How to upgrade from v1 to v2

This guide will help you navigate through changes included in version 2 of the Node.js integration for a successful upgrade.

Version 2 brings new module packages that are adapted to the environment where DataDome will run.

📘

Documentation for version 2

Please refer to the new documentation for detailed instructions on how to use version 2 of the module.

Overview of the changes

  • Deprecation of the @datadome/node-module package
  • Introduction of two new packages:
    • @datadome/module-express for usage with the Express framework
    • @datadome/module-http for usage with the built-in HTTP module from Node.js
  • Renaming and deprecation of some options
  • Migration to TypeScript
  • Support of Node.js upgraded to version 18 and higher

Migration steps

Step 1: Uninstall @datadome/node-module

Remove the v1 package from your project:

npm uninstall @datadome/node-module

Step 2: Install the new package

You need to install only one package, depending on your usage:

If you use the Express framework

Install the @datadome/module-express package on your project:

npm install @datadome/module-express

If you use the built-in HTTP module

Install the @datadome/module-http package on your project:

npm install @datadome/module-http

Step 3: Update your integration

If you use the Express framework

  1. Update the import statement
const { DataDomeExpress } = require('@datadome/module-express');
const DataDome = require('@datadome/node-module');
  1. Update the parameters to instantiate the DatadomeExpress class
const datadomeClient = new DatadomeExpress('Some key');
const datadomeClient = new DataDome('Some Key', 'api.datadome.co');
  1. Use the middleware method to protect your Express application
const app = express();

app.use(datadomeClient.middleware());
const app = express();

app.use(function (req, resp, next) {
  datadomeClient.authCallback(
    req,
    resp,
    function () {
      console.log('Passed');
      next();
    },
    function () {
      console.log('Rejected');
    }
  );
});

📘

This implementation provides a basic setup for typical use cases.

For more advanced configurations, please refer to the new documentation.

You are now using the new Express integration!

If you use the built-in HTTP module

  1. Update the import statement
const { DataDomeHttp } = require('@datadome/module-http');
const DataDome = require('@datadome/node-module');
  1. Update the parameters to instantiate the DatadomeHttp class and remove the handlers for the blocked and valid events
    Note: The handlers will be re-implemented on the next step in the request listener of http.createServer
const datadomeClient = new DatadomeHttp('Some key');
const datadomeClient = new DataDome('Some Key', 'api.datadome.co')
      .on('blocked', function(req) {
          console.log('DataDome blocked this request');
      })
      .on('valid', function(req, res) {
          console.log('DataDome passed this request');
          res.statusCode = 200;
          res.setHeader('Content-Type', 'text/plain');
          res.end('Hello World');
      });
  1. Update the request listener for http.createServer:
    1. Make it async to allow the use of await
    2. Handle results from the DataDome middleware
const server = http.createServer(async (req, res) => {
  const { result, error } = await datadomeClient.handleRequest(req, res);
  if (result === 'ALLOW') { // This section corresponds to the 'valid' event
    console.log('Request allowed');
    if (error) {
      console.error(error);
    }
  } else { // This section corresponds to the 'blocked' event
    console.log('Request challenged');
  }
  if (req.url === '/') {
    res.statusCode = 200;
    res.setHeader('Content-Type', 'text/plain');
    res.end('Hello World');
  } else {
    res.statusCode = 404;
    res.setHeader('Content-Type', 'text/plain');
    res.end('Not Found');
  }
});
const server = http.createServer((req, res) => {
  datadomeClient.auth(req, res);
});

You are now using the new HTTP integration!

Step 4: Update your configuration

The constructor of each module accepts an object as its second parameter to customize the behavior of the module.

The table below lists options from v1 and their counterparts for v2:

Option name (v1)Option name (v2)DescriptionDefault value
sslREMOVEDUse HTTPS to connect to the Protection API.true
portREMOVEDPort of the Protection API to connect to.443
pathREMOVEDPath to route payloads on the Protection API.'/validate-request/'
timeouttimeoutTimeout in milliseconds, after which the request will be allowed.150
uriRegexurlPatternInclusionRegex to match to process the request with the Protection API.
If null, all requests that don't match urlPatternExclusion will be processed.
null
uriRegexExclusionurlPatternExclusionRegex to match to exclude requests from being processed with the Protection API.
If null, all requests will be processed.
\.(avi|flv|mka|mkv|mov|mp4|mpeg|mpg|mp3|flac|ogg|ogm|opus|wav|webm|webp|bmp|gif|ico|jpeg|jpg|png|svg|svgz|swf|eot|otf|ttf|woff|woff2|css|less|js|map|json|avif|xml|gz|zip)$
-endpointHostHost of the Protection API.'api.datadome.co'