Passport strategy for authenticating with Slack using the OAuth 2.0 API.
$ npm install passport-slack
The Slack authentication strategy authenticates users using a Slack
account and OAuth 2.0 tokens. The strategy requires a verify callback, which
accepts these credentials and calls done providing a user, as well as
options specifying a client ID, client secret, and callback URL.
passport.use(new SlackStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET
},
function(accessToken, refreshToken, profile, done) {
User.findOrCreate({ SlackId: profile.id }, function (err, user) {
return done(err, user);
});
}
));
Use passport.authorize() (or passport.authenticate() if you want to authenticate with Slack and affect req.user and user session), specifying the 'slack' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/slack',
passport.authorize('slack'));
app.get('/auth/slack/callback',
passport.authorize('slack', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
By default passport-slack strategy will try to retrieve user profile from Slack. This requires users:read scope. To completely avoid getting profile, pass skipUserProfile option to strategy or if you just need basic user info, pass extendedUserProfile: false to strategy instead:
passport.use(new SlackStrategy({
clientID: settings.clientID,
clientSecret: app.settings.clientSecret,
callbackURL: app.settings.callbackURL,
scope: 'incoming-webhook',
skipUserProfile: true
}, ()=>{})Or if you want to get basic profile:
passport.use(new SlackStrategy({
clientID: settings.clientID,
clientSecret: app.settings.clientSecret,
callbackURL: app.settings.callbackURL,
scope: 'incoming-webhook users:read',
extendedUserProfile: false
}, ()=>{})Copyright (c) 2014 Michael Pearson