toc

Creating a Cage

Verifying phone numbers with a Cage.

The magic of Evervault is that although you never handle sensitive data in plaintext, you can still use and process it — without the risk of it being breached. This is where Evervault Cages come in. Cages are isolated serverless functions hosted on Evervault for processing the data you encrypt with Relay.

Now we’re going to create and deploy a Cage to verify that the phone numbers submitted to your form are valid.

Creating a Cage

First, in the Evervault Dashboard, create a Cage using our GitHub integration. Select Choose template and, then, authenticate with GitHub. For this, you’ll need a GitHub account — so, create a GitHub account if you haven't got one already. Once you’ve authenticated with GitHub, you can select the ‘Verify Phone’ Cage template. This will automatically deploy a Cage on Evervault and create a repository in your GitHub. We recommend naming the repo 'verify-phone-number'.

Create a Cage

Navigate to your new repo in GitHub (the URL is available on your Cage's page in the Evervault Dashboard). You’ll notice that the index.js file contains the following code:

javascript
const { phone: validatePhone } = require('phone');
exports.handler = async ({ phone }) => {
const { isValid, countryIso2: country } = validatePhone(phone);
return {
isValid,
country,
};
};

Verifying phone numbers

This Cage uses the phone library to validate the phone number and returns the result.

Now that you know what the Cage does, it’s time to run it. Update the try block of your POST /submit handler to contain the following:

javascript
// Extract name and phone from the JSON the user sends from the form
const { name, phone } = req.body;
console.log('Sending SMS for', { name, phone });
// Verify phone number using a Cage
// Will return a result including valid true:false,
// as well as country code information
const { result } = await evervault.run('verify-phone-number', { phone });
// If the phone number is valid, send the SMS through Twilio
if (result.isValid) {
console.log('Verified');
} else {
// If the phone number is not valid, return an error to the user
console.log('Phone number not valid');
return res.json({ success: false });
}
return res.json({ success: true });

Note: If you did not name your GitHub repo 'verify-phone-number', make sure you reference the correct repo in this snippet of code.

Complete the form hosted on your Relay domain again. In the Replit console, you should see Verified or an error message returned. Notice that the phone number remains encrypted in the Console log.

Let’s summarize where you are. You’ve:

  1. Created an Express.js server (index.js),
  2. Created a HTML form for collecting a name and a phone number from a user (index.html),
  3. Connected your form to your server,
  4. Integrated Evervault Relay so that phone numbers submitted to your form are encrypted before they enter your server,
  5. Included the Evervault SDK so that outbound requests from your server are automatically decrypted, and
  6. Deployed a Cage to verify that phone numbers are valid.

Great! Now that you've used a Cage to verify the user's phone number, it’s time to use Twilio to send them an SMS.


Was this page useful?