|
|
126
|
+
|
|
127
|
+
Anonymous user profiles + order fraud monitoring. Identify a user, score orders, read a user's risk, and report outcomes back to improve scoring.
|
|
128
|
+
|
|
129
|
+
```ts
|
|
130
|
+
// Create/update an anonymous profile and (optionally) link a device.
|
|
131
|
+
const { profile, is_new } = await simplr.profiles.identify("user-123", {
|
|
132
|
+
profileType: "customer",
|
|
133
|
+
fingerprintHash: "9f2a…", // from a client device-signal collector
|
|
134
|
+
});
|
|
135
|
+
|
|
136
|
+
// Score an order.
|
|
137
|
+
const result = await simplr.profiles.submitOrder({
|
|
138
|
+
order_id: "order-1",
|
|
139
|
+
external_id: "user-123",
|
|
140
|
+
amount: 4999,
|
|
141
|
+
currency: "USD",
|
|
142
|
+
});
|
|
143
|
+
|
|
144
|
+
// Read a user's current risk profile.
|
|
145
|
+
const risk = await simplr.profiles.getProfileRisk("user-123");
|
|
146
|
+
|
|
147
|
+
// Feed back a confirmed outcome (chargeback, manual review, …).
|
|
148
|
+
await simplr.profiles.reportOutcome("user-123", "fraud"); // or "legitimate"
|
|
149
|
+
```
|
|
150
|
+
|
|
151
|
+
## RUM (`simplr.rum`)
|
|
152
|
+
|
|
153
|
+
Server-side Real User Monitoring. Events are batched and flushed to `/v1/rum/events`. The flush timer is installed with `unref()`, so it never keeps your process alive. There is no DOM auto-capture on the server — report views/actions/errors/logs explicitly.
|
|
154
|
+
|
|
155
|
+
```ts
|
|
156
|
+
simplr.rum.initialize({ applicationId: "my-api", environment: "production" });
|
|
157
|
+
|
|
158
|
+
simplr.rum.setUser("user-123", { plan: "pro" });
|
|
159
|
+
simplr.rum.addAttribute("region", "eu-west-1");
|
|
160
|
+
|
|
161
|
+
simplr.rum.trackView("POST /checkout");
|
|
162
|
+
simplr.rum.trackAction("charge_card", { gateway: "stripe" });
|
|
163
|
+
simplr.rum.log("info", "checkout completed", { orderId: "order-1" });
|
|
164
|
+
|
|
165
|
+
try {
|
|
166
|
+
// …
|
|
167
|
+
} catch (err) {
|
|
168
|
+
simplr.rum.trackError(err as Error);
|
|
169
|
+
}
|
|
170
|
+
|
|
171
|
+
await simplr.rum.flush(); // force a flush
|
|
172
|
+
await simplr.rum.stopSession(); // emit session_end, flush, stop timer
|
|
173
|
+
```
|
|
174
|
+
|
|
175
|
+
## AI delegation (`simplr.ai`)
|
|
176
|
+
|
|
177
|
+
OAuth-like AI authentication — mint, validate, and revoke delegation tokens that an end user shares with their AI agent.
|
|
178
|
+
|
|
179
|
+
```ts
|
|
180
|
+
// Mint a token (only returned once).
|
|
181
|
+
const delegation = await simplr.ai.createDelegation({
|
|
182
|
+
userId: "user-123",
|
|
183
|
+
binding: "verified_device",
|
|
184
|
+
expiresInDays: 7,
|
|
185
|
+
fingerprintHash: "9f2a…",
|
|
186
|
+
});
|
|
187
|
+
|
|
188
|
+
// Validate (introspect) an incoming token on your AI gateway.
|
|
189
|
+
const check = await simplr.ai.validate(token, { aiProvider: "anthropic", action: "read_orders" });
|
|
190
|
+
if (!check.valid) { /* reject */ }
|
|
191
|
+
|
|
192
|
+
// Manage delegations.
|
|
193
|
+
await simplr.ai.list("user-123");
|
|
194
|
+
await simplr.ai.get(delegation.delegationId);
|
|
195
|
+
await simplr.ai.stats();
|
|
196
|
+
await simplr.ai.revoke(delegation.delegationId, "user revoked");
|
|
197
|
+
await simplr.ai.revokeAllForUser("user-123", "logout"); // returns count
|
|
198
|
+
|
|
199
|
+
```
|
|
200
|
+
|
|
201
|
+
> The browser SDK's interactive `connect()` popup flow is web-only and is intentionally omitted from the server SDK.
|
|
202
|
+
|
|
203
|
+
## Admin / measurement (`SimplrAdmin`)
|
|
204
|
+
|
|
205
|
+
Dashboard operations — usage/measurement, feature-flag CRUD, and RUM analytics — require a **portal token** (JWT), not an API key:
|
|
206
|
+
|
|
207
|
+
```ts
|
|
208
|
+
import { SimplrAdmin } from "@simplr-ai/node";
|
|
209
|
+
|
|
210
|
+
const admin = new SimplrAdmin({ token: process.env.SIMPLR_PORTAL_TOKEN! });
|
|
211
|
+
|
|
212
|
+
await admin.usage.stats(orgId); // usage counters
|
|
213
|
+
await admin.usage.billing(orgId); // per-service totals + estimated cost (API measurement)
|
|
214
|
+
await admin.flags.create(orgId, { key: "new-checkout", environment: "test", rollout_percentage: 10 });
|
|
215
|
+
await admin.flags.update(orgId, flagId, { rollout_percentage: 50 });
|
|
216
|
+
await admin.rum.overview(orgId, { application_id: "my-app" });
|
|
217
|
+
await admin.rum.sessions(orgId, { page: 1, limit: 50 });
|
|
218
|
+
```
|
|
219
|
+
|
|
90
220
|
## Errors
|
|
91
221
|
|
|
92
222
|
Non-2xx responses throw `SimplrError` with `.status` and `.body`.
|