Product guides

Installation

Suggest Edits

Prerequisites

The HUMAN Edgio Enforcer uses Node.js and Edgio's CDN as Code. Ensure you've satisfied the Edgio prerequisites.

📘

Note

The Enforcer is supported for Edgio Core v6.x and Node.js 16.

Installation

  1. Create an Edgio property (if you haven't already) by following the instructions here.
  2. Install the HUMAN Enforcer into your Edgio project.
npm i --save @humansecurity/edgio-enforcer
yarn add @humansecurity/edgio-enforcer
  1. Integrate the HUMAN Enforcer into your routes.js file.

For an out-of-the box Router with the HUMAN Enforcer integrated into it already, simply import and use the createDefaultEnforcedRouter function.

import { createDefaultEnforcedRouter } from '@humansecurity/edgio-enforcer';

// define human security configuration
const params = {
    px_app_id: '<APP_ID>',
    px_auth_token: process.env.PX_AUTH_TOKEN,
    px_cookie_secret: process.env.PX_COOKIE_SECRET,
};

// create and export default enforced router with origin name and configuration parameters
export default createDefaultEnforcedRouter('origin', params);

The example below shows what the createDefaultEnforcedRouter() function does behind the scenes. For a more customized solution (e.g., multiple route patterns, multiple origins), create a new HumanSecurity instance and use it on your Router's match functions as needed.

import { Router } from '@edgio/core';
import { HumanSecurity } from '@humansecurity/edgio-enforcer';

const ORIGIN_NAME = 'origin';

// define human security configuration
const params = {
    px_app_id: '<APP_ID>',
    px_auth_token: process.env.PX_AUTH_TOKEN,
    px_cookie_secret: process.env.PX_COOKIE_SECRET,
};

// create new instance of HumanSecurity with configuration parameters
const human = new HumanSecurity(params);

export default new Router()
    // Match first party paths before handling static content
    .match(...human.matchFirstParty())

    // Avoid calling compute for static content
    .match(...human.matchFilteredExtensions(ORIGIN_NAME))

    // HUMAN will enforce all routes that weren't handled prior
    .match('/:path*', ({ compute, proxy, cache }) => {
        // Disable the cache
        cache({ edge: false, browser: false });

        // Call Edgio compute
        compute(async (request, response) => {
            // create new enforcer inside compute function
            const enforcer = human.createEnforcer();

            // call enforce and await the response
            const res = await enforcer.enforce(request, response);

            // return if the response exists
            if (res) return;

            // proxy to the origin
            return await proxy(ORIGIN_NAME, {
                // call to postEnforce when response is received
                transformResponse: (response) => enforcer.postEnforce(response),
            });
        });
    })

🚧

Matching static content must be done before match calls that invoke compute to ensure caching.

  1. Add any environment variables needed and deploy to your desired Edgio environment.
edgio deploy

Updated 12 days ago