Passport strategy for authenticating with Slack using the OAuth 2.0 API.
$ npm install passport-slack
The Slack authentication strategy authenticates users using a Slack
account and OAuth 2.0 tokens. The strategy requires a verify
callback, which
accepts these credentials and calls done
providing a user, as well as
options
specifying a client ID, client secret, and callback URL.
passport.use(new SlackStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET
},
function(accessToken, refreshToken, profile, done) {
User.findOrCreate({ SlackId: profile.id }, function (err, user) {
return done(err, user);
});
}
));
Use passport.authorize()
, specifying the 'slack'
strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/slack',
passport.authorize('slack'));
app.get('/auth/slack/callback',
passport.authorize('slack', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
By default passport-slack strategy will try to retrieve user profile from Slack. This requires users:read
scope. To avoid getting profile, pass skipUserProfile
option to strategy:
passport.use(new SlackStrategy({
clientID: settings.clientID,
clientSecret: app.settings.clientSecret,
callbackURL: app.settings.callbackURL,
scope: 'incoming-webhook',
skipUserProfile: true
}, ()=>{})
Or if you want to get profile:
passport.use(new SlackStrategy({
clientID: settings.clientID,
clientSecret: app.settings.clientSecret,
callbackURL: app.settings.callbackURL,
scope: 'incoming-webhook users:read'
}, ()=>{})
Copyright (c) 2014 Michael Pearson